Library to read, write, analyze, and process java bytecode
ReferenceValueFactory
, ParticularReferenceValueFactory
should be used instead.ValueFactory
taking an Object
as parameter. The alternatives using ParticularObject
should be used instead.ExecutingInvocationUnit
to be customizable using executors. Improve checking whether method instance should be replaced in stack and variables.ReflectionExecutor
.ExecutingInvocationUnit
.ParticularObject
as the value tracked by ParticularReferenceValue
. This makes explicit which kind of values can be tracked during the analysis, and introduces the possibility of tracking a model of the values that differ from the actual tracked object.JvmValueTransferRelation
to work correctly with ExecutingInvocationUnit
.ReturnClassExtractor
returning the last parameter type instead of null for primitive return values.ExecutorMethodSignatureMatcher
trying to mutate an immutable map.TypedReferenceValue.cast()
not handling null values correctly.TypedReferenceValue.generalize()
not setting mayBeExtension
to true when generalizing to common parent type.PartialEvaluator
messages when an ExcessiveComplexityException
occurs.HAS_ANNOTATION
common flag.PartialEvaluator
error message format by default.ClassReferenceFixer
.MaxStackSizeComputer
to compute the maximum stack size of a code attribute which is more memory efficient than the existing StackSizeComputer
.IdentifiedArrayReferenceValue.generalize()
to maintain ID
when applied to two instances with same ID
.PartialEvaluator
JSON output for use with the new proguard-core-visualizer tool.PartialEvaluator
error messages when enabled with PartialEvaluator.Builder.setPrettyPrinting()
.PartialEvaluator
https://guardsquare.github.io/proguard-core/partialevaluator.html.UnsupportedOperationException
when trying to shrink Kotlin metadata from a lambda function.NonEmptyAttributeFilter
. (#118)ProguardCoreException
subclasses with more specific meanings.TaintSink
can now be configured with a predicate to filter on which TaintSource
s trigger it.DynamicClassReferenceInitializer
.DynamicClassMemberReferenceInitializer
.JvmInvokeTaintSink
are now deprecated, JvmInvokeTaintSink#Builder
should be used instead.MultiTypedReferenceValue.generalize()
now removes the null
type from the set of potential types, and sets maybeNull
on the other types instead.kotlinx
metadata dependency to version 0.6.0.CodeAttributeEditor
.ClassReferenceInitializer
when initializing Kotlin type aliases.ClassPool.removeClass
.ExecutingInvocationUnit
by using ExecutingInvocationUnit.Builder
.ExecutingInvocationUnit
to approximate reference of types not supported for the execution via reflection.Autocloseable
in DataEntryWriter
interface.JvmTransferRelation
does not store anymore static variables with default value, reducing the dataflow analysis state space.JvmAbstractState
to allow correct use with hash sets.JvmTransferRelation
handling arithmetic instructions returning category 2 values incorrectly.proguard.evaluation.value.ParticularValueFactory#createReferenceValueNull()
.JvmAbstractState
has been updated to include the field type to disambiguate between
overloaded fields.allNodes
field in proguard.analysis.cpa.defaults.Cfa
with getAllNodes
method to save memory.ExecutingInvocationUnit
is deprecated, use ExecutingInvocationUnit.Builder
instead.proguard.classfile.VersionConstants.MAX_SUPPORTED_VERSION
to 64.65535
(Java 20 + preview enabled).IdentifiedReferenceValue
IDs.KotlinClassVisitor
, KotlinFileFacadeVisitor
,
KotlinMultiFileFacadeVisitor
, KotlinMultiFilePartVisitor
, KotlinSyntheticClassVisitor
.JvmTransferRelation
has been refactored to model IINC
in a separate computeIncrement
method.ProcessingFlag.DONT_PROCESS_KOTLIN_MODULE
value was changed from 0x00002000
to 0x00008000
.fromClassPool
suffixes in CfaUtil
methods.CodeLocation
to only take the signature and offset into consideration.IdentifiedReferenceValue
id
field changed from int
to Object
.ParticularValueFactory.ReferenceFactory
replaced by ParticularReferenceValueFactory
.ValueFactory.createReferenceValue(String type, Clazz referencedClass, boolean mayBeExtension, boolean maybeNull, Clazz creationClass, Method creationMethod, int creationOffset)
to allow creating references identified by their creation site.JvmCfaReferenceValueFactory
to create references identified by the JvmCfaNode
creation site.Identified and particular references can now be identified by any Object
instead of a simple int
.
However, this means that code which compared the IDs may need to be modified. For example, the following
code should be changed:
public static boolean equal(IdentifiedReferenceValue a, IdentifiedReferenceValue b) {
return a.id == b.id;
}
It should use the equals
method instead.
public static boolean equal(IdentifiedReferenceValue a, IdentifiedReferenceValue b) {
return a.id.equals(b.id);
}
The ParticularReferenceValueFactory
identifies references with integers by default:
ValueFactory valueFactory = new ParticularReferenceFactory(new ParticularReferenceValueFactory());
Value a = valueFactory.createReferenceValue("Ljava/lang/String;", clazz, false, false);
// a.id will be an integer.
Any Object
can be used as an ID using the createReferenceValueForId
method:
String objectId = "myId";
ValueFactory valueFactory = new ParticularReferenceFactory(new ParticularReferenceValueFactory());
Value a = valueFactory.createReferenceValueForId("Ljava/lang/String;", clazz, false, false, objectId);
// a.id will be objectId
ClassReferenceInitializer
.MethodLinker
.LimitedHashMap
parameterization with an element exclusion selector.JvmAbstractState
for the composite taint analysis.expected Precise Reference
runtime verifier error.ClassReferenceInitializer
.KotlinMetadataAsserter
to check the integrity of Kotlin metadata.JvmReturnTaintSink
to support return instruction sinks in taint analysis.JvmTaintSink
has been generalized, use JvmInvokeTaintSink
to have the old functionalities.ClassSubHierarchyInitializer
.Call
API: Add a few utilities and fix inconsistent call argument count getter behavior.referencedDefaultImplementationMethodAccept
to KotlinFunctionMetadata
model class.referencedMethodAccept(Clazz, MemberVisitor)
in favour of referencedMethodAccept(MemberVisitor)
in KotlinFunctionMetadata
model class.TransformedStringMatcher
.ClassFeatureNameCollector
.ClassPath
.DataEntryClassInfoFilter
.NamedDataEntry
.CodeLocation#getClassName
as getExternalClassName
to comply with the types naming convention.DetailedArrayReferenceValue
modifying values at previous offsets on array store
instructions during PartialEvaluator
execution.JvmTransferRelation
to produce a successor in case of missing interprocedural call edge
(e.g., in case of incomplete call resolution).invokedynamic
(issue #63). There might now be calls with incomplete target
information. By default, these calls will not be distributed to visitors, but this can be enabled
by setting the skipIncompleteCalls
option in the call resolver.$
being stripped from inner classes by the ClassReferenceFixer
. This prevents classes
with names like Foo$$Bar
incorrectly having their simple name changed from $Bar
to Bar
.