IDA Pro 6.8 bug when handling Java .class files

We will be studying the following file,
If you try to fire up IDA Pro 6.8 and open the given .class file, and also if you take a look into "I" method, you will notice that it contains an exception handler.
If you switch to the Text view and look at the bottom of the "I" method, you should have something that looks like the following:

The phrase given at the end of the method is not correct:

;met001_slot000                                ; DATA XREF: I+23 r ...
    .var 0 is a Ljava/lang/String; from met001_begin to met001_end
;met001_slot001                                ; DATA XREF: I+11 r ...
    .var 1 is a Ljava/lang/String; from met001_begin to met001_end
  .end method

Because, if you take a look at the very first instruction of the exception handler you will find:

met001_37:                                     ; DATA XREF: I:met001_50 i
    astore_1 ; met001_slot001
  .line 253
    new java/lang/Exception
    aload_1 ; met001_slot001
    invokevirtual java/lang/Exception.getMessage()Ljava/lang/String;
    invokespecial java/lang/Exception.<init>(Ljava/lang/String;)V
met001_end:                                    ; DATA XREF: met001_slot000 i ...

    .catch java/lang/Exception from met001_begin to met001_35 using \

The astore_1 at this context stores an object of type java/lang/Exception into the local variable 1. Meanwhile, IDA Pro happily rely on the argument type which is java/lang/String and does not give any hint that warns the average user that the type may or may not always of the given aforementioned type.

Stay safe.


Popular posts from this blog

Playing with VMProtect - Sample devirtualizeme32_vmp_3.0.9_v2

RTCDbg Announcement: Progress after 6 months