2020-1-capstone-design1 / JJS_Project1

Go to a project
Toggle navigation Toggle navigation pinning
이한솔
ea70b69a 1 parent 3e93963c

보고서 및 발표자료 업로드

Inline Side-by-side
Showing 4 changed files with 570 additions and 95 deletions
...@@ -21,9 +21,11 @@ namespace { ...@@ -21,9 +21,11 @@ namespace {
21 bool inserted = false; 21 bool inserted = false;
22 std::ofstream functionFile("functions.txt", std::ios_base::app); 22 std::ofstream functionFile("functions.txt", std::ios_base::app);
23 if (functionFile.is_open()) { 23 if (functionFile.is_open()) {
24 + if (!F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL"))
24 functionFile << F.getName().str() << "\n"; 25 functionFile << F.getName().str() << "\n";
25 functionFile.close(); 26 functionFile.close();
26 } 27 }
28 + if (!F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL")) {
27 for (auto &BB : F) { 29 for (auto &BB : F) {
28 for (auto &I : BB) { 30 for (auto &I : BB) {
29 if (I.getOpcode() == Instruction::Ret) { 31 if (I.getOpcode() == Instruction::Ret) {
...@@ -41,6 +43,8 @@ namespace { ...@@ -41,6 +43,8 @@ namespace {
41 BB->setName("obfuscatedreturn"); 43 BB->setName("obfuscatedreturn");
42 } 44 }
43 } 45 }
46 +
47 + }
44 return true; 48 return true;
45 } 49 }
46 50
......
1 -#include "llvm/Pass.h" 1 +#include "llvm/IR/CFG.h"
2 #include "llvm/IR/Function.h" 2 #include "llvm/IR/Function.h"
3 -#include "llvm/IR/Module.h"
4 #include "llvm/IR/Instructions.h" 3 #include "llvm/IR/Instructions.h"
4 +#include "llvm/IR/Module.h"
5 +#include "llvm/Pass.h"
5 #include "llvm/Support/Alignment.h" 6 #include "llvm/Support/Alignment.h"
6 #include "llvm/Support/raw_ostream.h" 7 #include "llvm/Support/raw_ostream.h"
7 -#include "llvm/IR/CFG.h"
8 #include <fstream> 8 #include <fstream>
9 +#include <string>
9 using namespace llvm; 10 using namespace llvm;
10 11
11 namespace { 12 namespace {
12 - struct ReturnObfuscation : public FunctionPass { 13 +struct ReturnObfuscation : public FunctionPass {
13 static char ID; 14 static char ID;
14 - ReturnObfuscation() : FunctionPass(ID) { } 15 + ReturnObfuscation() : FunctionPass(ID) {}
15 -
16 -
17 16
18 bool runOnFunction(Function &F) override { 17 bool runOnFunction(Function &F) override {
18 + int num_this_function;
19 + int count;
19 size_t num_retblocks; 20 size_t num_retblocks;
20 Module *mod = F.getParent(); 21 Module *mod = F.getParent();
22 +
21 std::vector<Constant *> retblocks; 23 std::vector<Constant *> retblocks;
22 // 함수 가져오기 24 // 함수 가져오기
23 std::ifstream function_list; 25 std::ifstream function_list;
24 function_list.open("functions.txt"); 26 function_list.open("functions.txt");
25 std::vector<Function *> functions; 27 std::vector<Function *> functions;
28 + std::vector<Function *> functions2;
26 std::string line; 29 std::string line;
27 - while(getline(function_list, line)) { 30 + while (getline(function_list, line)) {
28 functions.push_back(mod->getFunction(line)); 31 functions.push_back(mod->getFunction(line));
29 } 32 }
33 + count = 0;
34 + bool inserted = false;
30 // 함수 별로 벡터에 집어넣기 35 // 함수 별로 벡터에 집어넣기
31 for (auto &Fn : functions) { 36 for (auto &Fn : functions) {
37 + inserted = false;
32 for (auto &BB : (*Fn)) { 38 for (auto &BB : (*Fn)) {
33 - if (BB.getName().equals("obfuscatedreturn")){ 39 + if (BB.getName().equals("obfuscatedreturn")) {
34 - Constant* retBlockAddress = BlockAddress::get(&BB); 40 + Constant *retBlockAddress = BlockAddress::get(&BB);
35 retblocks.push_back(retBlockAddress); 41 retblocks.push_back(retBlockAddress);
42 + if (!inserted)
43 + functions2.push_back(Fn);
44 + inserted = true;
36 } 45 }
37 } 46 }
38 } 47 }
39 48
49 + for (auto &Fn : functions2) {
50 + if (Fn->getName().equals(F.getName())) {
51 + errs() << "GOOD Num this function " << Fn->getName() << "\n";
52 + num_this_function = count;
53 + }
54 + count++;
55 + }
40 num_retblocks = retblocks.size(); 56 num_retblocks = retblocks.size();
41 57
42 - ArrayType* array_in = ArrayType::get(IntegerType::get(mod->getContext(), 8), 20); 58 + ArrayType *array_in =
43 - ArrayType* array_out = ArrayType::get(array_in, 50); 59 + ArrayType::get(IntegerType::get(mod->getContext(), 8), 30);
44 - PointerType* array_ptr = PointerType::get(array_out, 0); 60 + ArrayType *array_out = ArrayType::get(array_in, num_retblocks);
45 - ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("0"), 10)); 61 + ArrayType *array_retblock = ArrayType::get(
46 - std::vector<Type*> Func_deobfus_type_args; 62 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0),
47 - FunctionType* Func_deobfus_type = FunctionType::get( 63 + num_retblocks);
48 - IntegerType::get(mod->getContext(), 32), 64 + PointerType *array_ptr = PointerType::get(array_out, 0);
49 - Func_deobfus_type_args, 65 + ConstantInt *const_int_0 = ConstantInt::get(
50 - false 66 + mod->getContext(), APInt(32, StringRef(std::to_string(0)), 10));
51 - ); 67 + ConstantInt *const_int_1 = ConstantInt::get(
52 - 68 + mod->getContext(), APInt(32, StringRef(std::to_string(1)), 10));
53 - Function* Func_deobfus = mod->getFunction("func_deobfus"); 69 + ConstantInt *const_int_array_out = ConstantInt::get(
70 + mod->getContext(),
71 + APInt(32, StringRef(std::to_string(num_retblocks)), 10));
72 + ConstantInt *const_int_array_in = ConstantInt::get(
73 + mod->getContext(), APInt(32, StringRef(std::to_string(30)), 10));
74 + ConstantInt *const_int_xordata = ConstantInt::get(
75 + mod->getContext(), APInt(32, StringRef(std::to_string(0x33)), 10));
76 +
77 + std::vector<Type *> Func_deobfus_type_args;
