use of net.runelite.asm.attributes.code.instructions.IAdd in project runelite by runelite.
the class ExprArgOrder method visit.
private void visit(InstructionContext ctx) {
Instruction ins = ctx.getInstruction();
if (ins instanceof IAdd || ins instanceof IMul || ins instanceof IfICmpEq || ins instanceof IfICmpNe || ins instanceof IfACmpEq || ins instanceof IfACmpNe) {
Expression expression = new Expression(ctx);
parseExpr(expression, ctx);
if (!exprs.containsKey(ins)) {
exprIns.add(ins);
exprs.put(ins, expression);
}
}
}
use of net.runelite.asm.attributes.code.instructions.IAdd in project runelite by runelite.
the class DupDeobfuscatorTest method test2.
// 035 aload_0 // this
// 036 dup // this this
// 037 getfield class153/field2097 I // this I
// 038 ldc 830083863
// 039 imul // this I
// 040 ldc 830083863
// 041 iadd // this I
// 042 dup_x1 // I this I
@Test
public void test2() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(3);
Instruction[] body = { // this
new AConstNull(ins), // this this
new Dup(ins), new GetField(ins, new Field(new Class("test"), "field", Type.INT)), // this this I I
new LDC(ins, 830083863), // this this I
new IMul(ins), new LDC(ins, 830083863), new IAdd(ins), new Dup_X1(ins), new LDC(ins, 636900519), // pops dup
new IMul(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
Deobfuscator d = new DupDeobfuscator();
d.run(group);
// assert the dup wasn't duplicated
long dupCount = ins.getInstructions().stream().filter(i -> i instanceof Dup).count();
Assert.assertEquals(1, dupCount);
// assert the dup_x1 was removed
dupCount = ins.getInstructions().stream().filter(i -> i instanceof Dup_X1).count();
Assert.assertEquals(0, dupCount);
}
use of net.runelite.asm.attributes.code.instructions.IAdd in project runelite by runelite.
the class MultiplicationDeobfuscatorTest method test2.
// aload_0
// dup
// getfield class118/field2201 I
// ldc_w -2079217519
// imul
// ldc -2079217519
// iadd
// dup_x1
// ldc_w 561453169
// imul
// putfield class118/field2201 I
// ldc 561453169
// imul
@Test
public void test2() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(4);
// vars[0] = 3
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
for (Instruction i : prepareVariables) {
ins.addInstruction(i);
}
LDC constant1 = new LDC(ins, -2079217519), constant2 = new LDC(ins, -2079217519), constant3 = new LDC(ins, 561453169), constant4 = new LDC(ins, 561453169);
Instruction[] body = { // for dup_x1 to place before this
new LDC(ins, 0), new ILoad(ins, 0), constant1, new IMul(ins), constant2, new IAdd(ins), // result, 0, result
new Dup_X1(ins), constant3, new IMul(ins), new Pop(ins), new Pop(ins), constant4, new IMul(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
assert constant1.getConstantAsInt() * constant3.getConstantAsInt() == 1;
assert constant2.getConstantAsInt() * constant4.getConstantAsInt() == 1;
Deobfuscator d = new MultiplicationDeobfuscator();
d.run(group);
Assert.assertEquals(1, constant1.getConstantAsInt());
Assert.assertEquals(1, constant2.getConstantAsInt());
Assert.assertEquals(1, constant3.getConstantAsInt());
Assert.assertEquals(1, constant4.getConstantAsInt());
}
use of net.runelite.asm.attributes.code.instructions.IAdd in project runelite by runelite.
the class MultiplicationDeobfuscatorTest method test5.
@Test
public void test5() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(2);
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0), new LDC(ins, 2), new IStore(ins, 1) };
for (Instruction i : prepareVariables) {
ins.addInstruction(i);
}
LDC constant1 = new LDC(ins, -2079217519), constant2 = new LDC(ins, -2079217519), constant3 = new LDC(ins, 561453169);
Instruction[] body = { new ILoad(ins, 0), constant1, new IMul(ins), new IStore(ins, 2), new ILoad(ins, 2), new ILoad(ins, 1), constant2, new IMul(ins), new IAdd(ins), constant3, new IMul(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
assert constant1.getConstantAsInt() * constant3.getConstantAsInt() == 1;
Deobfuscator d = new MultiplicationDeobfuscator();
d.run(group);
Assert.assertEquals(1, constant1.getConstantAsInt());
Assert.assertEquals(1, constant2.getConstantAsInt());
Assert.assertEquals(1, constant3.getConstantAsInt());
}
use of net.runelite.asm.attributes.code.instructions.IAdd in project runelite by runelite.
the class ExprArgOrderTest method test3.
@Test
public void test3() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(2);
// vars[0] = 3
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
for (Instruction i : prepareVariables) {
ins.addInstruction(i);
}
Instruction[] body = { // 512 + (3 + var1) -> var1 + 3 + 512
new LDC(ins, 512), new LDC(ins, 3), new ILoad(ins, 0), new IAdd(ins), new IAdd(ins), new Pop(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
ExprArgOrder exprArgOrder = new ExprArgOrder();
exprArgOrder.run(group);
List<Instruction> instructions = ins.getInstructions();
// 2: iload
// 3: iconst 3
// 4: iadd
// 5: ldc
// 6: add
assertEquals(IADD, instructions.get(4).getType());
assertEquals(IADD, instructions.get(6).getType());
}
Aggregations