Does CodeQL work with JADX decompiled android apk code #19034
Replies: 2 comments
-
|
Hi @sachint2001, Officially this is not supported, but have you tried creating a database with build-mode As a reminder, this is not allowed under the default license found at codeql.github.com unless this is for academic research purposes. |
Beta Was this translation helpful? Give feedback.
-
|
Hi, I would not expect this to work well in the general case. CodeQL’s Java/Kotlin analysis is designed for source code, ideally with a real build or at least enough project structure to recover dependencies. JADX output is decompiled Java-like source, but it is not the original source tree and often is not recompilable, so CodeQL may fail to extract it or produce a database with a lot of missing type / call / data-flow information. The only thing I would try is Java no-build mode, for example: codeql database create jadx-db \
--language=java-kotlin \
--source-root=/path/to/jadx-output \
--build-mode=none |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi, as the title says, does CodeQL work with JADX decompiled android apk code? I don't think this decompiled code is directly recompilable, and nor do I think it comes with an autobuild configuration file.
When trying to create the database for it, I keep getting this error:
CodeQL detected code written in Java/Kotlin but could not process any of it.
If anyone has found out if it works, any help would be appreciated. Thanks!
Beta Was this translation helpful? Give feedback.
All reactions