From e9146f4ae8593a79598403e0d88668d82a94c591 Mon Sep 17 00:00:00 2001 From: oleveau Date: Wed, 1 Mar 2017 15:42:30 +0100 Subject: [PATCH 1/4] handle collision --- lib/class-factory.js | 6 ++- test/re/frida/MethodTest.java | 70 +++++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+), 1 deletion(-) diff --git a/lib/class-factory.js b/lib/class-factory.js index 98f1cac1..168b059d 100644 --- a/lib/class-factory.js +++ b/lib/class-factory.js @@ -669,9 +669,13 @@ function ClassFactory (vm) { try { const fieldName = invokeObjectMethodNoArgs(env.handle, field, fieldGetName); try { - const fieldjsName = env.stringFromJni(fieldName); + var fieldjsName = env.stringFromJni(fieldName); const fieldHandle = env.newGlobalRef(field); fieldHandles.push(fieldHandle); + // If we have a collided method, suffix the fieldName + if(jsMethods.hasOwnProperty(fieldjsName)){ + fieldjsName = "_" + fieldjsName; + } jsFields[fieldjsName] = fieldHandle; } finally { env.deleteLocalRef(fieldName); diff --git a/test/re/frida/MethodTest.java b/test/re/frida/MethodTest.java index 98794ae9..6150e847 100644 --- a/test/re/frida/MethodTest.java +++ b/test/re/frida/MethodTest.java @@ -65,6 +65,62 @@ public void genericsCanBeUsed() { assertEquals("Badger", script.getNextMessage()); } + + @Test + public void fieldsThatCollideWithMethodsGetSuffixed() { + loadScript("var Collider = Java.use('re.frida.Collider');" + + "var collider = Collider.$new();" + + "send(collider._Particle);"); + assertEquals("1", script.getNextMessage()); + } + + @Test + public void methodsThatCollideWithFieldsKeepName() { + loadScript("var Collider = Java.use('re.frida.Collider');" + + "var collider = Collider.$new();" + + "send(collider.Particle());"); + assertEquals("3", script.getNextMessage()); + } + + @Test + public void fieldsThatCollideWithMethodsGetSuffixed2() { + loadScript("var Collider = Java.use('re.frida.Collider');" + + "var collider = Collider.$new();" + + "send(collider._Particle2);"); + assertEquals("2", script.getNextMessage()); + } + + @Test + public void methodsThatCollideWithFieldsKeepName2() { + loadScript("var Collider = Java.use('re.frida.Collider');" + + "var collider = Collider.$new();" + + "send(collider.Particle2());"); + assertEquals("4", script.getNextMessage()); + } + + @Test + public void collidedMethodsFieldsCanStillBeInstrumented() { + loadScript("var Collider = Java.use('re.frida.Collider');" + + "Collider._Particle.implementation = function () {" + + "return 11;" + + "};" + + "Collider._Particle2.implementation = function () {" + + "return 22;" + + "};" + + "Collider.Particle.implementation = function () {" + + "return 33;" + + "};" + + "Collider.Particle2.implementation = function () {" + + "return 44;" + + "};"); + + Collider collider = new Collider(); + assertEquals(11, Collider.Particle); + assertEquals(22, collider.Particle2); + assertEquals(33, collider.Particle()); + assertEquals(44, Collider.Particle2()); + } + // @Test public void interfaceCanBeImplemented() { loadScript("var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');" + @@ -118,3 +174,17 @@ public int returnZero() { return 0; } } + +class Collider { + static int Particle = 1; + + int Particle2 = 2; + + int Particle() { + return 3; + } + + static int Particle2(){ + return 4; + } +} From 36b08a9b688b437b5617775e4fc8cfedaea96067 Mon Sep 17 00:00:00 2001 From: olifozzy Date: Wed, 1 Mar 2017 21:23:35 +0100 Subject: [PATCH 2/4] fixes feedback --- lib/class-factory.js | 5 ++--- test/re/frida/MethodTest.java | 32 ++++++++++++++++---------------- 2 files changed, 18 insertions(+), 19 deletions(-) diff --git a/lib/class-factory.js b/lib/class-factory.js index 168b059d..37f96ecc 100644 --- a/lib/class-factory.js +++ b/lib/class-factory.js @@ -669,11 +669,10 @@ function ClassFactory (vm) { try { const fieldName = invokeObjectMethodNoArgs(env.handle, field, fieldGetName); try { - var fieldjsName = env.stringFromJni(fieldName); + let fieldjsName = env.stringFromJni(fieldName); const fieldHandle = env.newGlobalRef(field); fieldHandles.push(fieldHandle); - // If we have a collided method, suffix the fieldName - if(jsMethods.hasOwnProperty(fieldjsName)){ + while (jsMethods.hasOwnProperty(fieldjsName)){ fieldjsName = "_" + fieldjsName; } jsFields[fieldjsName] = fieldHandle; diff --git a/test/re/frida/MethodTest.java b/test/re/frida/MethodTest.java index 6150e847..3dbb9c5d 100644 --- a/test/re/frida/MethodTest.java +++ b/test/re/frida/MethodTest.java @@ -70,7 +70,7 @@ public void genericsCanBeUsed() { public void fieldsThatCollideWithMethodsGetSuffixed() { loadScript("var Collider = Java.use('re.frida.Collider');" + "var collider = Collider.