├── settings.gradle
├── app
├── src
│ └── main
│ │ ├── res
│ │ ├── values
│ │ │ ├── strings.xml
│ │ │ ├── colors.xml
│ │ │ └── styles.xml
│ │ ├── mipmap-hdpi
│ │ │ ├── ic_launcher.png
│ │ │ └── ic_launcher_round.png
│ │ ├── mipmap-mdpi
│ │ │ ├── ic_launcher.png
│ │ │ └── ic_launcher_round.png
│ │ ├── mipmap-xhdpi
│ │ │ ├── ic_launcher.png
│ │ │ └── ic_launcher_round.png
│ │ ├── mipmap-xxhdpi
│ │ │ ├── ic_launcher.png
│ │ │ └── ic_launcher_round.png
│ │ ├── mipmap-xxxhdpi
│ │ │ ├── ic_launcher.png
│ │ │ └── ic_launcher_round.png
│ │ ├── values-v21
│ │ │ └── styles.xml
│ │ ├── mipmap-anydpi-v26
│ │ │ ├── ic_launcher.xml
│ │ │ └── ic_launcher_round.xml
│ │ ├── drawable
│ │ │ ├── capsule.xml
│ │ │ └── ic_launcher_background.xml
│ │ ├── layout
│ │ │ ├── activity_main2.xml
│ │ │ └── activity_main.xml
│ │ └── drawable-v24
│ │ │ └── ic_launcher_foreground.xml
│ │ ├── jni
│ │ ├── Application.mk
│ │ ├── Substrate
│ │ │ ├── SymbolFinder.h
│ │ │ ├── SubstrateHook.h
│ │ │ ├── SubstrateDebug.hpp
│ │ │ ├── Buffer.hpp
│ │ │ ├── SubstrateLog.hpp
│ │ │ ├── SubstrateARM.hpp
│ │ │ ├── SubstratePosixMemory.cpp
│ │ │ ├── hde64.h
│ │ │ ├── SubstrateDebug.cpp
│ │ │ ├── table64.h
│ │ │ ├── CydiaSubstrate.h
│ │ │ ├── SubstrateX86.hpp
│ │ │ ├── hde64.c
│ │ │ └── SymbolFinder.cpp
│ │ ├── KittyMemory
│ │ │ ├── KittyUtils.h
│ │ │ ├── MemoryBackup.h
│ │ │ ├── MemoryPatch.h
│ │ │ ├── MemoryBackup.cpp
│ │ │ ├── KittyUtils.cpp
│ │ │ ├── KittyMemory.cpp
│ │ │ ├── MemoryPatch.cpp
│ │ │ └── KittyMemory.h
│ │ ├── And64InlineHook
│ │ │ ├── README.md
│ │ │ ├── LICENSE
│ │ │ ├── And64InlineHook.hpp
│ │ │ └── And64InlineHook.cpp
│ │ ├── Includes
│ │ │ ├── Vector3.h
│ │ │ ├── Rect.h
│ │ │ ├── Logger.h
│ │ │ ├── Color.h
│ │ │ ├── Quaternion.h
│ │ │ ├── Unity.h
│ │ │ ├── Utils.h
│ │ │ ├── obfuscate.h
│ │ │ └── Vector2.h
│ │ ├── Android.mk
│ │ └── Main.cpp
│ │ ├── AndroidManifest.xml
│ │ └── java
│ │ └── com
│ │ └── simplefucker
│ │ ├── source
│ │ └── SavedPrefs.java
│ │ └── MainActivity.java
├── proguard-rules.pro
├── build.gradle
└── app.iml
├── gradle
└── wrapper
│ └── gradle-wrapper.properties
├── local.properties
├── README.md
├── gradle.properties
├── FloatingModMenu.iml
├── gradlew.bat
└── gradlew
/settings.gradle:
--------------------------------------------------------------------------------
1 | include ':app'
2 |
--------------------------------------------------------------------------------
/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 |
2 | Anti Clown By Kolan and Ise
3 |
4 |
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | #202020
4 |
5 |
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SliceCast/Android-Mod-SubMenu/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/jni/Application.mk:
--------------------------------------------------------------------------------
1 | APP_ABI := armeabi-v7a arm64-v8a x86
2 | #APP_PLATFORM := android-18 #APP_PLATFORM does not need to be set. It will automatically defaulting
3 | APP_STL := c++_static
4 | APP_OPTIM := release
5 | APP_THIN_ARCHIVE := true
6 | APP_PIE := true
7 |
--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Sat Oct 24 18:32:28 CEST 2020
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | zipStoreBase=GRADLE_USER_HOME
5 | zipStorePath=wrapper/dists
6 | distributionUrl=https\://services.gradle.org/distributions/gradle-6.5-all.zip
7 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/SymbolFinder.h:
--------------------------------------------------------------------------------
1 | #ifndef SYMBOL_FINDER
2 | #define SYMBOL_FINDER
3 |
4 | #include
5 |
6 | extern int find_name(pid_t pid, const char *name,const char *libn, unsigned long *addr);
7 | extern int find_libbase(pid_t pid, const char *libn, unsigned long *addr);
8 | #endif
--------------------------------------------------------------------------------
/app/src/main/res/values/styles.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
7 |
8 |
--------------------------------------------------------------------------------
/app/src/main/res/values-v21/styles.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
8 |
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/app/src/main/res/drawable/capsule.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/app/src/main/jni/KittyMemory/KittyUtils.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | namespace KittyUtils {
7 |
8 | bool validateHexString(std::string &xstr);
9 | void toHex(void *const data, const size_t dataLength, std::string &dest);
10 | void fromHex(const std::string &in, void *const data);
11 |
12 | }
--------------------------------------------------------------------------------
/local.properties:
--------------------------------------------------------------------------------
1 | ## This file must *NOT* be checked into Version Control Systems,
2 | # as it contains information specific to your local configuration.
