Merge branch 'master' into skater

2011-12-31 16:34:01 +01:00 · 2011-12-31 16:34:01 +01:00 · b3a29a7be1
commit b3a29a7be1
parent 8df6561061 e744e24a51
7 changed files with 51 additions and 58 deletions
--- a/blocks/MemberReferenceHelper.cs
+++ b/blocks/MemberReferenceHelper.cs
@ -53,6 +53,10 @@ namespace de4dot.blocks {
 			get { return tokenToValue.Count; }
 		}

+		public IEnumerable<TypeDefinition> getKeys() {
+			return refToKey.Values;
+		}
+
 		public IEnumerable<TValue> getAll() {
 			return tokenToValue.Values;
 		}
@ -126,6 +130,10 @@ namespace de4dot.blocks {
 			get { return tokenToValue.Count; }
 		}

+		public IEnumerable<FieldDefinition> getKeys() {
+			return refToKey.Values;
+		}
+
 		public IEnumerable<TValue> getAll() {
 			return tokenToValue.Values;
 		}
@ -209,6 +217,10 @@ namespace de4dot.blocks {
 			get { return tokenToValue.Count; }
 		}

+		public IEnumerable<MethodDefinition> getKeys() {
+			return refToKey.Values;
+		}
+
 		public IEnumerable<TValue> getAll() {
 			return tokenToValue.Values;
 		}
--- a/de4dot.code/StringDecrypter.cs
+++ b/de4dot.code/StringDecrypter.cs
@ -115,7 +115,7 @@ namespace de4dot.code {
 	}

 	class StaticStringDecrypter : StringDecrypter {
-		Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], string>> stringDecrypters = new Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], string>>();
+		MethodDefinitionAndDeclaringTypeDict<Func<MethodDefinition, object[], string>> stringDecrypters = new MethodDefinitionAndDeclaringTypeDict<Func<MethodDefinition, object[], string>>();

 		public bool HasHandlers {
 			get { return stringDecrypters.Count != 0; }
@ -124,35 +124,35 @@ namespace de4dot.code {
 		public IEnumerable<MethodDefinition> Methods {
 			get {
 				var list = new List<MethodDefinition>(stringDecrypters.Count);
-				foreach (var key in stringDecrypters.Keys)
-					list.Add((MethodDefinition)key.MethodReference);
+				foreach (var method in stringDecrypters.getKeys())
+					list.Add(method);
 				return list;
 			}
 		}

 		class MyCallResult : CallResult {
-			public MethodReferenceAndDeclaringTypeKey methodKey;
+			public MethodReference methodReference;
 			public MyCallResult(Block block, int callEndIndex, MethodReference method)
 				: base(block, callEndIndex) {
-				this.methodKey = new MethodReferenceAndDeclaringTypeKey(method);
+				this.methodReference = method;
 			}
 		}

 		public void add(MethodDefinition method, Func<MethodDefinition, object[], string> handler) {
 			if (method != null)
-				stringDecrypters[new MethodReferenceAndDeclaringTypeKey(method)] = handler;
+				stringDecrypters.add(method, handler);
 		}

 		protected override void inlineAllCalls() {
 			foreach (var tmp in callResults) {
 				var callResult = (MyCallResult)tmp;
-				var handler = stringDecrypters[callResult.methodKey];
-				callResult.returnValue = handler((MethodDefinition)callResult.methodKey.MethodReference, callResult.args);
+				var handler = stringDecrypters.find(callResult.methodReference);
+				callResult.returnValue = handler((MethodDefinition)callResult.methodReference, callResult.args);
 			}
 		}

 		protected override CallResult createCallResult(MethodReference method, Block block, int callInstrIndex) {
-			if (!stringDecrypters.ContainsKey(new MethodReferenceAndDeclaringTypeKey(method)))
+			if (stringDecrypters.find(method) == null)
 				return null;
 			return new MyCallResult(block, callInstrIndex, method);
 		}
--- a/de4dot.code/deobfuscators/DeobfuscatorBase.cs
+++ b/de4dot.code/deobfuscators/DeobfuscatorBase.cs
@ -171,8 +171,8 @@ namespace de4dot.code.deobfuscators {
 		}