78 + FunctionType *Func_deobfus_type = FunctionType::get(
79 + IntegerType::get(mod->getContext(), 32), Func_deobfus_type_args, false);
80 +
81 + Function *Func_deobfus = mod->getFunction("func_deobfus");
54 if (!Func_deobfus) { 82 if (!Func_deobfus) {
55 Func_deobfus = Function::Create( 83 Func_deobfus = Function::Create(
56 - Func_deobfus_type, 84 + Func_deobfus_type, GlobalValue::ExternalLinkage, "func_deobfus", mod);
57 - GlobalValue::ExternalLinkage,
58 - "func_deobfus", mod
59 - );
60 Func_deobfus->setCallingConv(CallingConv::C); 85 Func_deobfus->setCallingConv(CallingConv::C);
86 + }
61 AttributeList Func_deobfus_att_list; 87 AttributeList Func_deobfus_att_list;
62 SmallVector<AttributeList, 4> Attrs; 88 SmallVector<AttributeList, 4> Attrs;
63 AttributeList PAS; 89 AttributeList PAS;
...@@ -71,35 +97,457 @@ namespace { ...@@ -71,35 +97,457 @@ namespace {
71 Func_deobfus_att_list = AttributeList::get(mod->getContext(), Attrs); 97 Func_deobfus_att_list = AttributeList::get(mod->getContext(), Attrs);
72 Func_deobfus->setAttributes(Func_deobfus_att_list); 98 Func_deobfus->setAttributes(Func_deobfus_att_list);
73 if (Func_deobfus->size() == 0) { 99 if (Func_deobfus->size() == 0) {
74 - GlobalVariable* gvar_ret_inst_list = new GlobalVariable(*mod, 100 + PointerType *ret_func_ptr[10000];
75 - array_out, 101 + AllocaInst *ptr_this_ret[10000];
76 - false, 102 + StoreInst *void_17[10000];
77 - GlobalValue::ExternalLinkage, 103 + GlobalVariable *gvar_ret_inst_list =
78 - 0, 104 + new GlobalVariable(*mod, array_out, false, GlobalValue::CommonLinkage,
79 - "ret_inst_list"); 105 + 0, "ret_inst_list");
80 gvar_ret_inst_list->setAlignment(MaybeAlign(16)); 106 gvar_ret_inst_list->setAlignment(MaybeAlign(16));
107 + ConstantAggregateZero *const_array_6 =
108 + ConstantAggregateZero::get(array_out);
109 + gvar_ret_inst_list->setInitializer(const_array_6);
110 + // TODO : 없애기
111 + /*
112 + GlobalVariable *gvar_array_retblock =
113 + new GlobalVariable(*mod, array_retblock, false,
114 + GlobalValue::ExternalLinkage, 0, "array_retblock");
115 + gvar_array_retblock->setAlignment(MaybeAlign(16));
116 + */
81 117
82 - BasicBlock* obfus_entry = BasicBlock::Create(mod->getContext(), "entry", Func_deobfus); 118 + GlobalVariable *gvar_array_retblock =
119 + new GlobalVariable(*mod, array_retblock, false,
120 + GlobalValue::CommonLinkage, 0, "array_retblock");
121 + gvar_array_retblock->setAlignment(MaybeAlign(16));
122 + //TODO 고치기
123 +
124 + ConstantAggregateZero *const_array_7 =
125 + ConstantAggregateZero::get(array_retblock);
126 + gvar_array_retblock->setInitializer(const_array_7);
127 + BasicBlock *obfus_entry =
128 + BasicBlock::Create(mod->getContext(), "entry", Func_deobfus);
129 + BasicBlock *for_i_cond =
130 + BasicBlock::Create(mod->getContext(), "i_cond", Func_deobfus);
131 + BasicBlock *for_j_init =
132 + BasicBlock::Create(mod->getContext(), "j_init", Func_deobfus);
133 + BasicBlock *for_j_cond =
134 + BasicBlock::Create(mod->getContext(), "j_cond", Func_deobfus);
135 + BasicBlock *for_i_j =
136 + BasicBlock::Create(mod->getContext(), "i_j", Func_deobfus);
137 + BasicBlock *for_j_add =
138 + BasicBlock::Create(mod->getContext(), "j_add", Func_deobfus);
139 +
140 + BasicBlock *for_i_add =
141 + BasicBlock::Create(mod->getContext(), "i_add", Func_deobfus);
142 +
143 + BasicBlock *for_i_end =
144 + BasicBlock::Create(mod->getContext(), "i_end", Func_deobfus);
145 + std::vector<Constant *> const_ptr_blocks;
83 for (size_t i = 0; i < num_retblocks; i++) { 146 for (size_t i = 0; i < num_retblocks; i++) {
84 - PointerType* ret_func_ptr = PointerType::get(IntegerType::get(mod->getContext(), 8), 0); 147 + // Constant* const_blockaddress = BlockAddress::get(ret)
85 - AllocaInst* ptr_this_ret = new AllocaInst(ret_func_ptr, NULL, "ptr", obfus_entry);; 148 + // TODO: 꼭해야함
86 - StoreInst* void_17 = new StoreInst(retblocks[i], ptr_this_ret, false, obfus_entry); 149 + //const_ptr_blocks.push_back(retblocks[i]);
150 +
151 + std::vector<Constant *> const_ptr_16_indices;
152 + const_ptr_16_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
153 + const_ptr_16_indices.push_back(ConstantInt::get(
154 + mod->getContext(), APInt(64, StringRef(std::to_string(i)), 10)));
155 + Constant *const_ptr_16 = ConstantExpr::getGetElementPtr(
156 + array_retblock, gvar_array_retblock, const_ptr_16_indices);
157 + StoreInst *store_good =
158 + new StoreInst(retblocks[i], const_ptr_16, false, obfus_entry);
159 + store_good->setAlignment(MaybeAlign(16));
160 +
161 + /*
162 + std::vector<Value *> get_retblock_array_indices;
163 + get_retblock_array_indices.push_back(const_int_0);
164 + get_retblock_array_indices.push_back(ConstantInt::get(
165 + mod->getContext(), APInt(32, StringRef(std::to_string(i)), 10)));
166 + Instruction *get_retblock = GetElementPtrInst::Create(
167 + array_retblock, gvar_array_retblock, get_retblock_array_indices, "",
168 + obfus_entry);
169 + LoadInst *load_ret_block_arr =
170 + new LoadInst(get_retblock, "", false, obfus_entry);
171 + */
172 + /*
173 + ret_func_ptr[i] =
174 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
175 + ptr_this_ret[i] =
176 + new AllocaInst(ret_func_ptr[i], NULL, "ptr", obfus_entry);
177 + ;
178 + */
179 + // void_17[i] =
180 + // new StoreInst(retblocks[i], get_retblock, false, obfus_entry);
87 } 181 }
88 - ReturnInst::Create(mod->getContext(), const_int_0, obfus_entry);
89 182
183 + // TODO : 없애기
184 + /*
185 + Constant* array_ret_blocks_const = ConstantArray::get(array_retblock, const_ptr_blocks);
