CHAPTER 54. JAVA CHAPTER 54. JAVA

Chapter 54

Java

54.1 Introduction.

There are some well-known decompilers for Java (orJVMbytecode in general)^1.

The reason is the decompilation ofJVM-bytecode is somewhat easier than for lower level x86 code:

• There is much more information about the data types.


• TheJVMmemory model is much more rigorous and outlined.


• The Java compiler don’t do any optimizations (theJVMJIT^2 does them at runtime), so the bytecode in the class files is
  usually pretty readable.

When can the knowledge ofJVMbe useful?

• Quick-and-dirty patching tasks of class files without the need to recompile the decompiler’s results.


• Analysing obfuscated code.


• Building your own obfuscator.


• Building a compiler codegenerator (back-end) targetingJVM(like Scala, Clojure, etc^3 ).

Let’s start with some simple pieces of code. JDK 1.7 is used everywhere, unless mentioned otherwise.

This is the command used to decompile class files everywhere :javap -c -verbose

This is the book I used while preparing all examples : [Jav13].

54.2 Returning a value

Probably the simplest Java function is the one which returns some value. Oh, and we must keep in mind that there are no
“free” functions in Java in common sense, they are “methods”. Each method is related to some class, so it’s not possible to
define a method outside of a class. But we’ll call them “functions” anyway, for simplicity.

public class ret

{

public static int main(String[] args)

{

return 0;

}

}

Let’s compile it:

javac ret.java

...and decompile it using the standard Java utility:

javap -c -verbose ret.class

(^1) For example, JAD:http://varaneckas.com/jad/
(^2) Just-in-time compilation
(^3) Full list:http://en.wikipedia.org/wiki/List_of_JVM_languages