/
ClassAssemblingUtils.cpp
280 lines (256 loc) · 8.81 KB
/
ClassAssemblingUtils.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
/*
* Copyright (c) Meta Platforms, Inc. and affiliates.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
#include "ClassAssemblingUtils.h"
#include <boost/algorithm/string.hpp>
#include "Creators.h"
#include "DexStore.h"
#include "DexUtil.h"
#include "Model.h"
#include "ReachableClasses.h"
#include "Show.h"
#include "Trace.h"
using namespace class_merging;
namespace {
void patch_iget_for_int_like_types(cfg::ControlFlowGraph& cfg,
const cfg::InstructionIterator& it,
IRInstruction* convert) {
auto insn = it->insn;
auto move_result_it = cfg.move_result_of(it);
auto src_dest = move_result_it->insn->dest();
convert->set_src(0, src_dest)->set_dest(src_dest);
cfg.insert_after(move_result_it, convert);
insn->set_opcode(OPCODE_IGET);
}
std::string_view get_merger_package_name(const DexType* root_type) {
auto pkg_name = type::get_package_name(root_type);
// Avoid an Android OS like package name, which might confuse the custom class
// loader. See T34120391 for details.
if (boost::starts_with(pkg_name, "Landroid/") ||
boost::starts_with(pkg_name, "Ldalvik/") ||
boost::starts_with(pkg_name, "Ljava/")) {
auto cls = type_class(root_type);
if (cls && cls->is_external()) {
return "Lcom/facebook/redex/";
}
}
return pkg_name;
}
} // namespace
namespace class_merging {
DexClass* create_class(const DexType* type,
const DexType* super_type,
const std::string_view pkg_name,
const std::vector<DexField*>& fields,
const TypeSet& interfaces,
bool with_default_ctor,
DexAccessFlags access) {
DexType* t = const_cast<DexType*>(type);
always_assert(!pkg_name.empty());
auto name = std::string(type->get_name()->c_str());
name = pkg_name + name.substr(1);
t->set_name(DexString::make_string(name));
// Create class.
ClassCreator creator(t);
creator.set_access(access);
always_assert(super_type != nullptr);
creator.set_super(const_cast<DexType*>(super_type));
for (const auto& itf : interfaces) {
creator.add_interface(const_cast<DexType*>(itf));
}
for (const auto& field : fields) {
creator.add_field(field);
field->set_deobfuscated_name(show_deobfuscated(field));
}
auto cls = creator.create();
if (!with_default_ctor) {
return cls;
}
// Create ctor.
auto super_ctors = type_class(super_type)->get_ctors();
for (auto super_ctor : super_ctors) {
auto mc = MethodCreator(t,
DexString::make_string("<init>"),
super_ctor->get_proto(),
ACC_PUBLIC | ACC_CONSTRUCTOR);
// Call to super.<init>
std::vector<Location> args;
size_t args_size = super_ctor->get_proto()->get_args()->size();
for (size_t arg_loc = 0; arg_loc < args_size + 1; ++arg_loc) {
args.push_back(mc.get_local(arg_loc));
}
auto mb = mc.get_main_block();
mb->invoke(OPCODE_INVOKE_DIRECT, super_ctor, args);
mb->ret_void();
auto ctor = mc.create();
ctor->get_code()->build_cfg();
TRACE(CLMG, 4, " default ctor created %s", SHOW(ctor));
cls->add_method(ctor);
}
return cls;
}
std::vector<DexField*> create_merger_fields(const DexType* owner,
const FieldsMap& fields_map) {
std::vector<DexField*> res;
const auto& mergeable_fields = fields_map.begin()->second;
size_t cnt = 0;
for (const auto* f : mergeable_fields) {
auto type = f->get_type();
std::string name;
if (type == type::_byte() || type == type::_char() ||
type == type::_short() || type == type::_int()) {
type = type::_int();
name = "i";
} else if (type == type::_boolean()) {
type = type::_boolean();
name = "z";
} else if (type == type::_long()) {
type = type::_long();
name = "j";
} else if (type == type::_float()) {
type = type::_float();
name = "f";
} else if (type == type::_double()) {
type = type::_double();
name = "d";
} else {
static DexType* string_type = DexType::make_type("Ljava/lang/String;");
if (type == string_type) {
type = string_type;
name = "s";
} else {
char t = type::type_shorty(type);