186 + gvar_array_retblock->setInitializer(array_ret_blocks_const);
187 + */
188 +
189 +
190 + // %i = alloca i32, align 4
191 + AllocaInst *ptr_i = new AllocaInst(
192 + IntegerType::get(mod->getContext(), 32), NULL, "i", obfus_entry);
193 + // %j = alloca i32, align 4
194 + AllocaInst *ptr_j = new AllocaInst(
195 + IntegerType::get(mod->getContext(), 32), NULL, "j", obfus_entry);
196 + StoreInst *str_i_0_1 =
197 + new StoreInst(const_int_0, ptr_i, false, obfus_entry);
198 + str_i_0_1->setAlignment(MaybeAlign(4));
199 + // br label %i_cond
200 + BranchInst::Create(for_i_cond, obfus_entry);
201 +
202 + // for_i_cond
203 + // %4 = load i32* %i, align 4
204 + LoadInst *load_i_1 = new LoadInst(ptr_i, "", false, for_i_cond);
205 + load_i_1->setAlignment(MaybeAlign(4));
206 + // %5 = icmp slt i32 %4, 50
207 + ICmpInst *i_cmp_1 = new ICmpInst(*for_i_cond, ICmpInst::ICMP_SLT,
208 + load_i_1, const_int_array_out, "");
209 + // br i1 %5, label %for_j_init, for_i_end
210 + BranchInst::Create(for_j_init, for_i_end, i_cmp_1, for_i_cond);
211 +
212 + // for_j_init
213 + StoreInst *str_j_0_1 =
214 + new StoreInst(const_int_0, ptr_j, false, for_j_init);
215 + str_j_0_1->setAlignment(MaybeAlign(4));
216 + BranchInst::Create(for_j_cond, for_j_init);
217 +
218 + // for_j_cond
219 + LoadInst *load_j_1 = new LoadInst(ptr_j, "", false, for_j_cond);
220 + load_j_1->setAlignment(MaybeAlign(4));
221 + // %5 = icmp slt i32 %4, 50
222 + ICmpInst *j_cmp_1 = new ICmpInst(*for_j_cond, ICmpInst::ICMP_SLT,
223 + load_j_1, const_int_array_in, "");
224 + // br i1 %5, label %for_j_init, for_i_end
225 + BranchInst::Create(for_i_j, for_i_add, j_cmp_1, for_j_cond);
226 +
227 + // for_i_j
228 + LoadInst *load_i_addc = new LoadInst(ptr_i, "", false, for_i_j);
229 + load_i_addc->setAlignment(MaybeAlign(4));
230 + CastInst *casted_i_addc = new SExtInst(
231 + load_i_addc, IntegerType::get(mod->getContext(), 64), "", for_i_j);
232 +
233 + std::vector<Value *> get_retblock_index_ptr_indices;
234 + get_retblock_index_ptr_indices.push_back(
235 + ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
236 + get_retblock_index_ptr_indices.push_back(casted_i_addc);
237 + Instruction *get_retblock_index_ptr = GetElementPtrInst::Create(
238 + array_retblock, gvar_array_retblock, get_retblock_index_ptr_indices,
239 + "", for_i_j);
240 +
241 + LoadInst *load_retblock_ptr = new LoadInst(get_retblock_index_ptr, "", false, for_i_j);
242 + load_retblock_ptr->setAlignment(MaybeAlign(8));
243 +
244 + LoadInst *load_j_addc = new LoadInst(ptr_j, "", false, for_i_j);
245 + load_j_addc->setAlignment(MaybeAlign(4));
246 +
247 + CastInst *casted_j_addc = new SExtInst(
248 + load_j_addc, IntegerType::get(mod->getContext(), 64), "", for_i_j);
249 +
250 + std::vector<Value *> get_retblock_index_ptr_value_indices;
251 + get_retblock_index_ptr_value_indices.push_back(casted_j_addc);
252 + Instruction *get_retblock_index_ptr_value = GetElementPtrInst::Create(
253 + IntegerType::get(mod->getContext(), 8), load_retblock_ptr, get_retblock_index_ptr_value_indices,
254 + "", for_i_j);
255 +
256 + LoadInst *load_retblock_index_ptr_value = new LoadInst(get_retblock_index_ptr_value, "", false, for_i_j);
257 + load_retblock_index_ptr_value->setAlignment(MaybeAlign(1)); // %5
258 +
259 + LoadInst *load_i_kkbc = new LoadInst(ptr_i, "", false, for_i_j);
260 + load_i_kkbc->setAlignment(MaybeAlign(4)); // 6
261 + CastInst *casted_i_kkbc = new SExtInst(
262 + load_i_kkbc, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom6
263 +
264 + std::vector<Value *> get_ret_inst_ptr_indices;
265 + get_ret_inst_ptr_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
266 + get_ret_inst_ptr_indices.push_back(casted_i_kkbc);
267 +
268 + Instruction *get_ret_inst_ptr = GetElementPtrInst::Create(
269 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices, "", for_i_j); //arrayidx7
270 + LoadInst *load_j_kkbc = new LoadInst(ptr_j, "", false, for_i_j);
271 + load_j_kkbc->setAlignment(MaybeAlign(4)); // 7
272 + CastInst *casted_j_kkbc = new SExtInst(
273 + load_j_kkbc, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom8
274 +
275 + std::vector<Value *> get_ret_inst_ptr_value_indices;
276 + get_ret_inst_ptr_value_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
277 + get_ret_inst_ptr_value_indices.push_back(casted_j_kkbc);
278 + Instruction *get_ret_inst_ptr_value = GetElementPtrInst::Create(
279 + array_in, get_ret_inst_ptr, get_ret_inst_ptr_value_indices, "", for_i_j); //arrayidx9
280 +
281 + StoreInst *store_data = new StoreInst(load_retblock_index_ptr_value, get_ret_inst_ptr_value, false, for_i_j);
282 + store_data->setAlignment(MaybeAlign(1));
283 +
284 + LoadInst *load_i_arrd = new LoadInst(ptr_i, "", false, for_i_j);
285 + load_i_arrd->setAlignment(MaybeAlign(4)); // 8
286 + CastInst *casted_i_arrd = new SExtInst(
287 + load_i_arrd, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom10
288 +
289 + std::vector<Value *> get_ret_inst_ptr_indices2;
290 + get_ret_inst_ptr_indices2.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
291 + get_ret_inst_ptr_indices2.push_back(casted_i_arrd);
292 + Instruction *get_ret_inst_ptr2 = GetElementPtrInst::Create(
293 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices2, "", for_i_j); //arrayidx7
294 +
295 + LoadInst *load_j_arrd = new LoadInst(ptr_j, "", false, for_i_j);
296 + load_j_arrd->setAlignment(MaybeAlign(4)); // 9
297 + CastInst *casted_j_arrd = new SExtInst(
298 + load_j_arrd, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom12
299 +