 		class MethodCallRemover {
-			Dictionary<string, Dictionary<MethodReferenceAndDeclaringTypeKey, bool>> methodNameInfos = new Dictionary<string, Dictionary<MethodReferenceAndDeclaringTypeKey, bool>>(StringComparer.Ordinal);
-			Dictionary<MethodReferenceAndDeclaringTypeKey, Dictionary<MethodReferenceAndDeclaringTypeKey, bool>> methodRefInfos = new Dictionary<MethodReferenceAndDeclaringTypeKey, Dictionary<MethodReferenceAndDeclaringTypeKey, bool>>();
+			Dictionary<string, MethodDefinitionAndDeclaringTypeDict<bool>> methodNameInfos = new Dictionary<string, MethodDefinitionAndDeclaringTypeDict<bool>>();
+			MethodDefinitionAndDeclaringTypeDict<MethodDefinitionAndDeclaringTypeDict<bool>> methodRefInfos = new MethodDefinitionAndDeclaringTypeDict<MethodDefinitionAndDeclaringTypeDict<bool>>();

 			void checkMethod(MethodReference methodToBeRemoved) {
 				if (methodToBeRemoved.Parameters.Count != 0)
@ -181,27 +181,26 @@ namespace de4dot.code.deobfuscators {
 					throw new ApplicationException(string.Format("Method has a return value: {0}", methodToBeRemoved));
 			}

-			public void add(string method, MethodReference methodToBeRemoved) {
+			public void add(string method, MethodDefinition methodToBeRemoved) {
 				if (methodToBeRemoved == null)
 					return;
 				checkMethod(methodToBeRemoved);

-				Dictionary<MethodReferenceAndDeclaringTypeKey, bool> dict;
+				MethodDefinitionAndDeclaringTypeDict<bool> dict;
 				if (!methodNameInfos.TryGetValue(method, out dict))
-					methodNameInfos[method] = dict = new Dictionary<MethodReferenceAndDeclaringTypeKey, bool>();
-				dict[new MethodReferenceAndDeclaringTypeKey(methodToBeRemoved)] = true;
+					methodNameInfos[method] = dict = new MethodDefinitionAndDeclaringTypeDict<bool>();
+				dict.add(methodToBeRemoved, true);
 			}

-			public void add(MethodDefinition method, MethodReference methodToBeRemoved) {
+			public void add(MethodDefinition method, MethodDefinition methodToBeRemoved) {
 				if (method == null || methodToBeRemoved == null)
 					return;
 				checkMethod(methodToBeRemoved);

-				Dictionary<MethodReferenceAndDeclaringTypeKey, bool> dict;
-				var methodKey = new MethodReferenceAndDeclaringTypeKey(method);
-				if (!methodRefInfos.TryGetValue(methodKey, out dict))
-					methodRefInfos[methodKey] = dict = new Dictionary<MethodReferenceAndDeclaringTypeKey, bool>();
-				dict[new MethodReferenceAndDeclaringTypeKey(methodToBeRemoved)] = true;
+				var dict = methodRefInfos.find(method);
+				if (dict == null)
+					methodRefInfos.add(method, dict = new MethodDefinitionAndDeclaringTypeDict<bool>());
+				dict.add(methodToBeRemoved, true);
 			}

 			public void removeAll(Blocks blocks) {
@ -212,7 +211,7 @@ namespace de4dot.code.deobfuscators {
 			}

 			void removeAll(IList<Block> allBlocks, Blocks blocks, string method) {
-				Dictionary<MethodReferenceAndDeclaringTypeKey, bool> info;
+				MethodDefinitionAndDeclaringTypeDict<bool> info;
 				if (!methodNameInfos.TryGetValue(method, out info))
 					return;

