Hacking Java Bytecode for Programmers (Part 2)

I'm not being facetious. I don't know anything about the implementation of the JVM or its byte-code, and was hoping to learn a bit. But...<p>1. How was I supposed to know 0x19 was the relevant byte to look at? I know there should be a load opcode somewhere, how do I know it was that 0x19?<p>2. What's going on between the load opcode, and the actual string data about 120 bytes apart?<p>3. Is looking up the definition of an opcode from a list really a mnemonic device?<p>Maybe that last bit was a bit facetious.

Maybe I'm not part of the target audience for this article, but it seems to lack quite a bit of information. For example, you explain what op-codes are, but then only cover one of them. I think at least a basic overview of common op-codes and how they work together would have been great. Also, the "hacking" you demonstrate is simply replacing a string, which is certainly not Java-specific and rarely useful. A more interesting example would have been changing the control flow in some way.<p>Of course, that's not to say it's a bad article. I just think you could have expanded quite a bit more.

Rather than using a hex editor, one might consider a tool like Soot from McGill's Sable group. It includes a DSL for dealing with bytecode:<p><a href="https://github.com/Sable/soot" rel="nofollow">https://github.com/Sable/soot</a><p>I had looked at Soot some time ago because of Dava, the Java decompiler included with the project.<p>Also, for programatic manipulation of bytecode, ASM is a great tool:<p><a href="http://asm.ow2.org/" rel="nofollow">http://asm.ow2.org/</a><p>It includes a Java source generator which, given a .class file as input, produces a Java source class which will regenerate the input via the ASM builder APIs. Obviously, the benefit is that you get a starting point for building various re-writers, analyzes, etc.

Minor nit pick:<p>"The second, and this probably goes without saying, is that data is actually stored in the compilation using hexadecimal. "<p>It's stored in binary, your just using an editor that displays the hexadecimal representation.

What an annoying site to use on an iPad, can't pinch zoom