const v2, 0x3c23d70a (const float v2 = 0.01f)
apk各个渠道支付特征值:
UC: setAmount
Downjoy: openPaymentDialog
alipay: total_fee
Dalvik VM与JVM的最大的区别之一就是Dalvik VM是基于寄存器的。基于寄存器是什么意思呢?也就是说,在smali里的所有操作都必须经过寄存器来进行:本地寄存器用v开头数字结尾的符号来表示,如v0、v1、v2、…参数寄存器则使用p开头数字结尾的符号来表示,如p0、p1、p2、…特别注意的是,p0不一定是函数中的第一个参数,在非static函数中,p0代指“this”.p1表示函数的第一个参数,p2代表函数中的第二个参数…而在static函数中p0才对应第一个参数(因为Java的static方法中没有this方法)。本地寄存器没有限制,理论上是可以任意使用的(From: http://www.52pojie.cn/forum.php?mod=viewthread&tid=233852)
Toast.makeText(MainActivity.this, "初始化失败!", Toast.LENGTH_SHORT).show();
iget-object v0, p0, Lcom/example/yuanlang/MainActivity$1;->this$0:Lcom/example/yuanlang/MainActivity;
const-string v1, "\u521d\u59cb\u5316\u5931\u8d25\uff01"
const/4 v2, 0x0
invoke-static {v0, v1, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v0
invoke-virtual {v0}, Landroid/widget/Toast;->show()V
move-object v0, p0
.packed-switch -0x2
:pswitch_1
:pswitch_1
:pswitch_0
:pswitch_1
表示从 -0x2 开始,依次增加1,从上往下依次为-2,-1,0,1
const-string v2, "mars"
const-string v3, "mars skypay"
invoke-static {v2, v3}, Landroid/util/Log;->e(Ljava/lang/String;Ljava/lang/String;)I
回编译不了:
new-instance v4, Lcom/poxiao/pay/plugin/letu/LetuPayImpl$payhandle;
invoke-direct {v4, p0}, Lcom/poxiao/pay/plugin/letu/LetuPayImpl$payhandle;-><init>(Lcom/poxiao/pay/plugin/letu/LetuPayImpl;)V
有效:
new-instance v4, Lcom/poxiao/pay/plugin/letu/LetuPayImpl$payhandle;
move-object/from16 v1, p0
invoke-direct {v4, v1}, Lcom/poxiao/pay/plugin/letu/LetuPayImpl$payhandle;-><init>(Lcom/poxiao/pay/plugin/letu/LetuPayImpl;)V
# comments
sget v0, Lcom/poxiao/fish/activity/SplashActivity;->cpMetaData:I
invoke-static {v0}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v0
invoke-virtual {v0}, Ljava/lang/Integer;->toString()Ljava/lang/String;
move-result-object v5
invoke-virtual {v0, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
v0变成了Integer类型,所以在最后调用的时候就有问题,改成如下即可。
sget v1, Lcom/poxiao/fish/activity/SplashActivity;->cpMetaData:I
invoke-static {v1}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/Integer;->toString()Ljava/lang/String;
move-result-object v5
invoke-virtual {v0, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
.locals 0
More
const/4 v3, 0x1
.line 352
const-wide/high16 v0, 0x4008
const-string v2, "a"
const-wide/high16 v4, 0x4000
move v6, v3
invoke-static/range {v0 .. v6}, Lcom/umeng/analytics/game/UMGameAgent;->pay(DLjava/lang/String;IDI)V
因为其传递的参数是(Double, String, Int, Double, Int),Double占8个字节,所以需要v0和v1两个寄存器存储数据。
"if-eq vA, vB, :cond_**" 如果vA等于vB则跳转到:cond_**
"if-ne vA, vB, :cond_**" 如果vA不等于vB则跳转到:cond_**
"if-lt vA, vB, :cond_**" 如果vA小于vB则跳转到:cond_**
"if-ge vA, vB, :cond_**" 如果vA大于等于vB则跳转到:cond_**
"if-gt vA, vB, :cond_**" 如果vA大于vB则跳转到:cond_**
"if-le vA, vB, :cond_**" 如果vA小于等于vB则跳转到:cond_**
"if-eqz vA, :cond_**" 如果vA等于0则跳转到:cond_**
"if-nez vA, :cond_**" 如果vA不等于0则跳转到:cond_**
"if-ltz vA, :cond_**" 如果vA小于0则跳转到:cond_**
"if-gez vA, :cond_**" 如果vA大于等于0则跳转到:cond_**
"if-gtz vA, :cond_**" 如果vA大于0则跳转到:cond_**
"if-lez vA, :cond_**" 如果vA小于等于0则跳转到:cond_**
如下会报错,无法回编译
sget-object v2, Lorg/cocos2dx/cpp/AppActivity;->sPrice:Ljava/lang/String;
sget-object v3, Lorg/cocos2dx/cpp/AppActivity;->sProductName:Ljava/lang/String;
invoke-interface {v0, p0, p0, v1, v2, v2}, Lcom/moli/util/IPayment;->pay2(Landroid/content/Context;Lcom/moli/util/IPayActivity;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V
改成:
move-object v2, p0
move-object v3, p0
sget-object v4, Lorg/cocos2dx/cpp/AppActivity;->sPrice:Ljava/lang/String;
sget-object v5, Lorg/cocos2dx/cpp/AppActivity;->sProductName:Ljava/lang/String;
invoke-interface/range {v0 .. v5}, Lcom/moli/util/IPayment;->pay2(Landroid/content/Context;Lcom/moli/util/IPayActivity;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V