Review

Detector:

Study002

Target:

project '

class_name

' version

1

Tags:

Potential Misuse

Anomaly identified by the detector. Please review whether this anomaly corresponds to a misuse.

Finding:	3
In File:	1AE933AF160CDBB3B9FE63D3540C18038A1F91D676605995183F988F95FD17E2-enjarify.jar:com/zhineng/huoche/xx/b/E
In Method:
Code with Finding:	/* * Decompiled with CFR 0_128. * * Could not load the following classes: * android.content.Context * com.zhineng.huoche.xx.a.A * com.zhineng.huoche.xx.a.E * com.zhineng.huoche.xx.a.I * com.zhineng.huoche.xx.a.m / package com.zhineng.huoche.xx.b; import android.content.Context; import com.zhineng.huoche.xx.a.A; import com.zhineng.huoche.xx.a.I; import com.zhineng.huoche.xx.a.m; import java.io.File; import java.lang.reflect.Constructor; import java.lang.reflect.Method; public class E { private static / synthetic / E A; private / synthetic / Object K; private / synthetic / Class cdtUQ; public static String cdtUQ(Context context) { StringBuilder stringBuilder = new StringBuilder(); String string = I.C; string = context.getDir(string, 0).getAbsolutePath(); stringBuilder = stringBuilder.insert(0, string); string = com.zhineng.huoche.xx.a.E.cdtUQ((String)"\b"); return stringBuilder.append(string).toString(); } public static String cdtUQ(String string) { int n = string.length(); char[] arrc = new char[n]; int n2 = n += -1; while (n >= 0) { n = string.charAt(n2); int n3 = n2 + -1; arrc[n2] = n = (int)((char)(n ^ 28)); if (n3 < 0) break; n = n3 + -1; arrc[n3] = n2 = (int)((char)(string.charAt(n3) ^ 49)); n2 = n; } String string2 = new String(arrc); return string2; } public static E e(Context context) { Object object = A; if (object == null) { object = new Object(); A = object; object = E.cdtUQ(context); E e = A; CharSequence charSequence = new CharSequence(); charSequence = charSequence.insert(0, (String)object); String string = I.G; charSequence = charSequence.append(string).toString(); string = ""; e.cdtUQ((String)charSequence, (String)object, string, context); } return A; } / * Enabled force condition propagation * Lifted jumps to return sites / public Object cdtUQ(Class class_, Object object, String string, Object[] arrobject, Class[] arrclass) { Method method; boolean bl; Object object2 = null; try { method = class_.getMethod(string, arrclass); bl = true; } catch (Exception exception) { exception.printStackTrace(); return object2; } method.setAccessible(bl); return method.invoke(object, arrobject); } public Object cdtUQ(String string, Object[] arrobject, Class[] arrclass) { Class class_ = this.cdtUQ; Object object = this.K; return this.cdtUQ(class_, object, string, arrobject, arrclass); } public void cdtUQ() { String string = A.h; Object[] arrobject = new Object[]{}; Class[] arrclass = new Class[]{}; this.cdtUQ(string, arrobject, arrclass); } / * Enabled force condition propagation * Lifted jumps to return sites / public void cdtUQ(String string, String string2, String string3, Context context) { Object object; try { object = A.g; } catch (Exception exception) { exception.printStackTrace(); return; } object = Class.forName((String)object); this.cdtUQ = object; int n = 4; object = new Class[n]; int n2 = 3; int n3 = 2; int n4 = 1; int n5 = 0; Class<String> class_ = null; Class<String> class_2 = String.class; object[0] = class_2; class_ = String.class; object[n4] = class_; Object object2 = String.class; object[n3] = object2; Object object3 = A.L; object3 = Class.forName((String)object3); object[n2] = object3; Object[] arrobject = this.cdtUQ; object = arrobject.getConstructor(object); n2 = 4; arrobject = new Object[n2]; n3 = 3; n4 = 2; n5 = 1; class_2 = null; arrobject[0] = string; arrobject[n5] = string2; arrobject[n4] = string3; object2 = this.f(context); arrobject[n3] = object2; object = object.newInstance(arrobject); this.K = object; do { return; break; } while (true); } public Class e(String string) { int n = 1; String string2 = A.I; Object[] arrobject = new Object[n]; arrobject[0] = string; Class[] arrclass = new Class[n]; arrclass[0] = String.class; return (Class)this.cdtUQ(string2, arrobject, arrclass); } / * Enabled force condition propagation * Lifted jumps to return sites */ public Object f(Context context) { byte[] arrby; Object object = Context.class; try { arrby = m.G; } catch (Exception exception) { object = null; exception.printStackTrace(); return object; } Object[] arrobject = new Object[](arrby); arrby = null; arrby = new Class[]{}; object = object.getMethod((String)arrobject, (Class<?>[])arrby); arrobject = null; arrobject = new Object[]{}; return object.invoke((Object)context, arrobject); } }

Metadata

Hit	Rank	Category	Fqn	JarFile	MethodSignature	NotInLiterals	Pc	Potential Decrypted String	SinkFqn	SinkPC	SinkSignature	Violations
?	3	class_name	com/zhineng/huoche/xx/b/E	1AE933AF160CDBB3B9FE63D3540C18038A1F91D676605995183F988F95FD17E2-enjarify.jar	void cdtUQ(java.lang.String,java.lang.String,java.lang.String,android.content.Context)	1	75	java.lang.ClassLoader	java/lang/Class	82	java.lang.Class forName(java.lang.String)