What steps will reproduce the problem?

Sorry for linked file, 10MB max upload on Google code

1. Download Facebook.apk from http://www.sendspace.com/file/tuloij

2. adb install Facebook.apk
Notice how it works fine on device (I'm testing on Galaxy Tab GT-P1010)

3. Decompile, recompile, sign Facebook.apk:
apktool d Facebook.apk
apktool b Facebook Facebook-clean.apk
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore 
./keystorename.keystore Facebook-clean.apk username

4. adb install Facebook-clean.apk

What is the expected output? What do you see instead?
Notice how icon, app name, etc. are incorrect. Launching the app is instant 
crash. I expected it to work the same, as other apps do when reassembled 
(although the Facebook app is extremely complicated compared to others I've 
tried).

What version of the product are you using? On what operating system?
Apktool v1.5.0.5a056e3 Ubuntu Linux 64bit

Please provide any additional information below.
This app was uploaded off of a Nexus One that came preloaded with it. Am I 
doing something wrong? I didn't get any errors during disassemble/reassemble 
from APKtool. One interesting thing, the app is 13.1MB before 
disassemble/reassemble, and 11.0MB after. Strange...

The size difference is the change in compressed resources.arsc and a variety of 
other things.

I'll look into it though. btw v1.5.1 is out :)

I updated to 1.5.1, still not working, thanks for your time and helping me out.

[deleted comment]

Change the compression level of resources.arsc to 0 and see
And get a logcat of crash

Maybe the issue has to do with disassembling factory-installed applications.

I've attached a test version of v1.5.2. Let me know if this works. I couldn't 
get Facebook to crash, simply doing decompile -> recompile -> inject 
resources.arsc / classes.dex back into original apk, along with entire /res 
folder.

No FC.

Sorry, was planning on doing this and then forgot. Question- why do you need to 
do something other than apktool d / apktool b / resign? What does inject 
resources, classes.dex, and copy entire /res folder? Shouldn't the tool do this 
automatically?

Thanks

Does this new 1.5.2 solve issue #391?

It means inject / insert those items into the original apk. Not the one Apktool 
built. As Apktool builds it without a signature.

http://code.google.com/p/android-apktool/issues/detail?id=8&colspec=ID%20Stars%2
0Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified

Watch that bug if you can't inject resources. It'll probably be months though 
before I add that feature.

Ahhh so merely signing a system app after it is recompiled doesn't work, 
because system apps need to be signed by the system cert?

Or whatever cert (production, release, build) key that was used on that APK. 
Which is why injecting prevents most of the FC errors due to invalid signatures.

Thats why you inject :)

You then can modify anything (w/ the exception of AndroidManifest.xml as the 
cert is hashed off that). Then you can inject classes.dex or resources.arsc and 
it'll work without problem.

Note the command I use below (7zip)

7za u -mx0 -tzip -r Test.apk classes.dex

u = update
-mx0 = store (no comrpession
-tzip = type zip

Ok, so there is no point in modifying anything in a factory app, because 
classes.dex would then be modified, and I will not be able to re-sign with the 
original cert, right? Therefore, it is impossible to modify factory apps 
without access to the manufacturer's cert.

I think I am missing something here.

As far as I understand, classes.dex becomes the smali folder in a disassembled 
app. Are you saying that you can disassemble the app, reassemble it, then 
extract the classes.dex, then use the 7zip command to inject it into the 
original, overwriting the old classes.dex?

You don't have to re-extract but yes your correct.

After `apktool b` there is 2 folders (dist and build).

Go to build/apk and there is the compiled (but not built into an apk), stuff. 
So there is your classes.dex, etc. You can take those and inject them into the 
original.

Issue 551 has been merged into this issue.

Do we have to resign if we inject it into the original ?

Hmm. Seems we have some protection from Facebook. See comment #4 - 
http://code.google.com/p/android-apktool/issues/detail?id=551