always_assert(t == 'L' || t == '[');
type = type::java_lang_Object();
name = "l";
}
}
name += std::to_string(cnt);
auto field = DexField::make_field(owner, DexString::make_string(name), type)
->make_concrete(ACC_PUBLIC);
res.push_back(field);
cnt++;
}
std::vector<bool> acc_final_map(mergeable_fields.size(), true);
for (const auto& fmap : fields_map) {
const auto& fields = fmap.second;
for (size_t i = 0; i < fields.size(); i++) {
redex_assert(acc_final_map.size() > i);
acc_final_map[i] = acc_final_map.at(i) && is_final(fields[i]);
}
}
for (size_t i = 0; i < res.size(); i++) {
redex_assert(acc_final_map.size() > i);
if (acc_final_map[i]) {
set_final(res.at(i));
TRACE(CLMG, 5, "marking merger field final %s", SHOW(res.at(i)));
}
}
TRACE(CLMG, 8, " created merger fields %zu ", res.size());
return res;
}
void cook_merger_fields_lookup(
const std::vector<DexField*>& new_fields,
const FieldsMap& fields_map,
std::unordered_map<DexField*, DexField*>& merger_fields_lookup) {
for (const auto& fmap : fields_map) {
const auto& old_fields = fmap.second;
always_assert(new_fields.size() == old_fields.size());
for (size_t i = 0; i < new_fields.size(); i++) {
if (old_fields.at(i) != nullptr) {
merger_fields_lookup[old_fields.at(i)] = new_fields.at(i);
}
}
}
}
DexClass* create_merger_class(const DexType* type,
const DexType* super_type,
const std::vector<DexField*>& merger_fields,
const TypeSet& interfaces,
bool add_type_tag_field,
bool with_default_ctor /* false */) {
always_assert(type && super_type);
std::vector<DexField*> fields;
if (add_type_tag_field) {
auto type_tag_field =
DexField::make_field(
type, DexString::make_string(INTERNAL_TYPE_TAG_FIELD_NAME),
type::_int())
->make_concrete(ACC_PUBLIC | ACC_FINAL);
fields.push_back(type_tag_field);
}
for (auto f : merger_fields) {
fields.push_back(f);
}
// Put merger class in the same package as super_type.
auto pkg_name = get_merger_package_name(super_type);
auto cls = create_class(type, super_type, pkg_name, fields, interfaces,
with_default_ctor);
TRACE(CLMG, 3, " created merger class w/ fields %s ", SHOW(cls));
return cls;
}
void patch_iput(const cfg::InstructionIterator& it) {
auto insn = it->insn;
const auto op = insn->opcode();
always_assert(opcode::is_an_iput(op));
switch (op) {
case OPCODE_IPUT_BYTE:
case OPCODE_IPUT_CHAR:
case OPCODE_IPUT_SHORT:
insn->set_opcode(OPCODE_IPUT);
break;
default:
break;
}
};
void patch_iget(cfg::ControlFlowGraph& cfg,
const cfg::InstructionIterator& it,
DexType* original_field_type) {
auto insn = it->insn;
const auto op = insn->opcode();
always_assert(opcode::is_an_iget(op));
switch (op) {
case OPCODE_IGET_OBJECT: {
auto move_insn_it = cfg.move_result_of(it);
auto dest = move_insn_it->insn->dest();
auto cast = ModelMethodMerger::make_check_cast(original_field_type, dest);
cfg.insert_after(move_insn_it, cast);
break;
}
case OPCODE_IGET_BYTE: {
always_assert(original_field_type == type::_byte());
auto int_to_byte = new IRInstruction(OPCODE_INT_TO_BYTE);
patch_iget_for_int_like_types(cfg, it, int_to_byte);
break;
}
case OPCODE_IGET_CHAR: {
always_assert(original_field_type == type::_char());
auto int_to_char = new IRInstruction(OPCODE_INT_TO_CHAR);
patch_iget_for_int_like_types(cfg, it, int_to_char);
break;
}
case OPCODE_IGET_SHORT: {
always_assert(original_field_type == type::_short());
auto int_to_short = new IRInstruction(OPCODE_INT_TO_SHORT);
patch_iget_for_int_like_types(cfg, it, int_to_short);
break;
}
default:
break;
}
};
void add_class(DexClass* new_cls,
Scope& scope,
DexStoresVector& stores,
boost::optional<size_t> dex_id) {
always_assert(new_cls != nullptr);
TRACE(CLMG, 4, " ClassMerging Adding class %s to dex(%s) scope[%zu]",
SHOW(new_cls), dex_id ? std::to_string(*dex_id).c_str() : "last",
scope.size());
scope.push_back(new_cls);
DexStore::add_class(new_cls, stores, dex_id);
}
} // namespace class_merging