Implemented verification for iput-object

git-svn-id: https://smali.googlecode.com/svn/trunk@598 55b6fa8a-2a1e-11de-a435-ffa8d773f76a

dexlib/src/main/java/org/jf/dexlib/Code/Analysis/MethodAnalyzer.java

@@ -554,6 +554,8 @@ public class MethodAnalyzer {
                 return handle32BitPrimitiveIput(analyzedInstruction, RegisterType.Category.Short);
             case IPUT_WIDE:
                 return handleIputWide(analyzedInstruction);
+            case IPUT_OBJECT:
+                return handleIputObject(analyzedInstruction);
         }
 
         assert false;
@@ -1927,6 +1929,54 @@ public class MethodAnalyzer {
         return true;
     }
 
+    private boolean handleIputObject(AnalyzedInstruction analyzedInstruction) {
+        TwoRegisterInstruction instruction = (TwoRegisterInstruction)analyzedInstruction.instruction;
+
+        RegisterType objectRegisterType = analyzedInstruction.getPreInstructionRegisterType(instruction.getRegisterB());
+        assert objectRegisterType != null;
+        if (objectRegisterType.category == RegisterType.Category.Unknown) {
+            return false;
+        }
+        checkRegister(objectRegisterType, ReferenceCategories);
+
+        RegisterType sourceRegisterType = analyzedInstruction.getPreInstructionRegisterType(instruction.getRegisterA());
+        assert sourceRegisterType != null;
+        if (sourceRegisterType.category == RegisterType.Category.Unknown) {
+            return false;
+        }
+        checkRegister(objectRegisterType, ReferenceCategories);
+
+        //TODO: check access
+        //TODO: allow an uninitialized "this" reference, if the current method is an <init> method
+        Item referencedItem = ((InstructionWithReference)analyzedInstruction.instruction).getReferencedItem();
+        assert referencedItem instanceof FieldIdItem;
+        FieldIdItem field = (FieldIdItem)referencedItem;
+
+        if (objectRegisterType.category != RegisterType.Category.Null &&
+            !objectRegisterType.type.extendsClass(ClassPath.getClassDef(field.getContainingClass()))) {
+            throw new ValidationException(String.format("Cannot access field %s through type %s",
+                    field.getFieldString(), objectRegisterType.type.getClassType()));
+        }
+
+        RegisterType fieldType = RegisterType.getRegisterTypeForTypeIdItem(field.getFieldType());
+
+        if (fieldType.category != RegisterType.Category.Reference) {
+            throw new ValidationException(String.format("Cannot use %s with field %s. Incorrect field type " +
+                        "for the instruction.", analyzedInstruction.instruction.opcode.name,
+                        field.getFieldString()));
+        }
+
+        if (sourceRegisterType.category != RegisterType.Category.Null &&
+            !fieldType.type.isInterface() &&
+            !sourceRegisterType.type.extendsClass(fieldType.type)) {
+
+            throw new ValidationException(String.format("Cannot store a value of type %s into a field of type %s",
+                    sourceRegisterType.type.getClassType(), fieldType.type.getClassType()));
+        }
+
+        return true;
+    }
+
     private static boolean checkArrayFieldAssignment(RegisterType.Category arrayFieldCategory,
                                                   RegisterType.Category instructionCategory) {
         if (arrayFieldCategory == instructionCategory) {