This ensures the bundler/deobfuscator can only see classes that are part
of the Java runtime, and not classes from the bundler/deobfuscator
themselves.
Signed-off-by: Graham <gpe@openrs2.dev>
The split is no longer required - we haven't run javah automatically
since splitting the natives out into a separate repository.
Signed-off-by: Graham <gpe@openrs2.dev>
Removes GOTO instructions that point to the next instruction, typically
left over from stripping exceptions inserted by the obfuscator.
Although modern decompilers can handle such GOTOs fine, removing them
makes for a nicer IR representation.
Signed-off-by: Major <major@emulate.rs>
It's possible that future versions of ASM will introduce additional
types of virtual node. Only counting real instructions should make this
more reliable.
Signed-off-by: Graham <gpe@openrs2.dev>
While it isn't useful for retaining the name of the constructor itself,
as they don't really have names, it will be useful for tracking argument
names and positions.
Signed-off-by: Graham <gpe@openrs2.dev>
The transformer does _not_ check for use via reflection. The only cases
in the 550 and OSRS clients where methods are accessed via reflection
are either 1) JRE classes, 2) when the method name is sent from the
server.
PSVM and methods declared in TypedRemapper.EXCLUDED_METHODS are never
removed.
Signed-off-by: Major <major@emulate.rs>
Fernflower fails to decompile any exception handler with an end_pc
(`to` in Fernflower nomenclature) equal to the length of the code array,
even though this is permitted in the class file spec. This transformer
inserts a NOP at the end of any code array that has such an exception
handler.
Signed-off-by: Major <major@emulate.rs>
This commit:
* Renames isMethodImmutable to isMethodRenamable and flips the value of
the boolean it outputs accordingly.
* Updates all uses of isMethodRenamable to account for this.
* Makes the internal implementation more similar to isClassRenamable.
Signed-off-by: Graham <gpe@openrs2.dev>
GETSTATIC, PUTSTATIC and INVOKESTATIC (strangely) use the same field and
method resolution algorithms as their non-static equivalents.
While this doesn't cause problems for 550, as the *STATIC instructions
seem to always refer to the class containing the static definition,
Major reports that OSRS clients sometimes change the owner to a
subclass. This broke the old transformer.
This commit fixes it by applying the old to new owner mapping to an
entire disjoint set at a time.
Signed-off-by: Graham <gpe@openrs2.dev>
This allows us to avoid needing to worry about manipulating stack frames
in individual transformers, which adds lots of complexity. It's much
easier to just make ASM generate them for us.
Signed-off-by: Graham <gpe@openrs2.dev>
Fernflower was previously placing constructors in the middle of instance
methods. They look much nicer at the top.
This commit also ensures static methods appear before instance methods.
By moving all the static fields in a single class in one go, we can just
combine the <clinit> methods together. This allows us to remove all the
really complicated logic for extracting initializers, and also allows us
to move the last few array fields with complex initializers.
Depending on the class loading order, moving them can result in arrays
being empty, which breaks the client's functionality (e.g. it can't get
past the JS5 CRC check).
The client scrambles static fields and methods - moving each to a
random class where it does not logically belong.
This transformer moves all static methods to a new set of empty classes.
The intention is that the human refactoring the deobfuscated client can
move the static methods around with an IDE to classes where it makes
sense.
In theory we could use heuristics to move some methods around - e.g.
ideas I have include:
* If the method takes no arguments, move it to the same class as its
return type.
* If it's a void method that takes one argument, move it to the same
class as its single argument.
* Group related methods together based on where they are called.
However, some of the heuristics are probably fairly complicated to
implement. Furthermore, as they are heuristics, they will make mistakes.
In the naive approach, the Static* classes generated by this transformer
effectively act as a queue of methods that a human has yet to move to an
appropriate class. If the Static* classes are ever emptied after
refactoring, then we will know that all static methods have been moved
to an appropriate class.
We wouldn't be able to guarantee this if some methods were moved to
Class* classes with heuristics. The heuristics would also be fairly
complicated to implement. Therefore, the transformer does not use
heuristics.
Field scrambling support will be included in a future commit.
The obfuscator (or compiler, potentially?) converts INVOKEVIRTUAL
instructions to INVOKESPECIAL in the following circumstances:
* The owner of the method is the same as the class containing the
INVOKE instruction.
* The owner's ACC_FINAL flag is set.
When those two conditions are met, and when ACC_SUPER is set on the
owner (which is always true in the RuneScape client, and the flag is
ignored in modern JVMs), then INVOKESPECIAL and INVOKEVIRTUAL are
equivalent.
This has not caused problems until now. However, the future static
scrambling transformer will break the first condition in some cases, as
it moves methods between classes.
This transformer reverses the obfuscation, such that INVOKEVIRTUAL is
used again. INVOKEVIRTUAL instructions may be moved between classes
without complication.
In Java 1.4 and earlier, the compiler creates a synthetic method for
invoking Class.forName() and a static field for caching the Class<?>
instance.
This will not interact well with the static scrambling transformer. The
obfuscator strips some synthetic flags. Furthermore, the field and
method need to be moved together with the code that uses them for
decompilers like Fernflower to recognise them and convert them back to
class literals.
If Fernflower misses one, the decompiled Class.forName() helper does not
compile cleanly (as the bytecode is missing a CHECKCAST).
Rather than complicating the future static scrambling transformer, it's
easier to convert these to use LDC and upgrade the .class file version
to Java 5.