inline pure functions transformer, sb27 complete deobf, partial grunt deobf

Author: EpicPlayerA10

deobfuscator-api/src/main/java/uwu/narumi/deobfuscator/api/helper/AsmMathHelper.java

@@ -28,7 +28,9 @@ public final class AsmMathHelper {
       IFLT, value -> value < 0,
       IFGE, value -> value >= 0,
       IFGT, value -> value > 0,
-      IFLE, value -> value <= 0
+      IFLE, value -> value <= 0,
+      IFNULL, Objects::isNull,
+      IFNONNULL, Objects::nonNull
   );
 
   private static final Map<Integer, BiPredicate<Integer, Integer>> TWO_VALUES_VALUE_CONDITION_PREDICATES = Map.of(
@@ -136,11 +138,11 @@ public static Number mathUnaryOperation(Number number, int opcode) {
     return MATH_UNARY_OPERATIONS.get(opcode).apply(number);
   }
 
-  public static boolean isOneValueCondition(int opcode) {
+  public static boolean isOneValueCondition(Integer opcode) {
     return ONE_VALUE_CONDITION_PREDICATES.containsKey(opcode);
   }
 
-  public static boolean condition(int value, int opcode) {
+  public static boolean condition(Integer value, int opcode) {
     return ONE_VALUE_CONDITION_PREDICATES.get(opcode).test(value);
   }
 
@@ -171,6 +173,13 @@ public static Optional<Boolean> predictIf(JumpInsnNode jumpInsn, Frame<OriginalS
             jumpInsn.getOpcode() // Opcode
         );
 
+        return Optional.of(ifResult);
+      } else if (constantValue.get() == null) {
+        boolean ifResult = AsmMathHelper.condition(
+            null, // Value
+            jumpInsn.getOpcode() // Opcode
+        );
+
         return Optional.of(ifResult);
       }
     } else if (AsmMathHelper.isTwoValuesCondition(jumpInsn.getOpcode())) {

deobfuscator-impl/src/test/java/uwu/narumi/deobfuscator/TestDeobfuscation.java

@@ -1,6 +1,6 @@
 package uwu.narumi.deobfuscator;
 
-import uwu.narumi.deobfuscator.api.transformer.ComposedTransformer;
+import uwu.narumi.deobfuscator.core.other.composed.ComposedGruntTransformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedHP888Transformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedSuperblaubeereTransformer;
 import uwu.narumi.deobfuscator.core.other.composed.ComposedUnknownObf1Transformer;
@@ -12,7 +12,6 @@
 import uwu.narumi.deobfuscator.core.other.impl.clean.peephole.UselessPopCleanTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.pool.InlineLocalVariablesTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.pool.InlineStaticFieldTransformer;
-import uwu.narumi.deobfuscator.core.other.impl.universal.AccessRepairTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.RemapperTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.StringBuilderTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.UniversalNumberTransformer;
@@ -190,12 +189,7 @@ protected void registerAll() {
 
     // Grunt
     test("Grunt Sample 1")
-        .transformers(
-            AccessRepairTransformer::new,
-            () -> new ComposedTransformer(true,
-                ComposedGeneralFlowTransformer::new,
-                InlineStaticFieldTransformer::new
-            ))
+        .transformers(ComposedGruntTransformer::new)
         .input(OutputType.MULTIPLE_CLASSES, InputType.CUSTOM_JAR, "grunt-obf.jar")
         .register();
 

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/composed/ComposedGruntTransformer.java

@@ -0,0 +1,27 @@
+package uwu.narumi.deobfuscator.core.other.composed;
+
+import uwu.narumi.deobfuscator.api.transformer.ComposedTransformer;
+import uwu.narumi.deobfuscator.core.other.composed.general.ComposedGeneralFlowTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.pool.InlineStaticFieldTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.universal.AccessRepairTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.universal.InlinePureFunctionsTransformer;
+
+/**
+ * https://github.com/SpartanB312/Grunt
+ */
+// TODO: String encryption
+public class ComposedGruntTransformer extends ComposedTransformer {
+  public ComposedGruntTransformer() {
+    super(
+        // Repair access
+        AccessRepairTransformer::new,
+        () -> new ComposedTransformer(true,
+            // Fix flow
+            ComposedGeneralFlowTransformer::new,
+            InlineStaticFieldTransformer::new,
+            // Inline pure functions
+            InlinePureFunctionsTransformer::new
+        )
+    );
+  }
+}

