rizinorg
Add xrefs support for switch statements in Dex
Is your feature request related to a problem? Please describe.
Dalvik architecture uses two opcodes, packed-switch and sparse-switch, and their table structures to construct the switch statement. By parsing the table structures, we have the addresses of the associated code blocks. The switch statement is a widely-used language feature appearing in many Android APPs. But, I found that Rizin might not have an easy way to analyze it.
Take this APK (Password: infected) as an example, the following output of command pdf is the code snippet with a sparse-switch opcode.
By manually parsing the table structure referenced by the opcode, we can find 4 associated code blocks in 0x1000e8360, 0x1000e8374, 0x1000e8388, and 0x1000e839c.
However, in the above output, there is no further information about these code blocks. Moreover, the pdf command also skips the opcodes of most code blocks.
Describe the solution you'd like
It would be great if Rizin could resolve the references to the code blocks.
Describe alternatives you've considered
I think patching command pdf to print the code blocks can also help. But if I have missed something, please feel free to let me know.
Thanks!
