unidbg补环境报错，求大佬帮忙看看

还在学习呢 · 发表于 2024-5-26 13:47

因为不太懂NDK开发，全是参照例子中补的环境，出现以下问题不太懂，希望线上大佬帮忙看看

在此拜谢大佬

报错信息

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

[13:40:43 876]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-130528, svcNumber=0x119, PC=unidbg@0xfffe0224, LR=RX@0x400ba150[libfekit.so]0xba150, syscall=null
java.lang.UnsupportedOperationException: com/tencent/mobileqq/sign/QQSecuritySign$SignResult-><init>()V
    at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:803)
    at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:758)
    at com.github.unidbg.linux.android.dvm.DvmMethod.newObjectV(DvmMethod.java:214)
    at com.github.unidbg.linux.android.dvm.DalvikVM64$26.handle(DalvikVM64.java:420)
    at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
    at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
    at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
    at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
    at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
    at com.github.unidbg.thread.Function64.run(Function64.java:39)
    at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
    at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
    at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
    at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
    at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
    at com.github.unidbg.Module.emulateFunction(Module.java:163)
    at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:135)
    at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethodObject(DvmObject.java:93)
    at com.mobileqq.Dandelion.getSign(Dandelion.java:96)
    at com.mobileqq.Dandelion.main(Dandelion.java:69)
[13:40:43 876]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x40096f1c[libfekit.so]0x96f1c exception sp=unidbg@0xbfffebc0, msg=com/tencent/mobileqq/sign/QQSecuritySign$SignResult-><init>()V, offset=0ms @ Runnable|Function64 address=0x40096f1c, arguments=[unidbg@0xfffe1640[libjnigraphics.so]0x640, 2027775614, 282821294, 1344199921, 2025269734, 1800031768, 667447085]

在java代码中找到QQSecuritySign类

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

package com.tencent.mobileqq.sign;
 
import android.text.TextUtils;
import com.tencent.mobileqq.p3122fe.EventCallback;
import com.tencent.mobileqq.qfix.redirect.IPatchRedirector;
import com.tencent.mobileqq.qsec.qsecurity.QSec;
 
/* compiled from: P */
/* loaded from: classes2.dex */
public class QQSecuritySign {
    static IPatchRedirector $redirector_ = null;
    private static final String TAG = "QQSecuritySDK";
    private static QQSecuritySign sInstance;
    private String mExtra;
 
    /* compiled from: P */
    /* loaded from: classes2.dex */
    public static class SignResult {
        static IPatchRedirector $redirector_;
        public byte[] extra;
        public byte[] sign;
        public byte[] token;
 
        public SignResult() {
            IPatchRedirector iPatchRedirector = $redirector_;
            if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 1)) {
                return;
            }
            iPatchRedirector.redirect((short) 1, (Object) this);
        }
    }
 
    QQSecuritySign() {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 1)) {
            return;
        }
        iPatchRedirector.redirect((short) 1, (Object) this);
    }
 
    public static synchronized QQSecuritySign getInstance() {
        QQSecuritySign qQSecuritySign;
        synchronized (QQSecuritySign.class) {
            if (sInstance == null) {
                sInstance = new QQSecuritySign();
            }
            qQSecuritySign = sInstance;
        }
        return qQSecuritySign;
    }
 
    private native SignResult getSign(QSec qSec, String str, String str2, byte[] bArr, byte[] bArr2, String str3);
 
    public native void dispatchEvent(String str, String str2, EventCallback eventCallback);
 
    public native void dispatchEventPB(String str, String str2, byte[] bArr, EventCallback eventCallback);
 
    public SignResult getSign(QSec qSec, String str, byte[] bArr, byte[] bArr2, String str2) {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector != null && iPatchRedirector.hasPatch((short) 10)) {
            return (SignResult) iPatchRedirector.redirect((short) 10, this, qSec, str, bArr, bArr2, str2);
        }
        if (bArr != null && bArr.length > 0) {
            if (TextUtils.isEmpty(str)) {
                return new SignResult();
            }
            if (TextUtils.isEmpty(this.mExtra)) {
                this.mExtra = "";
            }
            return getSign(qSec, this.mExtra, str, bArr, bArr2, str2);
        }
        return new SignResult();
    }
 
    public void init(String str) {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 2)) {
            this.mExtra = str;
        } else {
            iPatchRedirector.redirect((short) 2, (Object) this, (Object) str);
        }
    }
 
    public native void initSafeMode(boolean z);
 
    public native void notifyCamera(String str, String str2, String str3, String str4, String str5, String str6, EventCallback eventCallback);
 
    public native void notifyFaceDetect(String str, String str2, String str3, EventCallback eventCallback);
 
    public native void requestToken();
 
    public native void safeUiReport(String str, String str2, String str3, EventCallback eventCallback);
}

IPatchRedirector类

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

package com.tencent.mobileqq.qfix.redirect;
 
import androidx.annotation.Keep;
 
@Keep
/* loaded from: classes.dex */
public interface IPatchRedirector {
    boolean hasPatch(short s);
 
    Object redirect(short s);
 
    Object redirect(short s, Object obj);
 
    Object redirect(short s, Object obj, int i2);
 
    Object redirect(short s, Object obj, int i2, Object obj2);
 
    Object redirect(short s, Object obj, long j2);
 
    Object redirect(short s, Object obj, Object obj2);
 