300 + std::vector<Value *> get_ret_inst_ptr_value_indices2;
301 + get_ret_inst_ptr_value_indices2.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
302 + get_ret_inst_ptr_value_indices2.push_back(casted_j_arrd);
303 + Instruction *get_ret_inst_ptr_value2 = GetElementPtrInst::Create(
304 + array_in, get_ret_inst_ptr2, get_ret_inst_ptr_value_indices2, "", for_i_j); //arrayidx13
305 +
306 + LoadInst *load_ret_inst_value = new LoadInst(get_ret_inst_ptr_value2, "", false, for_i_j);
307 + load_ret_inst_value->setAlignment(MaybeAlign(1)); // 10
308 +
309 + CastInst *cast_value = new SExtInst(
310 + load_ret_inst_value, IntegerType::get(mod->getContext(), 32), "", for_i_j); // conv
311 + BinaryOperator *xor_1 = BinaryOperator::Create(
312 + Instruction::Xor, cast_value, const_int_xordata, "", for_i_j); // xor
313 + CastInst *trunc_value = new TruncInst(
314 + xor_1, IntegerType::get(mod->getContext(), 8), "", for_i_j); // conv14
315 +
316 + LoadInst *load_i_kera = new LoadInst(ptr_i, "", false, for_i_j);
317 + load_i_kera->setAlignment(MaybeAlign(4)); // 11
318 + CastInst *casted_i_kera = new SExtInst(
319 + load_i_kera, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom15
320 +
321 + std::vector<Value *> get_ret_inst_ptr_indices3;
322 + get_ret_inst_ptr_indices3.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
323 + get_ret_inst_ptr_indices3.push_back(casted_i_kera);
324 + Instruction *get_ret_inst_ptr3 = GetElementPtrInst::Create(
325 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices3, "", for_i_j); //arrayidx16
326 +
327 + LoadInst *load_j_kera = new LoadInst(ptr_j, "", false, for_i_j);
328 + load_j_kera->setAlignment(MaybeAlign(4)); // 12
329 + CastInst *casted_j_kera = new SExtInst(
330 + load_j_kera, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom17
331 +
332 + std::vector<Value *> get_ret_inst_ptr_value_indices3;
333 + get_ret_inst_ptr_value_indices3.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
334 + get_ret_inst_ptr_value_indices3.push_back(casted_j_kera);
335 + Instruction *get_ret_inst_ptr_value3 = GetElementPtrInst::Create(
336 + array_in, get_ret_inst_ptr3, get_ret_inst_ptr_value_indices3, "", for_i_j); //arrayidx18
337 +
338 + StoreInst *store_xor_data = new StoreInst(trunc_value, get_ret_inst_ptr_value3, false, for_i_j);
339 + store_xor_data->setAlignment(MaybeAlign(1));
340 +
341 +
342 +/*
343 + std::vector<Value *> ptr_41_indices;
344 + ptr_41_indices.push_back(const_int_0);
345 + ptr_41_indices.push_back(casted_j_64_1);
346 + Instruction *ptr_41 = GetElementPtrInst::Create(
347 + array_in, ptr_40, ptr_41_indices, "", for_i_j);
348 +
349 + LoadInst *load_j_2 = new LoadInst(ptr_j, "", false, for_i_j);
350 + load_j_2->setAlignment(MaybeAlign(4));
351 + CastInst *casted_j_64_1 = new SExtInst(
352 + load_j_2, IntegerType::get(mod->getContext(), 64), "", for_i_j);
353 + LoadInst *load_i_2 = new LoadInst(ptr_i, "", false, for_i_j);
354 + load_i_2->setAlignment(MaybeAlign(4));
355 + CastInst *casted_i_64_1 = new SExtInst(
356 + load_i_2, IntegerType::get(mod->getContext(), 64), "", for_i_j);
357 +
358 + std::vector<Value *> get_retblock_array_indices;
359 + get_retblock_array_indices.push_back(const_int_0);
360 + get_retblock_array_indices.push_back(casted_i_64_1);
361 + Instruction *get_retblock =
362 + GetElementPtrInst::Create(array_retblock, gvar_array_retblock,
363 + get_retblock_array_indices, "", for_i_j);
364 + LoadInst *load_array = new LoadInst(get_retblock, "", false, for_i_j);
365 + load_array->setAlignment(MaybeAlign(4));
366 + Instruction *get_retblock_element = GetElementPtrInst::Create(
367 + cast<PointerType>(load_array->getType()->getScalarType())
368 + ->getElementType(),
369 + load_array, load_j_2, "arrayidx1", for_i_j);
370 + LoadInst *load_elem =
371 + new LoadInst(get_retblock_element, "", false, for_i_j);
372 + load_elem->setAlignment(MaybeAlign(1));
373 +
374 + std::vector<Value *> ptr_40_indices;
375 + ptr_40_indices.push_back(const_int_0);
376 + ptr_40_indices.push_back(casted_i_64_1);
377 + Instruction *ptr_40 = GetElementPtrInst::Create(
378 + array_out, gvar_ret_inst_list, ptr_40_indices, "", for_i_j);
379 + std::vector<Value *> ptr_41_indices;
380 + ptr_41_indices.push_back(const_int_0);
381 + ptr_41_indices.push_back(casted_j_64_1);
382 + Instruction *ptr_41 = GetElementPtrInst::Create(
383 + array_in, ptr_40, ptr_41_indices, "", for_i_j);
384 +
385 + StoreInst *store_elem = new StoreInst(load_elem, ptr_41, false, for_i_j);
386 + store_elem->setAlignment(MaybeAlign(1));
387 +
388 + LoadInst *int8_42 = new LoadInst(ptr_41, "", false, for_i_j);
389 + int8_42->setAlignment(MaybeAlign(1));
390 +
391 + CastInst *int32_43 = new SExtInst(
392 + int8_42, IntegerType::get(mod->getContext(), 32), "", for_i_j);
393 + BinaryOperator *int32_44 = BinaryOperator::Create(
394 + Instruction::Xor, int32_43, const_int_xordata, "", for_i_j);
395 + CastInst *int8_45 = new TruncInst(
396 + int32_44, IntegerType::get(mod->getContext(), 8), "", for_i_j);
397 + LoadInst *int32_46 = new LoadInst(ptr_j, "", false, for_i_j);
398 + int32_46->setAlignment(MaybeAlign(4));
399 + CastInst *int64_47 = new SExtInst(
400 + int32_46, IntegerType::get(mod->getContext(), 64), "", for_i_j);
401 + LoadInst *int32_48 = new LoadInst(ptr_i, "", false, for_i_j);
402 + int32_48->setAlignment(MaybeAlign(4));
403 + CastInst *int64_49 = new SExtInst(
404 + int32_48, IntegerType::get(mod->getContext(), 64), "", for_i_j);
405 + std::vector<Value *> ptr_50_indices;
406 + ptr_50_indices.push_back(const_int_0);