@ -220,14 +219,14 @@ namespace de4dot.code.deobfuscators {
 			}

 			void removeAll(IList<Block> allBlocks, Blocks blocks, MethodDefinition method) {
-				Dictionary<MethodReferenceAndDeclaringTypeKey, bool> info;
-				if (!methodRefInfos.TryGetValue(new MethodReferenceAndDeclaringTypeKey(method), out info))
+				var info = methodRefInfos.find(method);
+				if (info == null)
 					return;

 				removeCalls(allBlocks, blocks, info);
 			}

-			void removeCalls(IList<Block> allBlocks, Blocks blocks, Dictionary<MethodReferenceAndDeclaringTypeKey, bool> info) {
+			void removeCalls(IList<Block> allBlocks, Blocks blocks, MethodDefinitionAndDeclaringTypeDict<bool> info) {
 				var instrsToDelete = new List<int>();
 				foreach (var block in allBlocks) {
 					instrsToDelete.Clear();
@ -239,8 +238,7 @@ namespace de4dot.code.deobfuscators {
 						if (destMethod == null)
 							continue;

-						var key = new MethodReferenceAndDeclaringTypeKey(destMethod);
-						if (info.ContainsKey(key)) {
+						if (info.find(destMethod)) {
 							Log.v("Removed call to {0}", destMethod);
 							instrsToDelete.Add(i);
 						}
@ -250,19 +248,19 @@ namespace de4dot.code.deobfuscators {
 			}
 		}

-		public void addCctorInitCallToBeRemoved(MethodReference methodToBeRemoved) {
+		public void addCctorInitCallToBeRemoved(MethodDefinition methodToBeRemoved) {
 			methodCallRemover.add(".cctor", methodToBeRemoved);
 		}

-		public void addModuleCctorInitCallToBeRemoved(MethodReference methodToBeRemoved) {
+		public void addModuleCctorInitCallToBeRemoved(MethodDefinition methodToBeRemoved) {
 			methodCallRemover.add(DotNetUtils.getMethod(DotNetUtils.getModuleType(module), ".cctor"), methodToBeRemoved);
 		}

-		public void addCtorInitCallToBeRemoved(MethodReference methodToBeRemoved) {
+		public void addCtorInitCallToBeRemoved(MethodDefinition methodToBeRemoved) {
 			methodCallRemover.add(".ctor", methodToBeRemoved);
 		}

-		public void addCallToBeRemoved(MethodDefinition method, MethodReference methodToBeRemoved) {
+		public void addCallToBeRemoved(MethodDefinition method, MethodDefinition methodToBeRemoved) {
 			methodCallRemover.add(method, methodToBeRemoved);
 		}

@ -649,11 +647,6 @@ namespace de4dot.code.deobfuscators {
 			return false;
 		}

-		static void addMethods(TypeDefinition type, Dictionary<MethodReferenceAndDeclaringTypeKey, bool> methods) {
-			foreach (var method in type.Methods)
-				methods[new MethodReferenceAndDeclaringTypeKey(method)] = true;
-		}
-
 		public static int convert(bool b) {
 			return b ? 1 : 0;
 		}
--- a/de4dot.code/deobfuscators/dotNET_Reactor/v4/BoolValueInliner.cs
+++ b/de4dot.code/deobfuscators/dotNET_Reactor/v4/BoolValueInliner.cs
@ -24,13 +24,13 @@ using de4dot.blocks;

 namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 	class BoolValueInliner : MethodReturnValueInliner {
-		Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], bool>> boolDecrypters = new Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], bool>>();
+		MethodDefinitionAndDeclaringTypeDict<Func<MethodDefinition, object[], bool>> boolDecrypters = new MethodDefinitionAndDeclaringTypeDict<Func<MethodDefinition, object[], bool>>();

 		class MyCallResult : CallResult {
-			public MethodReferenceAndDeclaringTypeKey methodKey;
+			public MethodReference methodReference;
 			public MyCallResult(Block block, int callEndIndex, MethodReference method)
 				: base(block, callEndIndex) {
-				this.methodKey = new MethodReferenceAndDeclaringTypeKey(method);
+				this.methodReference = method;
 			}
 		}

