From 538e4f738d410bc314a907090d6f12ffaed7b75f Mon Sep 17 00:00:00 2001
From: de4dot <de4dot@gmail.com>
Date: Tue, 21 Feb 2012 16:56:29 +0100
Subject: [PATCH] Fix issue #24. Don't remove decrypter type if there was an
 error

---
 de4dot.code/deobfuscators/Babel_NET/Deobfuscator.cs    |  8 +++++---
 de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs    |  2 +-
 de4dot.code/deobfuscators/CodeVeil/Deobfuscator.cs     |  4 +++-
 .../deobfuscators/CryptoObfuscator/Deobfuscator.cs     |  6 ++++--
 de4dot.code/deobfuscators/DeepSea/Deobfuscator.cs      |  2 +-
 de4dot.code/deobfuscators/DeobfuscatorBase.cs          |  4 ++++
 de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs  |  2 +-
 .../deobfuscators/Eazfuscator_NET/Deobfuscator.cs      |  2 +-
 de4dot.code/deobfuscators/Goliath_NET/Deobfuscator.cs  |  2 +-
 de4dot.code/deobfuscators/Skater_NET/Deobfuscator.cs   |  2 +-
 .../deobfuscators/SmartAssembly/Deobfuscator.cs        | 10 ++--------
 de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs     |  2 +-
 12 files changed, 25 insertions(+), 21 deletions(-)

diff --git a/de4dot.code/deobfuscators/Babel_NET/Deobfuscator.cs b/de4dot.code/deobfuscators/Babel_NET/Deobfuscator.cs
index cfa2b9f3..e8bb9ed0 100644
--- a/de4dot.code/deobfuscators/Babel_NET/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Babel_NET/Deobfuscator.cs
@@ -178,9 +178,6 @@ namespace de4dot.code.deobfuscators.Babel_NET {
 			stringDecrypter.initialize();
 
 			if (Operations.DecryptStrings != OpDecryptString.None) {
-				addResourceToBeRemoved(stringDecrypter.Resource, "Encrypted strings");
-				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
-
 				if (stringDecrypter.Resource != null)
 					Log.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(stringDecrypter.Resource.Name));
 				staticStringInliner.add(stringDecrypter.DecryptMethod, (method, args) => {
@@ -252,6 +249,11 @@ namespace de4dot.code.deobfuscators.Babel_NET {
 		}
 
 		public override void deobfuscateEnd() {
+			if (CanRemoveStringDecrypterType) {
+				addResourceToBeRemoved(stringDecrypter.Resource, "Encrypted strings");
+				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
+			}
+
 			removeProxyDelegates(proxyDelegateFinder);
 			methodsDecrypter.Dispose();
 			base.deobfuscateEnd();
diff --git a/de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs b/de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs
index d0cfa22a..018cce9a 100644
--- a/de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs
@@ -212,7 +212,7 @@ namespace de4dot.code.deobfuscators.CliSecure {
 				if (stackFrameHelper.ExceptionLoggerRemover.NumRemovedExceptionLoggers > 0)
 					addTypeToBeRemoved(stackFrameHelper.Type, "StackFrameHelper type");
 			}
-			if (Operations.DecryptStrings != OpDecryptString.None) {
+			if (CanRemoveStringDecrypterType) {
 				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
 				if (options.DecryptMethods)
 					addTypeToBeRemoved(cliSecureRtType.Type, "Obfuscator type");
diff --git a/de4dot.code/deobfuscators/CodeVeil/Deobfuscator.cs b/de4dot.code/deobfuscators/CodeVeil/Deobfuscator.cs
index 2a4a7ce1..e331fd83 100644
--- a/de4dot.code/deobfuscators/CodeVeil/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/CodeVeil/Deobfuscator.cs
@@ -193,7 +193,6 @@ namespace de4dot.code.deobfuscators.CodeVeil {
 				DeobfuscatedFile.stringDecryptersAdded();
 				addModuleCctorInitCallToBeRemoved(stringDecrypter.InitMethod);
 				addCallToBeRemoved(mainType.getInitStringDecrypterMethod(stringDecrypter.InitMethod), stringDecrypter.InitMethod);
-				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
 			}
 
 			assemblyResolver = new AssemblyResolver(module);
@@ -248,6 +247,9 @@ namespace de4dot.code.deobfuscators.CodeVeil {
 		public override void deobfuscateEnd() {
 			bool canRemoveProxyTypes = proxyDelegateFinder.CanRemoveTypes;
 