407 + ptr_50_indices.push_back(int64_49);
408 + Instruction *ptr_50 = GetElementPtrInst::Create(
409 + array_out, gvar_ret_inst_list, ptr_50_indices, "", for_i_j);
410 + std::vector<Value *> ptr_51_indices;
411 + ptr_51_indices.push_back(const_int_0);
412 + ptr_51_indices.push_back(int64_47);
413 + Instruction *ptr_51 = GetElementPtrInst::Create(
414 + array_in, ptr_50, ptr_51_indices, "", for_i_j);
415 + StoreInst *void_52 = new StoreInst(int8_45, ptr_51, false, for_i_j);
416 + void_52->setAlignment(MaybeAlign(4));
417 + */
418 + BranchInst::Create(for_j_add, for_i_j);
419 +
420 + // for_j_add
421 + LoadInst *load_j_5 = new LoadInst(ptr_j, "", false, for_j_add);
422 + load_j_5->setAlignment(MaybeAlign(4));
423 + BinaryOperator *add_j_1 = BinaryOperator::Create(
424 + Instruction::Add, load_j_5, const_int_1, "", for_j_add);
425 + StoreInst *void_56 = new StoreInst(add_j_1, ptr_j, false, for_j_add);
426 + void_56->setAlignment(MaybeAlign(4));
427 + BranchInst::Create(for_j_cond, for_j_add);
428 +
429 + // for_i_add
430 + LoadInst *load_i_5 = new LoadInst(ptr_i, "", false, for_i_add);
431 + load_i_5->setAlignment(MaybeAlign(4));
432 + BinaryOperator *add_i_1 = BinaryOperator::Create(
433 + Instruction::Add, load_i_5, const_int_1, "", for_i_add);
434 + StoreInst *stor_i_2 = new StoreInst(add_i_1, ptr_i, false, for_i_add);
435 + stor_i_2->setAlignment(MaybeAlign(4));
436 + BranchInst::Create(for_i_cond, for_i_add);
437 + /*
438 + Function *Func_Reset_Handler = mod->getFunction("Func_Reset_Handler");
439 + if (!Func_Reset_Handler) {
440 + Func_Reset_Handler =
441 + Function::Create(Func_deobfus_type, GlobalValue::ExternalLinkage,
442 + "Reset_Handler", mod);
443 + Func_Reset_Handler->setCallingConv(CallingConv::C);
444 + }
445 + CallInst *call_handler =
446 + CallInst::Create(Func_Reset_Handler, "", for_i_end);
447 + call_handler->setCallingConv(CallingConv::C);
448 + call_handler->setTailCall(false);
449 + AttributeList int32_25_PAL;
450 + call_handler->setAttributes(int32_25_PAL); */
451 + // for_i_end
452 + ReturnInst::Create(mod->getContext(), const_int_0, for_i_end);
453 + }
454 + /* else {
455 + GlobalVariable *gvar_ret_inst_list =
456 + new GlobalVariable(*mod, array_out, false,
457 + GlobalValue::ExternalLinkage, 0, "ret_inst_list");
458 + gvar_ret_inst_list->setAlignment(MaybeAlign(16));
459 + } */
460 +
461 + if (F.getName().equals("main")) {
462 + for (auto &BB : F) {
463 + for (auto &I : BB) {
464 + CallInst *int32_25 = CallInst::Create(Func_deobfus, "", &I);
465 + int32_25->setCallingConv(CallingConv::C);
466 + int32_25->setTailCall(false);
467 + AttributeList int32_25_PAL;
468 + int32_25->setAttributes(int32_25_PAL);
469 + break;
470 + }
471 + break;
472 + }
90 } 473 }
474 + errs() << F.getName() << "\n";
475 + if (!F.getName().contains("func_deobfus") &&
476 + !F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL")) {
477 + errs() << F.getName() << "\n";
478 + for (auto &BB : F) {
479 + if (BB.getName().equals("obfuscatedreturn")) {
480 + GlobalVariable *gvar_ret_inst_list =
481 + mod->getGlobalVariable("ret_inst_list");
482 + PointerType *PointerTy_31 =
483 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
484 + BasicBlock *jmp_to =
485 + BasicBlock::Create(mod->getContext(), "jmp_to", &F, &BB);
486 + BasicBlock *ret_jmp =
487 + BasicBlock::Create(mod->getContext(), "ret_jmp", &F, &BB);
488 + //AllocaInst *ptr_array =
489 + // new AllocaInst(array_out, NULL, "ptr_ret_array", jmp_to);
490 + AllocaInst *ptr_ptr3 =
491 + new AllocaInst(PointerTy_31, NULL, "ret_ptr_jmp", jmp_to);
492 + ptr_ptr3->setAlignment(MaybeAlign(8));
493 + for (BasicBlock *preds : predecessors(&BB)) {
494 + preds->getTerminator()->eraseFromParent();
495 + BranchInst::Create(jmp_to, preds);
91 } 496 }
497 + std::vector<Constant *> const_ptr_14_indices;
498 + const_ptr_14_indices.push_back(ConstantInt::get(
499 + mod->getContext(), APInt(64, StringRef("0"), 10)));
500 + const_ptr_14_indices.push_back(ConstantInt::get(
501 + mod->getContext(),
502 + APInt(64, StringRef(std::to_string(num_this_function)), 10)));
503 + const_ptr_14_indices.push_back(ConstantInt::get(
504 + mod->getContext(), APInt(64, StringRef("0"), 10)));
505 + Constant *const_ptr_14 = ConstantExpr::getGetElementPtr(
506 + array_out, gvar_ret_inst_list, const_ptr_14_indices);
507 + /*
508 + std::vector<Value *> ptr_175_indices;
509 + ptr_175_indices.push_back(const_int_0);
510 + ptr_175_indices.push_back(ConstantInt::get(
511 + mod->getContext(),
512 + APInt(32, StringRef(std::to_string(num_this_function)), 10)));
513 + errs() << num_this_function << "\n";
514 + Instruction *ptr_175 = GetElementPtrInst::Create(
515 + array_out, gvar_ret_inst_list, ptr_175_indices, "", jmp_to);
516 + std::vector<Value *> ptr_176_indices;
517 + ptr_176_indices.push_back(const_int_0);
518 + ptr_176_indices.push_back(const_int_0);
519 + Instruction *ptr_176 = GetElementPtrInst::Create(
520 + array_in, ptr_175, ptr_176_indices, "", jmp_to);
521 + */
522 + StoreInst *void_177 =
523 + new StoreInst(const_ptr_14, ptr_ptr3, false, jmp_to);
524 + void_177->setAlignment(MaybeAlign(8));
525 + LoadInst *ptr_178 = new LoadInst(ptr_ptr3, "", false, jmp_to);
526 + ptr_178->setAlignment(MaybeAlign(8));
527 + BranchInst::Create(ret_jmp, jmp_to);
528 +
529 + PHINode *ptr_181 = PHINode::Create(PointerTy_31, 1, "", ret_jmp);
530 + ptr_181->addIncoming(ptr_178, jmp_to);
531 +
532 + IndirectBrInst *void_182 =
533 + IndirectBrInst::Create(ptr_181, 1, ret_jmp);
534 + void_182->addDestination(&BB);