$new();" + - "send(collider._Particle);"); + "send(collider._particle);"); assertEquals("1", script.getNextMessage()); } @@ -78,7 +78,7 @@ public void fieldsThatCollideWithMethodsGetSuffixed() { public void methodsThatCollideWithFieldsKeepName() { loadScript("var Collider = Java.use('re.frida.Collider');" + "var collider = Collider.$new();" + - "send(collider.Particle());"); + "send(collider.particle());"); assertEquals("3", script.getNextMessage()); } @@ -86,7 +86,7 @@ public void methodsThatCollideWithFieldsKeepName() { public void fieldsThatCollideWithMethodsGetSuffixed2() { loadScript("var Collider = Java.use('re.frida.Collider');" + "var collider = Collider.$new();" + - "send(collider._Particle2);"); + "send(collider._particle2);"); assertEquals("2", script.getNextMessage()); } @@ -94,31 +94,31 @@ public void fieldsThatCollideWithMethodsGetSuffixed2() { public void methodsThatCollideWithFieldsKeepName2() { loadScript("var Collider = Java.use('re.frida.Collider');" + "var collider = Collider.$new();" + - "send(collider.Particle2());"); + "send(collider.particle2());"); assertEquals("4", script.getNextMessage()); } @Test public void collidedMethodsFieldsCanStillBeInstrumented() { loadScript("var Collider = Java.use('re.frida.Collider');" + - "Collider._Particle.implementation = function () {" + + "Collider._particle.implementation = function () {" + "return 11;" + "};" + - "Collider._Particle2.implementation = function () {" + + "Collider._particle2.implementation = function () {" + "return 22;" + "};" + - "Collider.Particle.implementation = function () {" + + "Collider.particle.implementation = function () {" + "return 33;" + "};" + - "Collider.Particle2.implementation = function () {" + + "Collider.particle2.implementation = function () {" + "return 44;" + "};"); Collider collider = new Collider(); - assertEquals(11, Collider.Particle); - assertEquals(22, collider.Particle2); - assertEquals(33, collider.Particle()); - assertEquals(44, Collider.Particle2()); + assertEquals(11, Collider.particle); + assertEquals(22, collider.particle2); + assertEquals(33, collider.particle()); + assertEquals(44, Collider.particle2()); } // @Test @@ -176,15 +176,15 @@ public int returnZero() { } class Collider { - static int Particle = 1; + static int particle = 1; - int Particle2 = 2; + int particle2 = 2; - int Particle() { + int particle() { return 3; } - static int Particle2(){ + static int particle2(){ return 4; } } From 191216474b9dde929e92775a3e1e53ed58f79122 Mon Sep 17 00:00:00 2001 From: olifozzy Date: Thu, 2 Mar 2017 00:47:50 +0100 Subject: [PATCH 3/4] fix #2 --- lib/class-factory.js | 8 +++++--- test/re/frida/MethodTest.java | 4 +--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/class-factory.js b/lib/class-factory.js index 37f96ecc..7de5d62f 100644 --- a/lib/class-factory.js +++ b/lib/class-factory.js @@ -670,11 +670,13 @@ function ClassFactory (vm) { const fieldName = invokeObjectMethodNoArgs(env.handle, field, fieldGetName); try { let fieldjsName = env.stringFromJni(fieldName); - const fieldHandle = env.newGlobalRef(field); - fieldHandles.push(fieldHandle); - while (jsMethods.hasOwnProperty(fieldjsName)){ + while (jsMethods.hasOwnProperty(fieldjsName)) { fieldjsName = "_" + fieldjsName; } + + const fieldHandle = env.newGlobalRef(field); + fieldHandles.push(fieldHandle); + jsFields[fieldjsName] = fieldHandle; } finally { env.deleteLocalRef(fieldName); diff --git a/test/re/frida/MethodTest.java b/test/re/frida/MethodTest.java index 3dbb9c5d..7c050717 100644 --- a/test/re/frida/MethodTest.java +++ b/test/re/frida/MethodTest.java @@ -65,7 +65,6 @@ public void genericsCanBeUsed() { assertEquals("Badger", script.getNextMessage()); } - @Test public void fieldsThatCollideWithMethodsGetSuffixed() { loadScript("var Collider = Java.use('re.frida.Collider');" + @@ -177,14 +176,13 @@ public int returnZero() { class Collider { static int particle = 1; - int particle2 = 2; int particle() { return 3; } - static int particle2(){ + static int particle2() { return 4; } } From 2513577e2f956c21185a3c7c384831a836d96ed5 Mon Sep 17 00:00:00 2001 From: olifozzy Date: Thu, 2 Mar 2017 01:12:47 +0100 Subject: [PATCH 4/4] Remove trailing spaces --- lib/class-factory.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/class-factory.js b/lib/class-factory.js index 7de5d62f..bbf2958d 100644 --- a/lib/class-factory.js +++ b/lib/class-factory.js @@ -676,7 +676,7 @@ function ClassFactory (vm) { const fieldHandle = env.newGlobalRef(field); fieldHandles.push(fieldHandle); - + jsFields[fieldjsName] = fieldHandle; } finally { env.deleteLocalRef(fieldName);