@ -40,7 +40,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {

 		public void add(MethodDefinition method, Func<MethodDefinition, object[], bool> handler) {
 			if (method != null)
-				boolDecrypters[new MethodReferenceAndDeclaringTypeKey(method)] = handler;
+				boolDecrypters.add(method, handler);
 		}

 		protected override void inlineReturnValues(IList<CallResult> callResults) {
@ -56,13 +56,13 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 		protected override void inlineAllCalls() {
 			foreach (var tmp in callResults) {
 				var callResult = (MyCallResult)tmp;
-				var handler = boolDecrypters[callResult.methodKey];
-				callResult.returnValue = handler((MethodDefinition)callResult.methodKey.MethodReference, callResult.args);
+				var handler = boolDecrypters.find(callResult.methodReference);
+				callResult.returnValue = handler((MethodDefinition)callResult.methodReference, callResult.args);
 			}
 		}

 		protected override CallResult createCallResult(MethodReference method, Block block, int callInstrIndex) {
-			if (!boolDecrypters.ContainsKey(new MethodReferenceAndDeclaringTypeKey(method)))
+			if (boolDecrypters.find(method) == null)
 				return null;
 			return new MyCallResult(block, callInstrIndex, method);
 		}
--- a/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs
@ -493,7 +493,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 			startedDeobfuscating = true;
 		}

-		void addEntryPointCallToBeRemoved(MethodReference methodToBeRemoved) {
+		void addEntryPointCallToBeRemoved(MethodDefinition methodToBeRemoved) {
 			var entryPoint = module.EntryPoint;
 			addCallToBeRemoved(entryPoint, methodToBeRemoved);
 			foreach (var info in DotNetUtils.getCalledMethods(module, entryPoint))
--- a/de4dot.code/deobfuscators/dotNET_Reactor/v4/EncryptedResource.cs
+++ b/de4dot.code/deobfuscators/dotNET_Reactor/v4/EncryptedResource.cs
@ -155,12 +155,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 			if (encryptedDataResource == null || key == null || iv == null)
 				throw new ApplicationException("Can't decrypt resource");

-			using (var aes = new RijndaelManaged { Mode = CipherMode.CBC }) {
-				using (var transform = aes.CreateDecryptor(key, iv)) {
-					var encryptedData = encryptedDataResource.GetResourceData();
-					return transform.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
-				}
-			}
+			return DeobUtils.aesDecrypt(encryptedDataResource.GetResourceData(), key, iv);
 		}

 		public byte[] encrypt(byte[] data) {
--- a/de4dot.code/deobfuscators/dotNET_Reactor/v4/StringDecrypter.cs
+++ b/de4dot.code/deobfuscators/dotNET_Reactor/v4/StringDecrypter.cs
@ -20,7 +20,6 @@
 using System;
 using System.Text;
 using System.Collections.Generic;
-using System.Security.Cryptography;
 using Mono.Cecil;
 using Mono.Cecil.Cil;
 using de4dot.blocks;
@ -249,13 +248,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 				else
 					throw new ApplicationException("Unknown string decrypter version");

-				byte[] decryptedStringData;
-				using (var aes = new RijndaelManaged { Mode = CipherMode.CBC }) {
-					using (var transform = aes.CreateDecryptor(info.key, info.iv)) {
-						decryptedStringData = transform.TransformFinalBlock(encryptedStringData, 0, encryptedStringData.Length);
-					}
-				}
-				return Encoding.Unicode.GetString(decryptedStringData);
+				return Encoding.Unicode.GetString(DeobUtils.aesDecrypt(encryptedStringData, info.key, info.iv));
 			}
 		}