This repository serves as a technical documentation of the reverse engineering process for a legacy Cocos2d-x (v3.x) mobile game port. The project focuses on bypassing hardcoded network dependencies and resolving JNI-related memory crashes (SIGSEGV) through Dalvik Bytecode modification.
The objective was to “de-leash” the game client from a defunct Chinese backend and a cloud-resource SDK (CocosPlayClient) that prevented the engine from initializing local assets.
MalformedURLException in the Java layer was returning null to the C++ native layer, causing a null-pointer dereference at 0x0.SoundPool would fail to load samples if the initial network handshake didn’t return a specific “Success” JSON payload.Modified Cocos2dxHttpURLConnection.smali to implement a Ghost Server logic. Instead of touching the Android net stack, the class now returns synthetic responses immediately.
# Forced 200 OK Response
.method static getResponseCode(Ljava/net/HttpURLConnection;)I
.locals 1
const/16 v0, 0xc8
return v0
.end method
The CocosPlayClient middleware was identified as a secondary gatekeeper. By patching Cocos2dxActivity.smali, we bypassed the cloud-init sequence that was wiping local asset paths.
To resolve Fatal signal 11 (SIGSEGV), the createHttpURLConnection method was forced to return a valid object pointer even upon failure, satisfying the native engine’s expectation of a non-null return value.
/smali/: Contains the patched Dalvik bytecode for core engine classes./docs/: Logcat analysis and crash dump traces./tools/: Scripts used for APK rebuilding and signing..so native libraries.This project is for educational and research purposes only. It demonstrates the interoperability between Java and C++ in Android environments and the methodology of patching legacy software for preservation.