535 + }
536 + }
537 + }
538 +
92 /* 539 /*
93 Module* mod = F.getParent(); 540 Module* mod = F.getParent();
94 - ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(), 8), 12); 541 + ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(),
95 - PointerType* return_array_ptr = PointerType::get(return_array, 0); 542 + 8), 12); PointerType* return_array_ptr = PointerType::get(return_array, 0);
96 - PointerType* ret_func_ptr = PointerType::get(IntegerType::get(mod->getContext(), 8), 0); 543 + PointerType* ret_func_ptr =
97 - ConstantInt* const_int_1 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("1"), 10)); 544 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0); ConstantInt*
98 - ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("0"), 10)); 545 + const_int_1 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("1"),
99 - ConstantInt* const_int_20 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("12"), 10)); 546 + 10)); ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(),
100 - ConstantInt* const_int32_133 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("133"), 10)); 547 + APInt(32, StringRef("0"), 10)); ConstantInt* const_int_20 =
101 - AllocaInst* ptr_ret_array; 548 + ConstantInt::get(mod->getContext(), APInt(32, StringRef("12"), 10));
102 - AllocaInst* ptr_this_ret; 549 + ConstantInt* const_int32_133 = ConstantInt::get(mod->getContext(), APInt(32,
550 + StringRef("133"), 10)); AllocaInst* ptr_ret_array; AllocaInst* ptr_this_ret;
103 AllocaInst* ret_array_ptr; 551 AllocaInst* ret_array_ptr;
104 AllocaInst* ptr_i; 552 AllocaInst* ptr_i;
105 std::vector<Instruction *> instructions; 553 std::vector<Instruction *> instructions;
...@@ -109,11 +557,11 @@ namespace { ...@@ -109,11 +557,11 @@ namespace {
109 for (auto &BB : F) { 557 for (auto &BB : F) {
110 for (auto &I : BB) { 558 for (auto &I : BB) {
111 if(!inserted) { 559 if(!inserted) {
112 - ptr_ret_array = new AllocaInst(return_array, NULL, "ret_ptr", &I); 560 + ptr_ret_array = new AllocaInst(return_array, NULL, "ret_ptr",
113 - ptr_ret_array->setAlignment(MaybeAlign(1)); 561 + &I); ptr_ret_array->setAlignment(MaybeAlign(1)); ptr_this_ret = new
114 - ptr_this_ret = new AllocaInst(ret_func_ptr, NULL, "ptr", &I); 562 + AllocaInst(ret_func_ptr, NULL, "ptr", &I); ret_array_ptr = new
115 - ret_array_ptr = new AllocaInst(ret_func_ptr, NULL, "ptr2", &I); 563 + AllocaInst(ret_func_ptr, NULL, "ptr2", &I); ptr_i = new
116 - ptr_i = new AllocaInst(IntegerType::get(mod->getContext(), 32), NULL, "i", &I); 564 + AllocaInst(IntegerType::get(mod->getContext(), 32), NULL, "i", &I);
117 565
118 inserted=true; 566 inserted=true;
119 IndirectBrInst *a; 567 IndirectBrInst *a;
...@@ -130,9 +578,8 @@ namespace { ...@@ -130,9 +578,8 @@ namespace {
130 // One Instruction Basic Block has only one ret instructions 578 // One Instruction Basic Block has only one ret instructions
131 if (!BB->size() < 2) 579 if (!BB->size() < 2)
132 { 580 {
133 - BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(), BB->getName() + ".RetBlock"); 581 + BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(),
134 - RetBlocks.push_back(retblock); 582 + BB->getName() + ".RetBlock"); RetBlocks.push_back(retblock); } else {
135 - } else {
136 RetBlocks.push_back(BB); 583 RetBlocks.push_back(BB);
137 } 584 }
138 585
...@@ -146,14 +593,13 @@ namespace { ...@@ -146,14 +593,13 @@ namespace {
146 endFref = M->getFunctionList().end(); 593 endFref = M->getFunctionList().end();
147 curFref != endFref; ++curFref) { 594 curFref != endFref; ++curFref) {
148 for (auto& B: curFref->getBasicBlockList()) { 595 for (auto& B: curFref->getBasicBlockList()) {
149 - StoreInst* asdf = new StoreInst(retBlockAddress, ptr_this_ret, false, &B); 596 + StoreInst* asdf = new StoreInst(retBlockAddress, ptr_this_ret,
150 - asdf->setAlignment(MaybeAlign(4)); 597 + false, &B); asdf->setAlignment(MaybeAlign(4)); break;
151 - break;
152 } 598 }
153 599
154 } 600 }
155 - BasicBlock* decrypt_start = BasicBlock::Create(mod->getContext(), "dec_start", &F, BB); 601 + BasicBlock* decrypt_start = BasicBlock::Create(mod->getContext(),
156 - for (BasicBlock* preds : predecessors(BB)) { 602 + "dec_start", &F, BB); for (BasicBlock* preds : predecessors(BB)) {
157 preds->getTerminator()->eraseFromParent(); 603 preds->getTerminator()->eraseFromParent();
158 BranchInst::Create(decrypt_start, preds); 604 BranchInst::Create(decrypt_start, preds);
159 } 605 }
...@@ -162,13 +608,17 @@ namespace { ...@@ -162,13 +608,17 @@ namespace {
162 std::vector<Value*> ptr_to_retarray_indices; 608 std::vector<Value*> ptr_to_retarray_indices;
163 ptr_to_retarray_indices.push_back(const_int_0); 609 ptr_to_retarray_indices.push_back(const_int_0);
164 ptr_to_retarray_indices.push_back(const_int_0); 610 ptr_to_retarray_indices.push_back(const_int_0);
165 - GetElementPtrInst* ptr_to_retarray = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_to_retarray_indices, "arrayidx", decrypt_start); 611 + GetElementPtrInst* ptr_to_retarray =
612 + GetElementPtrInst::Create(return_array, ptr_ret_array,
613 + ptr_to_retarray_indices, "arrayidx", decrypt_start);
166 ptr_to_retarray->setIsInBounds(true); 614 ptr_to_retarray->setIsInBounds(true);
167 - StoreInst* store_to_ret_ptr = new StoreInst(ptr_to_retarray, ret_array_ptr, false, decrypt_start); 615 + StoreInst* store_to_ret_ptr = new StoreInst(ptr_to_retarray,
616 + ret_array_ptr, false, decrypt_start);
168 617
169 store_to_ret_ptr->setAlignment(MaybeAlign(4)); 618 store_to_ret_ptr->setAlignment(MaybeAlign(4));