    Object redirect(short s, Object obj, Object obj2, int i2);
 
    Object redirect(short s, Object obj, Object obj2, Object obj3);
 
    Object redirect(short s, Object obj, Object obj2, Object obj3, Object obj4);
 
    Object redirect(short s, Object obj, boolean z);
 
    Object redirect(short s, Object... objArr);
}

这是我补的环境代码

[Java] 纯文本查看 复制代码

1

2

3

4

5

6

7

8

9

@Override
    public DvmObject<?> newObjectV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
        switch (signature) {
            case "com/tencent/mobileqq/sign/QQSecuritySign$SignResult-><init>()V": {
                return vm.resolveClass("com/tencent/mobileqq/sign/QQSecuritySign$SignResult").newObject(null);
            }
        }
        throw new UnsupportedOperationException(signature);
    }

继续报错

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

[13:43:48 042]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-130528, svcNumber=0x119, PC=unidbg@0xfffe0224, LR=RX@0x400ba150[libfekit.so]0xba150, syscall=null
java.lang.UnsupportedOperationException: java/lang/String-><init>([BLjava/lang/String;)V
    at com.mobileqq.Dandelion.newObjectV(Dandelion.java:116)
    at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:758)
    at com.github.unidbg.linux.android.dvm.DvmMethod.newObjectV(DvmMethod.java:214)
    at com.github.unidbg.linux.android.dvm.DalvikVM64$26.handle(DalvikVM64.java:420)
    at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
    at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
    at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
    at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
    at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
    at com.github.unidbg.thread.Function64.run(Function64.java:39)
    at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
    at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
    at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
    at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
    at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
    at com.github.unidbg.Module.emulateFunction(Module.java:163)
    at com.github.unidbg.linux.LinuxModule.callFunction(LinuxModule.java:262)
    at com.github.unidbg.linux.LinuxSymbol.call(LinuxSymbol.java:27)
    at com.github.unidbg.linux.android.dvm.DalvikModule.callJNI_OnLoad(DalvikModule.java:33)
    at com.mobileqq.Dandelion.<init>(Dandelion.java:48)
    at com.mobileqq.Dandelion.main(Dandelion.java:62)
[13:43:48 042]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x4006bd2c[libfekit.so]0x6bd2c exception sp=unidbg@0xbfffe800, msg=java/lang/String-><init>([BLjava/lang/String;)V, offset=78ms @ Runnable|Function64 address=0x4006bd2c, arguments=[unidbg@0xfffe0080, null]
Exception in thread "main" java.lang.IllegalStateException: Illegal JNI version: 0xffffffff
    at com.github.unidbg.linux.android.dvm.BaseVM.checkVersion(BaseVM.java:228)
    at com.github.unidbg.linux.android.dvm.DalvikModule.callJNI_OnLoad(DalvikModule.java:39)
    at com.mobileqq.Dandelion.<init>(Dandelion.java:48)
    at com.mobileqq.Dandelion.main(Dandelion.java:62)

继续补环境

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

@Override
    public DvmObject<?> newObjectV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
        switch (signature) {
            case "com/tencent/mobileqq/sign/QQSecuritySign$SignResult-><init>()V": {
                return vm.resolveClass("com/tencent/mobileqq/sign/QQSecuritySign$SignResult").newObject(null);
            }
            case "java/lang/String-><init>([BLjava/lang/String;)V": {
                ByteArray array = vaList.getObjectArg(0);
                assert array != null;
                StringObject charsetName = vaList.getObjectArg(1);
                assert charsetName != null;
                try {
                    return new StringObject(vm, new String(array.getValue(), charsetName.getValue()));
                } catch (UnsupportedEncodingException e) {
                    throw new IllegalStateException(e);
                }
            }
        }
        throw new UnsupportedOperationException(signature);
    }

还是报错

[Java] 纯文本查看 复制代码

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

[13:44:55 099]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-128400, svcNumber=0x19e, PC=unidbg@0xfffe0a74, LR=RX@0x40097b00[libfekit.so]0x97b00, syscall=null
java.lang.NullPointerException
    at java.base/java.util.Objects.requireNonNull(Objects.java:233)
    at com.github.unidbg.linux.android.dvm.DalvikVM64$159.handle(DalvikVM64.java:2610)
    at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
    at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
    at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
    at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
    at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
    at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
    at com.github.unidbg.thread.Function64.run(Function64.java:39)
    at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
    at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
    at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
    at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
    at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
    at com.github.unidbg.Module.emulateFunction(Module.java:163)
    at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:135)
    at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethodObject(DvmObject.java:93)
    at com.mobileqq.Dandelion.getSign(Dandelion.java:96)
    at com.mobileqq.Dandelion.main(Dandelion.java:69)
[13:44:55 099]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x40096f1c[libfekit.so]0x96f1c exception sp=unidbg@0xbfffece0, msg=java.lang.NullPointerException, offset=0ms @ Runnable|Function64 address=0x40096f1c, arguments=[unidbg@0xfffe1640[libjnigraphics.so]0x640, 2027775614, 282821294, 1344199921, 2025269734, 1800031768, 667447085]

4561fef · 发表于 2024-5-26 13:47

最后一个补环境他要的返回值是空，而你return了个string

帐号		自动登录	找回密码
密码			注册[Register]

[其他求助] unidbg补环境报错，求大佬帮忙看看

最佳答案

免费评分