From b84345935a5ab15340dbca045a0af39c1f5a6124 Mon Sep 17 00:00:00 2001
From: Orion Hodson <oth@google.com>
Date: Thu, 31 Aug 2017 09:29:49 +0100
Subject: [PATCH] Fix out registers for invoke-polymorphic

The calculation of the number of output registers for
invoke-polymorphic and invoke-polymorphic-range should be based on the
number of registers provided.
---
 .../main/java/org/jf/dexlib2/util/InstructionUtil.java   | 4 ++++
 .../src/main/java/org/jf/dexlib2/writer/DexWriter.java   | 9 ++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/dexlib2/src/main/java/org/jf/dexlib2/util/InstructionUtil.java b/dexlib2/src/main/java/org/jf/dexlib2/util/InstructionUtil.java
index eb1f8d92..58ce2628 100644
--- a/dexlib2/src/main/java/org/jf/dexlib2/util/InstructionUtil.java
+++ b/dexlib2/src/main/java/org/jf/dexlib2/util/InstructionUtil.java
@@ -38,5 +38,9 @@ public final class InstructionUtil {
         return opcode == Opcode.INVOKE_STATIC || opcode == Opcode.INVOKE_STATIC_RANGE;
     }
 
+    public static boolean isInvokePolymorphic(Opcode opcode) {
+        return opcode == Opcode.INVOKE_POLYMORPHIC || opcode == Opcode.INVOKE_POLYMORPHIC_RANGE;
+    }
+
     private InstructionUtil() {}
 }
diff --git a/dexlib2/src/main/java/org/jf/dexlib2/writer/DexWriter.java b/dexlib2/src/main/java/org/jf/dexlib2/writer/DexWriter.java
index 1b0d9df0..3020f326 100644
--- a/dexlib2/src/main/java/org/jf/dexlib2/writer/DexWriter.java
+++ b/dexlib2/src/main/java/org/jf/dexlib2/writer/DexWriter.java
@@ -52,6 +52,7 @@ import org.jf.dexlib2.iface.debug.LineNumber;
 import org.jf.dexlib2.iface.instruction.Instruction;
 import org.jf.dexlib2.iface.instruction.OneRegisterInstruction;
 import org.jf.dexlib2.iface.instruction.ReferenceInstruction;
+import org.jf.dexlib2.iface.instruction.VariableRegisterInstruction;
 import org.jf.dexlib2.iface.instruction.formats.*;
 import org.jf.dexlib2.iface.reference.*;
 import org.jf.dexlib2.util.InstructionUtil;
@@ -955,7 +956,13 @@ public abstract class DexWriter<
                 if (instruction.getOpcode().referenceType == ReferenceType.METHOD) {
                     ReferenceInstruction refInsn = (ReferenceInstruction)instruction;
                     MethodReference methodRef = (MethodReference)refInsn.getReference();
-                    int paramCount = MethodUtil.getParameterRegisterCount(methodRef, InstructionUtil.isInvokeStatic(instruction.getOpcode()));
+                    Opcode opcode = instruction.getOpcode();
+                    int paramCount;
+                    if (InstructionUtil.isInvokePolymorphic(opcode)) {
+                        paramCount = ((VariableRegisterInstruction)instruction).getRegisterCount();
+                    } else {
+                        paramCount = MethodUtil.getParameterRegisterCount(methodRef, InstructionUtil.isInvokeStatic(opcode));
+                    }
                     if (paramCount > outParamCount) {
                         outParamCount = paramCount;
                     }