+			if (CanRemoveStringDecrypterType)
+				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
+
 			if (!mainType.Detected) {
 			}
 			else if (mainType.Version >= ObfuscatorVersion.V5_0) {
diff --git a/de4dot.code/deobfuscators/CryptoObfuscator/Deobfuscator.cs b/de4dot.code/deobfuscators/CryptoObfuscator/Deobfuscator.cs
index dc938331..43c0922c 100644
--- a/de4dot.code/deobfuscators/CryptoObfuscator/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/CryptoObfuscator/Deobfuscator.cs
@@ -171,7 +171,6 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 			decryptResources();
 			stringDecrypter.init(resourceDecrypter);
 			if (stringDecrypter.Method != null) {
-				addResourceToBeRemoved(stringDecrypter.Resource, "Encrypted strings");
 				staticStringInliner.add(stringDecrypter.Method, (method, args) => {
 					return stringDecrypter.decrypt((int)args[0]);
 				});
@@ -191,7 +190,6 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 			addTypeToBeRemoved(assemblyResolver.Type, "Assembly resolver type");
 			addTypeToBeRemoved(tamperDetection.Type, "Tamper detection type");
 			addTypeToBeRemoved(antiDebugger.Type, "Anti-debugger type");
-			addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
 
 			proxyDelegateFinder.find();
 
@@ -205,6 +203,10 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 
 		public override void deobfuscateEnd() {
 			removeProxyDelegates(proxyDelegateFinder);
+			if (CanRemoveStringDecrypterType) {
+				addResourceToBeRemoved(stringDecrypter.Resource, "Encrypted strings");
+				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
+			}
 			base.deobfuscateEnd();
 		}
 
diff --git a/de4dot.code/deobfuscators/DeepSea/Deobfuscator.cs b/de4dot.code/deobfuscators/DeepSea/Deobfuscator.cs
index f28810d6..3d495b03 100644
--- a/de4dot.code/deobfuscators/DeepSea/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/DeepSea/Deobfuscator.cs
@@ -239,7 +239,7 @@ done:
 			if (options.RestoreFields)
 				addTypesToBeRemoved(fieldsRestorer.FieldStructs, "Type with moved fields");
 
-			if (Operations.DecryptStrings != OpDecryptString.None) {
+			if (CanRemoveStringDecrypterType) {
 				addMethodsToBeRemoved(stringDecrypter.DecrypterMethods, "String decrypter method");
 				stringDecrypter.cleanup();
 			}
diff --git a/de4dot.code/deobfuscators/DeobfuscatorBase.cs b/de4dot.code/deobfuscators/DeobfuscatorBase.cs
index a07c6f99..1c1a8b1d 100644
--- a/de4dot.code/deobfuscators/DeobfuscatorBase.cs
+++ b/de4dot.code/deobfuscators/DeobfuscatorBase.cs
@@ -90,6 +90,10 @@ namespace de4dot.code.deobfuscators {
 			get { return false; }
 		}
 
+		protected bool CanRemoveStringDecrypterType {
+			get { return Operations.DecryptStrings != OpDecryptString.None && staticStringInliner.InlinedAllCalls; }
+		}
+
 		public virtual IMethodCallInliner MethodCallInliner {
 			get {
 				if (CanInlineMethods)
diff --git a/de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs b/de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs
index d755cd3b..25813070 100644
--- a/de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs
@@ -120,7 +120,7 @@ namespace de4dot.code.deobfuscators.Dotfuscator {
 		}
 
 		public override void deobfuscateEnd() {
-			if (Operations.DecryptStrings != OpDecryptString.None)
+			if (CanRemoveStringDecrypterType)
 				addMethodsToBeRemoved(stringDecrypter.StringDecrypters, "String decrypter method");
 
