proguard icon indicating copy to clipboard operation
proguard copied to clipboard

Published 20 hours ago verified publisher icon Guardsquare

Exception in thread "main" java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because the return value of "proguard.retrace.FrameInfo.getSourceFile()" is null

Open liamsharp opened this issue 1 year ago • 4 comments

When trying to retrace the following:

Exception in thread "main" java.lang.NullPointerException: Cannot invoke "com.github.screamingfrog.b.a()" because the return value of "com.github.screamingfrog.a.a()" is null
	at com.github.screamingfrog.App.a(Unknown Source)
	at com.github.screamingfrog.App.main(Unknown Source)

I'm getting:

Exception in thread "main" java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because the return value of "proguard.retrace.FrameInfo.getSourceFile()" is null
	at proguard.retrace.FrameRemapper.transformMethodInfo(FrameRemapper.java:189)
	at proguard.retrace.FrameRemapper.transform(FrameRemapper.java:63)
	at proguard.retrace.ReTrace.handle(ReTrace.java:198)
	at proguard.retrace.ReTrace.retrace(ReTrace.java:178)
	at proguard.retrace.ReTrace.main(ReTrace.java:406)

Using the command:

proguard-7.3.2/bin/retrace.sh target/proguard_map.txt output.txt

Here's the proguard_map.txt and output.txt to reproduce.

I also have a sample maven project here hello-world-cli.tar.gz with the code that is obfuscated by Proguard.

Steps to build and reproduce:

Extract the code:

tar xfvz hello-world-cli.tar.gz
cd hello-world-cli

Build:

mvn clean package

Reproduce the crash & store the output in a file:

java -jar target/hello-world-cli-1.0-SNAPSHOT.jar 2>&1 | tee output.txt

Retrace:

proguard-7.3.2/bin/retrace.sh target/proguard_map.txt output.txt

liamsharp avatar Jul 31 '23 10:07 liamsharp

I also had this with my stacktraces when trying to deobfuscate them. I have a fix in my fork that would solve the issue :) https://github.com/Bentaii/proguard Cheers!

Bentaii avatar Oct 03 '23 20:10 Bentaii

The issue comes from using the %m parameter and not having a %s parameter for the source file name. During the FrameRemapper's transformMethodInfo (it should also happen with the transformFieldInfo so with %f in your regex), the check for the source file returns null and it can't equal it to "Unknown Source". image

The proper way it should have been implemented should've been is something like this where you aren't vulnerable to the null value. image

Cheers!

Bentaii avatar Oct 03 '23 20:10 Bentaii

It should be fixed in the next release now that the pr has been merged

Bentaii avatar Feb 22 '24 14:02 Bentaii

Any idea when the next release is planned?

liamsharp avatar May 08 '24 15:05 liamsharp