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/composed/ComposedSuperblaubeereTransformer.java

@@ -3,6 +3,8 @@
 import uwu.narumi.deobfuscator.api.transformer.ComposedTransformer;
 import uwu.narumi.deobfuscator.core.other.composed.general.ComposedPeepholeCleanTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.clean.LocalVariableNamesCleanTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.pool.InlineLocalVariablesTransformer;
+import uwu.narumi.deobfuscator.core.other.impl.universal.InlinePureFunctionsTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.pool.UniversalNumberPoolTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.universal.pool.UniversalStringPoolTransformer;
 import uwu.narumi.deobfuscator.core.other.impl.sb27.SuperblaubeereStringTransformer;
@@ -11,7 +13,6 @@
 /**
  * https://github.com/superblaubeere27/obfuscator
  */
-// TODO: Transform comparison methods
 public class ComposedSuperblaubeereTransformer extends ComposedTransformer {
   public ComposedSuperblaubeereTransformer() {
     super(
@@ -27,6 +28,9 @@ public ComposedSuperblaubeereTransformer() {
         SuperblaubeereStringTransformer::new,
         UniversalStringPoolTransformer::new,
 
+        InlinePureFunctionsTransformer::new,
+        InlineLocalVariablesTransformer::new,
+
         // Cleanup
         ComposedPeepholeCleanTransformer::new
     );

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/impl/pool/InlineLocalVariablesTransformer.java

@@ -1,15 +1,30 @@
 package uwu.narumi.deobfuscator.core.other.impl.pool;
 
 import org.objectweb.asm.tree.AbstractInsnNode;
+import org.objectweb.asm.tree.IincInsnNode;
 import org.objectweb.asm.tree.VarInsnNode;
 import org.objectweb.asm.tree.analysis.OriginalSourceValue;
+import uwu.narumi.deobfuscator.api.asm.MethodContext;
+import uwu.narumi.deobfuscator.api.asm.matcher.Match;
+import uwu.narumi.deobfuscator.api.asm.matcher.group.SequenceMatch;
+import uwu.narumi.deobfuscator.api.asm.matcher.impl.VarLoadMatch;
 import uwu.narumi.deobfuscator.api.helper.FramedInstructionsStream;
 import uwu.narumi.deobfuscator.api.transformer.Transformer;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * Inlines constant local variables
  */
 public class InlineLocalVariablesTransformer extends Transformer {
+  private static final Match VAR_STORE_LOAD_PAIR = SequenceMatch.of(
+      // Store
+      Match.of(ctx -> ctx.insn().isVarStore()).capture("store"),
+      // Load
+      Match.of(ctx -> ctx.insn().isVarLoad()).capture("load")
+  );
+
   @Override
   protected void transform() throws Exception {
     FramedInstructionsStream.of(this)
@@ -33,5 +48,39 @@ protected void transform() throws Exception {
             markChange();
           }
         });
+
+    // Find all variable store and load pairs
+    scopedClasses().forEach(classWrapper -> classWrapper.methods().forEach(methodNode -> {
+      // Count var usages
+      Map<Integer, Integer> varUsages = new HashMap<>(); // var index -> usage count
+      for (AbstractInsnNode insn : methodNode.instructions.toArray()) {
+        if (insn instanceof VarInsnNode && insn.isVarLoad()) {
+          varUsages.merge(((VarInsnNode) insn).var, 1, Integer::sum);
+        } else if (insn instanceof IincInsnNode) {
+          varUsages.merge(((IincInsnNode) insn).var, 1, Integer::sum);
+        }
+      }
+
+      // Now we can find pairs
+      MethodContext methodContext = MethodContext.of(classWrapper, methodNode);
+      VAR_STORE_LOAD_PAIR.findAllMatches(methodContext).forEach(match -> {
+        VarInsnNode varLoadInsn = (VarInsnNode) match.captures().get("load").insn();
+        VarInsnNode varStoreInsn = (VarInsnNode) match.captures().get("store").insn();
+        if (varLoadInsn.var != varStoreInsn.var) {
+          // If they are not the same variable, we cannot inline
+          return;
+        }
+        int varIndex = varLoadInsn.var;
+        if (varUsages.getOrDefault(varIndex, 0) > 1) {
+          // If the variable is used more than once, we cannot inline
+          return;
+        }
+
+        // Remove the variable completely and use stack value instead
+        match.removeAll();
+
+        markChange();
+      });
+    }));
   }
 }

deobfuscator-transformers/src/main/java/uwu/narumi/deobfuscator/core/other/impl/universal/InlinePureFunctionsTransformer.java

