《Android 软件安全与逆向分析》这本书在讲解DexClassData时很简略,只说了u4是LEB128编码的东西。 DexClassData中的几个指针成员指什么地方也没提。[C++] 纯文本查看 复制代码 typedef struct DexClassData {
DexClassDataHeader header;
DexField* staticFields;
DexField* instanceFields;
DexMethod* directMethods;
DexMethod* virtualMethods;
} DexClassData;
网上查的资料显示:
encoded_field[static_fields_size]..... 我就依葫芦画瓢下了下面代码:
[C++] 纯文本查看 复制代码 DexClassData *cdata;
cdata=(DexClassData *)&f.pBuffer[f.ClassDefs[i].classDataOff];
u=f.GetClassMethodSize(cdata);
for (int y = 0; y < u; y++)
{
DexMethod *df;
u4 uid;
df=f.GetClassMethod(cdata);
uid=readU4Leb128(&df[y].methodIdx);
u2 classId;
u2 protoId;
u4 nameIdx;
DexTypeList *list;
classId=f.Method_ids[uid].classIdx;
protoId=f.Method_ids[uid].protoIdx;
nameIdx=f.Method_ids[uid].nameIdx;
.....................................................................
寻址代码:
[C++] 纯文本查看 复制代码 DexField *CDexFile::GetClassStaticField(DexClassData *classdef)
{
char *pbuf;
pbuf=(char *)classdef;
return (DexField *)&pbuf[sizeof(DexClassDataHeader)];//越过DexClassDataHeader
}
DexField *CDexFile::GetClassField(DexClassData *classdef)
{
char *pbuf;
pbuf=(char *)GetClassStaticField(classdef);
return (DexField *)&pbuf[GetClassStaticFieldSize(classdef)*sizeof(DexField)];
}
DexMethod *CDexFile::GetClassMethod(DexClassData *classdef)
{
char *pbuf;
pbuf=(char *)GetClassField(classdef);
return (DexMethod * )&pbuf[GetClassFieldSize(classdef)*sizeof(DexField)];
}
DexMethod *CDexFile::GetClassVirtualMethod(DexClassData *classdef)
{
char *pbuf;
pbuf=(char *)GetClassMethod(classdef);
return (DexMethod *)&pbuf[GetClassMethodSize(classdef)*sizeof(DexMethod)];
}
| 
