Bug in parsing of SMALI with unexpected label in array definition

[TheDauntless]

Describe the bug
I have a malware sample (acb38742fddfc3dcb511e5b0b2b2a2e4cef3d67cc6188b29aeb4475a717f5f95) that contains the following code:

   :sswitch_4
    goto/16 :goto_19

    nop

    :array_0
    :goto_12
    .array-data 1
        0x27t
        0x7t
        0x8t
        0x73t
        0x26t
        0x1t
        0x20t
        0x0t
        0x7ct
        0x0t

There is a label statement between the array name and the array initialization. This causes Dexcalibur to fail since it thinks it's in a new BasicBlock while it should be in a DataBlock. The actual error I'm getting is:

TypeError: this.__tmp_block.setDataWidth is not a function
    at SmaliParser.method (/usr/local/lib/node_modules/dexcalibur/src/SmaliParser.js:437:34)
    at SmaliParser.parse (/usr/local/lib/node_modules/dexcalibur/src/SmaliParser.js:736:34)
    at Analyzer.file (/usr/local/lib/node_modules/dexcalibur/src/Analyzer.js:800:30)
    at /usr/local/lib/node_modules/dexcalibur/src/Analyzer.js:839:18
    at Object.forEachFileOf (/usr/local/lib/node_modules/dexcalibur/src/Utils.js:108:21)
    at Object.forEachFileOf (/usr/local/lib/node_modules/dexcalibur/src/Utils.js:105:26)
    at Object.forEachFileOf (/usr/local/lib/node_modules/dexcalibur/src/Utils.js:105:26)
    at Analyzer.path (/usr/local/lib/node_modules/dexcalibur/src/Analyzer.js:838:12)
    at DexcaliburProject.fullscan (/usr/local/lib/node_modules/dexcalibur/src/DexcaliburProject.js:737:26)
    at DexcaliburProject.open (/usr/local/lib/node_modules/dexcalibur/src/DexcaliburProject.js:468:21)

this.__tmp_block is of type BasicBlock and not of type DataBlock.

Expected behavior
Ignore the invalid smali and fix it.

Suggested Fix
This might be difficult to solve correctly without regression bugs... You could check for this specific situation when encountering a goto label, or maybe you can 'look to previous lines' when you encounter an .array-data without a label and add the label manually? Or maybe a preprocessing step that searches for this specific situation and flips the two lines? I don't know if you currently have those...

If you don't want me to open bugs for these edge cases let me know, but malware seems like a very good use case for Dexcalibur so correctly dealing with 'weird smali' would make sense.

[FrenchYeti]

Hey,

thank you for the case. Such information is helpful for me, so feel free tp open bug for each. There is absolutely no problem :)

[FrenchYeti]

I'm packaging new Dexcalibur version, so i did not yet patched other smali bug.
But be sure i will implement support for such case

[TheDauntless]

As a quick & dirty hotpatch for anyone encountering this issue, you can add this at SmaliParser.js:689 as a pre-processing step:

 let ln1=null, ln2=null;
        for(let k=3; k<ls.length; k++)
        {
            ln1=ut.trim(ls[k-1]);
            ln2=ut.trim(ls[k]);

            if(ln1.includes(":array_") && ln2.includes(":goto_")){
                ls[k-1] = ln2
                ls[k] = ln1
                k += 2;
            }
        }

[FrenchYeti]

Fixed by b9d5f25.

I patched SmaliParser to ignore Goto label, when the parser is entered into an Array definition, but data are not yet set. So, between :array_XX and .array-data_B.