@@ -0,0 +1,177 @@
+package uwu.narumi.deobfuscator.core.other.impl.universal;
+
+import org.objectweb.asm.Opcodes;
+import org.objectweb.asm.Type;
+import org.objectweb.asm.tree.AbstractInsnNode;
+import org.objectweb.asm.tree.IincInsnNode;
+import org.objectweb.asm.tree.JumpInsnNode;
+import org.objectweb.asm.tree.LabelNode;
+import org.objectweb.asm.tree.MethodInsnNode;
+import org.objectweb.asm.tree.MethodNode;
+import org.objectweb.asm.tree.VarInsnNode;
+import uwu.narumi.deobfuscator.api.asm.MethodRef;
+import uwu.narumi.deobfuscator.api.transformer.Transformer;
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+/**
+ * Transformer that inlines pure functions, which are functions that do not have side effects
+ * and always return the same result for the same input.
+ */
+public class InlinePureFunctionsTransformer extends Transformer {
+  // List of opcodes that may cause a side effect.
+  private static final List<Integer> IMPURE_OPCODES = List.of(
+      GETFIELD,
+      GETSTATIC,
+      INVOKEDYNAMIC,
+      INVOKEINTERFACE,
+      INVOKESPECIAL,
+      INVOKESTATIC,
+      INVOKEVIRTUAL,
+      NEW,
+      PUTFIELD,
+      PUTSTATIC
+  );
+
+  private final boolean removePureMethods;
+
+  public InlinePureFunctionsTransformer() {
+    this(true);
+  }
+
+  public InlinePureFunctionsTransformer(boolean removePureMethods) {
+    this.removePureMethods = removePureMethods;
+  }
+
+  @Override
+  protected void transform() throws Exception {
+    Set<MethodRef> pureMethods = new HashSet<>();
+    scopedClasses().forEach(classWrapper -> classWrapper.methods().forEach(methodNode -> {
+      if (methodNode.instructions.size() == 0) {
+        return; // Skip empty methods
+      }
+      if (methodNode.name.equals("<init>") || methodNode.name.equals("<clinit>")) {
+        return; // Skip constructors and class initializers
+      }
+
+      boolean isPure = Arrays.stream(methodNode.instructions.toArray()).noneMatch(insn -> IMPURE_OPCODES.contains(insn.getOpcode()));
+
+      if (isPure) {
+        LOGGER.info("Detected pure function: {}#{}{}", classWrapper.name(), methodNode.name, methodNode.desc);
+
+        pureMethods.add(MethodRef.of(classWrapper.classNode(), methodNode));
+      }
+    }));
+
+    // Inline pure methods
+    scopedClasses().forEach(classWrapper -> classWrapper.methods().forEach(methodNode -> {
+      for (AbstractInsnNode insn : methodNode.instructions.toArray()) {
+        if (insn instanceof MethodInsnNode methodInsn) {
+          MethodRef methodCallRef = MethodRef.of(methodInsn);
+          if (pureMethods.contains(methodCallRef)) {
+            LOGGER.info("Inlining pure method: {} in {}#{}{}", methodCallRef, classWrapper.name(), methodNode.name, methodNode.desc);
+
+            // Inline the pure method
+            inlinePureMethod(methodNode, methodCallRef, methodInsn);
+
+            markChange();
+          }
+        }
+      }
+    }));
+
+    // Remove pure methods
+    if (removePureMethods) pureMethods.forEach(pureMethodRef -> context().removeMethod(pureMethodRef));
+  }
+
+  /**
+   * Inline a pure method into the caller method.
+   */
+  private void inlinePureMethod(MethodNode callerMethod, MethodRef pureMethodRef, MethodInsnNode methodCallerInsn) {
+    MethodNode pureMethod = context().getMethodContext(pureMethodRef).orElseThrow().methodNode();
+
+    // Insert var stores
+    int nextVarIndex = 0;
+    AbstractInsnNode anchorInsn = methodCallerInsn;
+    for (Type parameter : Type.getArgumentTypes(pureMethod.desc)) {
+      // Insert variable instructions for each parameter
+      int varIndex = callerMethod.maxLocals + nextVarIndex;
