Bug#849403: diffoscope: Improvesupport for Android apps
Emanuel Bronshtein
e3amn2l at gmx.com
Mon Dec 26 17:19:17 UTC 2016
Source: diffoscope
Severity: wishlist
Dear Maintainer,
1. Better handle .dex files
currently enjarify tool is used in order to transform .dex file to .jar, this tool can fail (as probably any decompiler) for example:
Command `enjarify -o /tmp/tmpdp3fttiq_diffoscope/classes.jar /tmp/tmpw04hjmue_diffoscope/classes.dex` exited with -9. Output: <none>
http://37.218.242.117/com.nbossard.packlist_16.apk.diffoscope.html#classes.dex
No file format specific differences found inside, yet data differs:
http://37.218.242.117/com.ancantus.HYPNOTOAD_4.apk.diffoscope.html#classes.dex
in such cases the fallback is binary comparison, it will be better to:
* use other decompilers as fallback if enjarify fail, such as:
jadx - https://github.com/skylot/jadx
SOOT - https://sable.github.io/soot/
Dare - http://siis.cse.psu.edu/dare/index.html
Dex2Jar - https://github.com/pxb1988/dex2jar
DAD from androguard (which has Debian package https://packages.debian.org/sid/androguard )
more information: https://stackoverflow.com/questions/1249973/decompiling-dex-into-java-sourcecode#36159034
* if all available decompilers fail, use apktool in order to transform .dex file to smali/baksmali
2. Support parsing android resources not in APK file
Support for some Android files (such as: AndroidManifest.xml & resources.arsc) was added in:
https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=3e748664a91b7ced412547a204e1473161425d4f
but it works only if comparing APK files, not directories / when the content archived in other format (non ZIP)
More information about the Reproducible-builds
mailing list