170 619
171 - StoreInst* void_17 = new StoreInst(retBlockAddress, ptr_this_ret, false, decrypt_start); 620 + StoreInst* void_17 = new StoreInst(retBlockAddress, ptr_this_ret, false,
621 + decrypt_start);
172 622
173 ptr_this_ret->setAlignment(MaybeAlign(4)); 623 ptr_this_ret->setAlignment(MaybeAlign(4));
174 ret_array_ptr->setAlignment(MaybeAlign(4)); 624 ret_array_ptr->setAlignment(MaybeAlign(4));
...@@ -177,34 +627,40 @@ namespace { ...@@ -177,34 +627,40 @@ namespace {
177 627
178 628
179 629
180 - StoreInst* store_i_0 = new StoreInst(const_int_0, ptr_i, false, decrypt_start); 630 + StoreInst* store_i_0 = new StoreInst(const_int_0, ptr_i, false,
181 - store_i_0->setAlignment(MaybeAlign(4)); 631 + decrypt_start); store_i_0->setAlignment(MaybeAlign(4));
182 632
183 633
184 634
185 - BasicBlock* decrypt_cond = BasicBlock::Create(mod->getContext(), "dec_cond", &F, BB); 635 + BasicBlock* decrypt_cond = BasicBlock::Create(mod->getContext(),
636 + "dec_cond", &F, BB);
186 637
187 BranchInst::Create(decrypt_cond, decrypt_start); 638 BranchInst::Create(decrypt_cond, decrypt_start);
188 639
189 LoadInst* ldr_i_data = new LoadInst(ptr_i, "", false, decrypt_cond); 640 LoadInst* ldr_i_data = new LoadInst(ptr_i, "", false, decrypt_cond);
190 ldr_i_data->setAlignment(MaybeAlign(4)); 641 ldr_i_data->setAlignment(MaybeAlign(4));
191 - ICmpInst* cmp_i_with_20 = new ICmpInst(*decrypt_cond, ICmpInst::ICMP_SLT, ldr_i_data, const_int_20, "cmp"); 642 + ICmpInst* cmp_i_with_20 = new ICmpInst(*decrypt_cond,
643 + ICmpInst::ICMP_SLT, ldr_i_data, const_int_20, "cmp");
192 644
193 - BasicBlock* decrypt_ing = BasicBlock::Create(mod->getContext(), "dec_ing", &F, BB); 645 + BasicBlock* decrypt_ing = BasicBlock::Create(mod->getContext(),
194 - BasicBlock* decrypt_add = BasicBlock::Create(mod->getContext(), "dec_add", &F, BB); 646 + "dec_ing", &F, BB); BasicBlock* decrypt_add =
195 - BasicBlock* decrypt_end = BasicBlock::Create(mod->getContext(), "dec_end", &F, BB); 647 + BasicBlock::Create(mod->getContext(), "dec_add", &F, BB); BasicBlock*
196 - BranchInst::Create(decrypt_ing, decrypt_end, cmp_i_with_20, decrypt_cond); 648 + decrypt_end = BasicBlock::Create(mod->getContext(), "dec_end", &F, BB);
649 + BranchInst::Create(decrypt_ing, decrypt_end, cmp_i_with_20,
650 + decrypt_cond);
197 651
198 LoadInst* ldr_i_data_2 = new LoadInst(ptr_i, "", false, decrypt_ing); 652 LoadInst* ldr_i_data_2 = new LoadInst(ptr_i, "", false, decrypt_ing);
199 ldr_i_data_2->setAlignment(MaybeAlign(4)); 653 ldr_i_data_2->setAlignment(MaybeAlign(4));
200 - LoadInst* ldr_ptr_this_ret = new LoadInst(ptr_this_ret, "", false, decrypt_ing); 654 + LoadInst* ldr_ptr_this_ret = new LoadInst(ptr_this_ret, "", false,
201 - ldr_ptr_this_ret->setAlignment(MaybeAlign(4)); 655 + decrypt_ing); ldr_ptr_this_ret->setAlignment(MaybeAlign(4));
202 - GetElementPtrInst* get_func_ptr_idx = GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(), ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing); 656 + GetElementPtrInst* get_func_ptr_idx =
657 + GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(),
658 + ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing);
203 get_func_ptr_idx->setIsInBounds(true); 659 get_func_ptr_idx->setIsInBounds(true);
204 660
205 661
206 - LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false, decrypt_ing); 662 + LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false,
207 - ldr_func_ptr_idx->setAlignment(MaybeAlign(1)); 663 + decrypt_ing); ldr_func_ptr_idx->setAlignment(MaybeAlign(1));
208 664
209 LoadInst* ldr_i_data_3 = new LoadInst(ptr_i, "", false, decrypt_ing); 665 LoadInst* ldr_i_data_3 = new LoadInst(ptr_i, "", false, decrypt_ing);
210 ldr_i_data_3->setAlignment(MaybeAlign(4)); 666 ldr_i_data_3->setAlignment(MaybeAlign(4));
...@@ -212,9 +668,12 @@ namespace { ...@@ -212,9 +668,12 @@ namespace {
212 std::vector<Value*> ptr_retn_array_indices; 668 std::vector<Value*> ptr_retn_array_indices;
213 ptr_retn_array_indices.push_back(const_int_0); 669 ptr_retn_array_indices.push_back(const_int_0);
214 ptr_retn_array_indices.push_back(ldr_i_data_3); 670 ptr_retn_array_indices.push_back(ldr_i_data_3);
215 - GetElementPtrInst* get_retn_array_data_idx = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices, "arrayidx2", decrypt_ing); 671 + GetElementPtrInst* get_retn_array_data_idx =
672 + GetElementPtrInst::Create(return_array, ptr_ret_array,
673 + ptr_retn_array_indices, "arrayidx2", decrypt_ing);
216 get_retn_array_data_idx->setIsInBounds(true); 674 get_retn_array_data_idx->setIsInBounds(true);
217 - StoreInst* str_retn_array_data_idx = new StoreInst(ldr_func_ptr_idx, get_retn_array_data_idx, false, decrypt_ing); 675 + StoreInst* str_retn_array_data_idx = new StoreInst(ldr_func_ptr_idx,
676 + get_retn_array_data_idx, false, decrypt_ing);
218 str_retn_array_data_idx->setAlignment(MaybeAlign(1)); 677 str_retn_array_data_idx->setAlignment(MaybeAlign(1));
219 678
220 LoadInst* ldr_i_data_4 = new LoadInst(ptr_i, "", false, decrypt_ing); 679 LoadInst* ldr_i_data_4 = new LoadInst(ptr_i, "", false, decrypt_ing);
...@@ -223,15 +682,23 @@ namespace { ...@@ -223,15 +682,23 @@ namespace {
223 std::vector<Value*> ptr_retn_array_indices2; 682 std::vector<Value*> ptr_retn_array_indices2;
224 ptr_retn_array_indices2.push_back(const_int_0); 683 ptr_retn_array_indices2.push_back(const_int_0);
225 ptr_retn_array_indices2.push_back(ldr_i_data_4); 684 ptr_retn_array_indices2.push_back(ldr_i_data_4);