 			base.deobfuscateEnd();
diff --git a/de4dot.code/deobfuscators/Eazfuscator_NET/Deobfuscator.cs b/de4dot.code/deobfuscators/Eazfuscator_NET/Deobfuscator.cs
index feb75724..8d742ad9 100644
--- a/de4dot.code/deobfuscators/Eazfuscator_NET/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Eazfuscator_NET/Deobfuscator.cs
@@ -536,7 +536,7 @@ namespace de4dot.code.deobfuscators.Eazfuscator_NET {
 		}
 
 		public override void deobfuscateEnd() {
-			if (Operations.DecryptStrings == OpDecryptString.Dynamic) {
+			if (Operations.DecryptStrings == OpDecryptString.Dynamic && CanRemoveStringDecrypterType) {
 				addTypeToBeRemoved(decryptStringType, "String decrypter type");
 				findPossibleNamesToRemove(decryptStringMethod);
 				addResources("Encrypted strings");
diff --git a/de4dot.code/deobfuscators/Goliath_NET/Deobfuscator.cs b/de4dot.code/deobfuscators/Goliath_NET/Deobfuscator.cs
index 8e1a533b..ac15032e 100644
--- a/de4dot.code/deobfuscators/Goliath_NET/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Goliath_NET/Deobfuscator.cs
@@ -242,7 +242,7 @@ namespace de4dot.code.deobfuscators.Goliath_NET {
 			removeInlinedMethods();
 			addTypesToBeRemoved(localsRestorer.Types, "Method locals obfuscation type");
 
-			if (Operations.DecryptStrings != OpDecryptString.None) {
+			if (CanRemoveStringDecrypterType) {
 				removeDecrypterStuff(stringDecrypter, "String", "strings");
 				addTypeToBeRemoved(stringDecrypter.StringStruct, "String struct");
 			}
diff --git a/de4dot.code/deobfuscators/Skater_NET/Deobfuscator.cs b/de4dot.code/deobfuscators/Skater_NET/Deobfuscator.cs
index cb152175..5d16c19f 100644
--- a/de4dot.code/deobfuscators/Skater_NET/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Skater_NET/Deobfuscator.cs
@@ -104,7 +104,7 @@ namespace de4dot.code.deobfuscators.Skater_NET {
 		}
 
 		public override void deobfuscateMethodEnd(Blocks blocks) {
-			if (Operations.DecryptStrings != OpDecryptString.None)
+			if (CanRemoveStringDecrypterType)
 				stringDecrypter.deobfuscate(blocks);
 			enumClassFinder.deobfuscate(blocks);
 			base.deobfuscateMethodEnd(blocks);
diff --git a/de4dot.code/deobfuscators/SmartAssembly/Deobfuscator.cs b/de4dot.code/deobfuscators/SmartAssembly/Deobfuscator.cs
index c78a4c01..03e09fd7 100644
--- a/de4dot.code/deobfuscators/SmartAssembly/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/SmartAssembly/Deobfuscator.cs
@@ -515,14 +515,8 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
 			addMethodsToBeRemoved(tamperProtectionRemover.PinvokeMethods, "Tamper protection PInvoke method");
 		}
 
-		bool canRemoveStringDecrypterStuff() {
-			if (!staticStringInliner.InlinedAllCalls)
-				return false;
-			return Operations.DecryptStrings != OpDecryptString.None;
-		}
-
 		void removeStringDecryptionStuff() {
-			if (!canRemoveStringDecrypterStuff())
+			if (!CanRemoveStringDecrypterType)
 				return;
 
 			foreach (var decrypter in stringDecrypters) {
@@ -539,7 +533,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
 		}
 
 		void removeStringsInitCode(Blocks blocks) {
-			if (!canRemoveStringDecrypterStuff())
+			if (!CanRemoveStringDecrypterType)
 				return;
 
 			if (blocks.Method.Name == ".cctor") {
diff --git a/de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs b/de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs
index 58d4c780..2cde2af0 100644
--- a/de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs
@@ -104,7 +104,7 @@ namespace de4dot.code.deobfuscators.Xenocode {
 		}
 
 		public override void deobfuscateEnd() {
-			if (Operations.DecryptStrings != OpDecryptString.None)
+			if (CanRemoveStringDecrypterType)
 				addTypeToBeRemoved(stringDecrypter.Type, "String decrypter type");
 			base.deobfuscateEnd();
 		}