+      VarInsnNode insn = new VarInsnNode(parameter.getOpcode(Opcodes.ISTORE), varIndex);
+
+      callerMethod.instructions.insertBefore(anchorInsn, insn);
+
+      // Move to the next variable index
+      nextVarIndex += parameter.getSize();
+      anchorInsn = insn; // Anchor is important to insert instructions in the correct order
+    }
+
+    // Clone labels
+    Map<LabelNode, LabelNode> clonedLabels = Arrays.stream(pureMethod.instructions.toArray())
+        .filter(insn -> insn instanceof LabelNode)
+        .map(labelNode -> (LabelNode) labelNode)
+        .collect(Collectors.toMap(
+            labelNode -> labelNode,
+            labelNode -> new LabelNode()
+        ));
+
+    // Prepare end label
+    LabelNode endLabel = new LabelNode();
+    // Insert end label at the end of the caller method
+    callerMethod.instructions.insert(methodCallerInsn, endLabel);
+
+    // Copy the pure method instructions into the caller method
+    for (AbstractInsnNode pureInsn : pureMethod.instructions.toArray()) {
+      AbstractInsnNode clonedInsn = pureInsn.clone(clonedLabels);
+
+      // Remap the variable index
+      if (clonedInsn instanceof VarInsnNode varInsn) {
+        varInsn.var += callerMethod.maxLocals;
+      } else if (clonedInsn instanceof IincInsnNode iincInsn) {
+        iincInsn.var += callerMethod.maxLocals;
+      }
+
+      if (clonedInsn.getOpcode() >= IRETURN && clonedInsn.getOpcode() <= RETURN) {
+        // Instead of the return, insert jump to the end label
+        callerMethod.instructions.insertBefore(methodCallerInsn, new JumpInsnNode(GOTO, endLabel));
+      } else {
+        // Clone instruction as it is
+        callerMethod.instructions.insertBefore(methodCallerInsn, clonedInsn);
+      }
+    }
+
+    // Remove the method call instruction
+    callerMethod.instructions.remove(methodCallerInsn);
+
+    // Recompute max locals
+    callerMethod.maxLocals = computeMaxLocals(callerMethod);
+  }
+
+  private static int computeMaxLocals(final MethodNode method) {
+    int maxLocals = Type.getArgumentsAndReturnSizes(method.desc) >> 2;
+    if ((method.access & Opcodes.ACC_STATIC) != 0) {
+      maxLocals -= 1;
+    }
+    for (AbstractInsnNode insnNode : method.instructions) {
+      if (insnNode instanceof VarInsnNode) {
+        int local = ((VarInsnNode) insnNode).var;
+        int size =
+            (insnNode.getOpcode() == Opcodes.LLOAD
+                || insnNode.getOpcode() == Opcodes.DLOAD
+                || insnNode.getOpcode() == Opcodes.LSTORE
+                || insnNode.getOpcode() == Opcodes.DSTORE)
+                ? 2
+                : 1;
+        maxLocals = Math.max(maxLocals, local + size);
+      } else if (insnNode instanceof IincInsnNode) {
+        int local = ((IincInsnNode) insnNode).var;
+        maxLocals = Math.max(maxLocals, local + 1);
+      }
+    }
+    return maxLocals;
+  }
+}

testData/results/custom-classes/sb27/sample1/ConfigComplete.dec

@@ -6,18 +6,10 @@ import org.bukkit.command.TabCompleter;
 import org.bukkit.util.StringUtil;
 
 public class ConfigComplete implements TabCompleter {
-    private static boolean lIlllIlIIl(int var0, int var1) {
-        return var0 < var1;
-    }
-
-    private static boolean lIlllIlIII(int var0, int var1) {
-        return var0 == var1;
-    }
-
     public List<String> onTabComplete(CommandSender var1, Command var2, String var3, String[] var4) {
         ArrayList var5 = new ArrayList();
         ArrayList var6 = new ArrayList();
-        if (lIlllIlIII(var4.length, 1)) {
+        if (var4.length == 1) {
             var6.add("doBedExplode");
             var6.add("doBrutesSpawn");
             var6.add("oldPiglinDrop");