226 - GetElementPtrInst* get_retn_array_data_idx2 = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices2, "arrayidx3", decrypt_ing); 685 + GetElementPtrInst* get_retn_array_data_idx2 =
686 + GetElementPtrInst::Create(return_array, ptr_ret_array,
687 + ptr_retn_array_indices2, "arrayidx3", decrypt_ing);
227 get_retn_array_data_idx2->setIsInBounds(true); 688 get_retn_array_data_idx2->setIsInBounds(true);
228 - LoadInst* ldr_retn_array_data_idx2 = new LoadInst(get_retn_array_data_idx2, "", false, decrypt_ing); 689 + LoadInst* ldr_retn_array_data_idx2 = new
690 + LoadInst(get_retn_array_data_idx2, "", false, decrypt_ing);
229 ldr_retn_array_data_idx2->setAlignment(MaybeAlign(1)); 691 ldr_retn_array_data_idx2->setAlignment(MaybeAlign(1));
230 692
231 - CastInst* cast_retn_array_data_idx2 = new ZExtInst(ldr_retn_array_data_idx2, IntegerType::get(mod->getContext(), 32), "conv", decrypt_ing); 693 + CastInst* cast_retn_array_data_idx2 = new
232 - BinaryOperator* xor_retn_array_data_idx2 = BinaryOperator::Create(Instruction::Xor, cast_retn_array_data_idx2, const_int32_133, "xor", decrypt_ing); 694 + ZExtInst(ldr_retn_array_data_idx2, IntegerType::get(mod->getContext(), 32),
695 + "conv", decrypt_ing); BinaryOperator* xor_retn_array_data_idx2 =
696 + BinaryOperator::Create(Instruction::Xor, cast_retn_array_data_idx2,
697 + const_int32_133, "xor", decrypt_ing);
233 698
234 - CastInst* trun_retn_array_data_idx2 = new TruncInst(xor_retn_array_data_idx2, IntegerType::get(mod->getContext(), 8), "conv4", decrypt_ing); 699 + CastInst* trun_retn_array_data_idx2 = new
700 + TruncInst(xor_retn_array_data_idx2, IntegerType::get(mod->getContext(), 8),
701 + "conv4", decrypt_ing);
235 702
236 703
237 LoadInst* ldr_i_data_5 = new LoadInst(ptr_i, "", false, decrypt_ing); 704 LoadInst* ldr_i_data_5 = new LoadInst(ptr_i, "", false, decrypt_ing);
...@@ -240,40 +707,44 @@ namespace { ...@@ -240,40 +707,44 @@ namespace {
240 std::vector<Value*> ptr_retn_array_indices4; 707 std::vector<Value*> ptr_retn_array_indices4;
241 ptr_retn_array_indices4.push_back(const_int_0); 708 ptr_retn_array_indices4.push_back(const_int_0);
242 ptr_retn_array_indices4.push_back(ldr_i_data_5); 709 ptr_retn_array_indices4.push_back(ldr_i_data_5);
243 - GetElementPtrInst* get_retn_array_data_idx4 = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices4, "arrayidx5", decrypt_ing); 710 + GetElementPtrInst* get_retn_array_data_idx4 =
711 + GetElementPtrInst::Create(return_array, ptr_ret_array,
712 + ptr_retn_array_indices4, "arrayidx5", decrypt_ing);
244 get_retn_array_data_idx4->setIsInBounds(true); 713 get_retn_array_data_idx4->setIsInBounds(true);
245 - StoreInst* str_retn_array_data_idx4 = new StoreInst(trun_retn_array_data_idx2, get_retn_array_data_idx4, false, decrypt_ing); 714 + StoreInst* str_retn_array_data_idx4 = new
246 - str_retn_array_data_idx4->setAlignment(MaybeAlign(1)); 715 + StoreInst(trun_retn_array_data_idx2, get_retn_array_data_idx4, false,
716 + decrypt_ing); str_retn_array_data_idx4->setAlignment(MaybeAlign(1));
247 717
248 718
249 BranchInst::Create(decrypt_add, decrypt_ing); 719 BranchInst::Create(decrypt_add, decrypt_ing);
250 720
251 LoadInst* ldr_i_data_6 = new LoadInst(ptr_i, "", false, decrypt_add); 721 LoadInst* ldr_i_data_6 = new LoadInst(ptr_i, "", false, decrypt_add);
252 ldr_i_data_6->setAlignment(MaybeAlign(4)); 722 ldr_i_data_6->setAlignment(MaybeAlign(4));
253 - BinaryOperator* add_i_data_4 = BinaryOperator::Create(Instruction::Add, ldr_i_data_6, const_int_1, "", decrypt_add); 723 + BinaryOperator* add_i_data_4 = BinaryOperator::Create(Instruction::Add,
254 - StoreInst* str_i_data_4 = new StoreInst(add_i_data_4, ptr_i, false, decrypt_add); 724 + ldr_i_data_6, const_int_1, "", decrypt_add); StoreInst* str_i_data_4 = new
725 + StoreInst(add_i_data_4, ptr_i, false, decrypt_add);
255 str_i_data_4->setAlignment(MaybeAlign(4)); 726 str_i_data_4->setAlignment(MaybeAlign(4));
256 BranchInst::Create(decrypt_cond, decrypt_add); 727 BranchInst::Create(decrypt_cond, decrypt_add);
257 728
258 729
259 730
260 - LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false, decrypt_end); 731 + LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false,
261 - ldr_ret_array->setAlignment(MaybeAlign(4)); 732 + decrypt_end); ldr_ret_array->setAlignment(MaybeAlign(4));
262 733
263 - BasicBlock* dec_jmp = BasicBlock::Create(mod->getContext(), "dec_jmp", &F, BB); 734 + BasicBlock* dec_jmp = BasicBlock::Create(mod->getContext(), "dec_jmp",
264 - BranchInst::Create(dec_jmp, decrypt_end); 735 + &F, BB); BranchInst::Create(dec_jmp, decrypt_end);
265 736
266 PHINode* ptr_40 = PHINode::Create(ret_func_ptr, 1, "", dec_jmp); 737 PHINode* ptr_40 = PHINode::Create(ret_func_ptr, 1, "", dec_jmp);
267 ptr_40->addIncoming(ldr_ret_array, decrypt_end); 738 ptr_40->addIncoming(ldr_ret_array, decrypt_end);
268 - IndirectBrInst *void_41 = IndirectBrInst::Create(ldr_ret_array, 1, dec_jmp); 739 + IndirectBrInst *void_41 = IndirectBrInst::Create(ldr_ret_array, 1,
269 - void_41->addDestination(BB); 740 + dec_jmp); void_41->addDestination(BB); errs().write_escaped(F.getName()) <<
270 - errs().write_escaped(F.getName()) << " " << F.getParent()->getName() << '\n'; 741 + " " << F.getParent()->getName() << '\n';
271 } 742 }
272 */ 743 */
273 return true; 744 return true;
274 } 745 }
275 746
276 - }; // end of struct Hello 747 +}; // end of struct Hello
277 } // end of anonymous namespace 748 } // end of anonymous namespace
278 749
279 char ReturnObfuscation::ID = 0; 750 char ReturnObfuscation::ID = 0;
......