Menu
I want to delete the 580th and 581th line in the java code below. this file is in system/framework/services.jar in android devices, so the steps I did are:
decompile jar to smali
change the smali file
recompile the smali file to dex file
pack it into services.jar.
push services.jar into android mobile phone
The question is in step2, how to change the smali file, I tried to delete :line580 and the code below it, but it doesn't work, when compiling, a nullPointerExecption was thrown...and I can see /error/ in jd-gui tool Somebody please give me some advices, I'm totally new to smali, thanks in advance.
The java code is:
568 public void registerUiTestAutomationService(IBinder owner,
569 IAccessibilityServiceClient serviceClient,
570 AccessibilityServiceInfo accessibilityServiceInfo) {
571 mSecurityPolicy.enforceCallingPermission(Manifest.permission.RETRIEVE_WINDOW_CONTENT,
572 FUNCTION_REGISTER_UI_TEST_AUTOMATION_SERVICE);
573
574 accessibilityServiceInfo.setComponentName(sFakeAccessibilityServiceComponentName);
575
576 synchronized (mLock) {
577 UserState userState = getCurrentUserStateLocked();
578
579 if (userState.mUiAutomationService != null) {
580 throw new IllegalStateException("UiAutomationService " + serviceClient
581 + "already registered!");
582 }
583
584 try {
585 owner.linkToDeath(userState.mUiAutomationSerivceOnwerDeathRecipient, 0);
586 } catch (RemoteException re) {
587 Slog.e(LOG_TAG, "Couldn't register for the death of a"
588 + " UiTestAutomationService!", re);
589 return;
590 }
591
592 userState.mUiAutomationServiceOwner = owner;
593 userState.mUiAutomationServiceClient = serviceClient;
594
595 // Set the temporary state.
596 userState.mIsAccessibilityEnabled = true;
597 userState.mIsTouchExplorationEnabled = false;
598 userState.mIsEnhancedWebAccessibilityEnabled = false;
599 userState.mIsDisplayMagnificationEnabled = false;
600 userState.mInstalledServices.add(accessibilityServiceInfo);
601 userState.mEnabledServices.clear();
602 userState.mEnabledServices.add(sFakeAccessibilityServiceComponentName);
603 userState.mTouchExplorationGrantedServices.add(sFakeAccessibilityServiceComponentName);
604
605 // Use the new state instead of settings.
606 onUserStateChangedLocked(userState);
607 }
608 }
The smali code after decompiling:
.line 579
.local v1, "userState":Lcom/android/server/accessibility/AccessibilityManagerService$UserState;
# getter for: Lcom/android/server/accessibility/AccessibilityManagerService$UserState;->mUiAutomationService:Lcom/android/server/accessibility/AccessibilityManagerService$Service;
invoke-static {v1}, Lcom/android/server/accessibility/AccessibilityManagerService$UserState;->access$300(Lcom/android/server/accessibility/AccessibilityManagerService$UserState;)Lcom/android/server/accessibility/AccessibilityManagerService$Service;
move-result-object v2
if-eqz v2, :cond_3d
.line 580
new-instance v2, Ljava/lang/IllegalStateException;
new-instance v4, Ljava/lang/StringBuilder;
invoke-direct {v4}, Ljava/lang/StringBuilder;-><init>()V
const-string v5, "UiAutomationService "
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder;
move-result-object v4
const-string v5, "already registered!"
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v4
invoke-direct {v2, v4}, Ljava/lang/IllegalStateException;-><init>(Ljava/lang/String;)V
throw v2
.line 607
.end local v1 # "userState":Lcom/android/server/accessibility/AccessibilityManagerService$UserState;
:catchall_3a
move-exception v2
monitor-exit v3
:try_end_3c
.catchall {:try_start_11 .. :try_end_3c} :catchall_3a
throw v2
.line 585
.restart local v1 # "userState":Lcom/android/server/accessibility/AccessibilityManagerService$UserState;
:cond_3d
:try_start_3d
# getter for: Lcom/android/server/accessibility/AccessibilityManagerService$UserState;->mUiAutomationSerivceOnwerDeathRecipient:Landroid/os/IBinder$DeathRecipient;
invoke-static {v1}, Lcom/android/server/accessibility/AccessibilityManagerService$UserState;->access$1200(Lcom/android/server/accessibility/AccessibilityManagerService$UserState;)Landroid/os/IBinder$DeathRecipient;
move-result-object v2
const/4 v4, 0x0
invoke-interface {p1, v2, v4}, Landroid/os/IBinder;->linkToDeath(Landroid/os/IBinder$DeathRecipient;I)V
:try_end_45
.catch Landroid/os/RemoteException; {:try_start_3d .. :try_end_45} :catch_74
.catchall {:try_start_3d .. :try_end_45} :catchall_3a
508
asked May 25 '26 03:05
Try to Remove
.line 580
new-instance v2, Ljava/lang/IllegalStateException;
new-instance v4, Ljava/lang/StringBuilder;
invoke-direct {v4}, Ljava/lang/StringBuilder;-><init>()V
const-string v5, "UiAutomationService "
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder;
move-result-object v4
const-string v5, "already registered!"
invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v4
invoke-virtual {v4}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v4
invoke-direct {v2, v4}, Ljava/lang/IllegalStateException;-><init>(Ljava/lang/String;)V
throw v2
I am not sure. But AFAIK this should remove line 580 and 581. Please try it and let me know.
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
