"Class Open Warnings" Window

Contents:

Overview

Reflection API calls such as Class.forName(String) can cause problems for obfuscators. If a class, field or method is being accessed by name using the Reflection API and the class, field or method name is obfuscated then, if not appropriately handled, the API call would be broken.

Zelix KlassMasterTM can automatically handle simple Reflection API calls. It detects the calls and analyzes the source of the String parameter that specifies the class, field or method name. If the ultimate source of the name is a String literal then Zelix KlassMaster will automatically change the value of the String literal to match the obfuscated class, field or method name. However, if Zelix KlassMaster cannot successfully analyze and automatically deal with a reflection API call then it reports the call in the pane above this one. It reports

The format is:
In class MyClass
    in method public static final void myMethod()
         java.lang.Class.forName(java.lang.String)

Warnings you can usually ignore

Any Reflection API calls that simply return a class, field or method name (eg. Class.getName()) are always reported in the pane above this one. However, these warnings can be safely ignored if the Strings that the calls return are only used for debugging purposes such as log output. On the other hand, if the String returned by such a call is used in some comparison with a String literal or as a property file key then the warning cannot be ignored.

What you have to do

If you get a Reflection API warning that you cannot ignore then the safest thing to do is to explicitly exclude the object that is being accessed by name from being obfuscated. You do this by using the "Obfuscate Name Exclusions" dialog.

For example, let's say that you are warned that a Class.forName(String) call has not been successfully analyzed and, when you look at the call in your source code, you see that that is used to access your class com.mycompany.MyDynamicallAccessedClass. What you should do is explicitly exclude the name of the class com.mycompany.MyDynamicallAccessedClass and its package name from being obfuscated.

Similarly, if you are warned that a Class.getDeclaredField(String) call has not been successfully analyzed and, when you look at the call in your source code, you see that that is used to access the field myDynamicallyAccessedField in your class com.mycompany.MyClass then you should explicitly exclude the name of the field myDynamicallyAccessedField from being obfuscated.


© 2019 Zelix Pty Ltd