3 | #
4 | # Location of the SDK. This is only used by Gradle.
5 | # For customization when using a Version Control System, please read the
6 | # header note.
7 | #Sun Apr 18 15:06:47 YEKT 2021
8 | sdk.dir=C\:\\Users\\vaka\\AppData\\Local\\Android\\Sdk
9 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/SubstrateHook.h:
--------------------------------------------------------------------------------
1 | #ifndef __SUBSTRATEHOOK_H__
2 | #define __SUBSTRATEHOOK_H__
3 |
4 |
5 | #include
6 |
7 | #define _extern extern "C" __attribute__((__visibility__("hidden")))
8 |
9 | #ifdef __cplusplus
10 | extern "C" {
11 | #endif
12 |
13 | void MSHookFunction(void *symbol, void *replace, void **result);
14 |
15 | #ifdef __cplusplus
16 | }
17 | #endif
18 |
19 | #endif
20 |
--------------------------------------------------------------------------------
/app/src/main/res/layout/activity_main2.xml:
--------------------------------------------------------------------------------
1 |
2 |
8 |
--------------------------------------------------------------------------------
/app/src/main/jni/And64InlineHook/README.md:
--------------------------------------------------------------------------------
1 | # And64InlineHook
2 | Lightweight ARMv8-A(ARM64, AArch64, Little-Endian) Inline Hook Library for Android C/C++
3 |
4 | # References
5 | [Arm Compiler armasm User Guide](http://infocenter.arm.com/help/topic/com.arm.doc.100069_0610_00_en/pge1427898258836.html)
6 | [Procedure Call Standard for the Arm® 64-bit Architecture (AArch64)](https://github.com/ARM-software/abi-aa/blob/master/aapcs64/aapcs64.rst)
7 |
8 |
--------------------------------------------------------------------------------
/app/src/main/jni/Includes/Vector3.h:
--------------------------------------------------------------------------------
1 | class Vector3 {
2 | public:
3 | float x;
4 | float y;
5 | float z;
6 | Vector3()
7 | : x(0)
8 | , y(0)
9 | , z(0)
10 | {
11 | }
12 | Vector3(float x1, float y1, float z1)
13 | : x(x1)
14 | , y(y1)
15 | , z(z1)
16 | {
17 | }
18 | Vector3(const Vector3& v);
19 | ~Vector3();
20 | };
21 | Vector3::Vector3(const Vector3& v)
22 | : x(v.x)
23 | , y(v.y)
24 | , z(v.z)
25 | {
26 | }
27 | Vector3::~Vector3() {}
--------------------------------------------------------------------------------
/app/src/main/jni/Includes/Rect.h:
--------------------------------------------------------------------------------
1 | class Rect {
2 | public:
3 | float x;
4 | float y;
5 | float w;
6 | float h;
7 | Rect()
8 | : x(0)
9 | , y(0)
10 | , w(0)
11 | , h(0)
12 | {
13 | }
14 | Rect(float x1, float y1, float w1, float h1)
15 | : x(x1)
16 | , y(y1)
17 | , w(w1)
18 | , h(h1)
19 | {
20 | }
21 | Rect(const Rect& v);
22 | ~Rect();
23 | };
24 | Rect::Rect(const Rect& v)
25 | : x(v.x)
26 | , y(v.y)
27 | , w(v.w)
28 | , h(v.h)
29 | {
30 | }
31 | Rect::~Rect() {}
--------------------------------------------------------------------------------
/app/src/main/jni/Includes/Logger.h:
--------------------------------------------------------------------------------
1 | #ifndef DAWN_LOGGER_H
2 | #define DAWN_LOGGER_H
3 |
4 | #include
5 |
6 | enum daLogType {
7 | daDEBUG = 3,
8 | daERROR = 6,
9 | daINFO = 4,
10 | daWARN = 5
11 | };
12 |
13 | //Change this to another Log Tag if ya want. IN the batch script I provide you change the log tag then too
14 | #define TAG OBFUSCATE("Mod_Menu")
15 |
16 | #define LOGD(...) ((void)__android_log_print(daDEBUG, TAG, __VA_ARGS__))
17 | #define LOGE(...) ((void)__android_log_print(daERROR, TAG, __VA_ARGS__))
18 | #define LOGI(...) ((void)__android_log_print(daINFO, TAG, __VA_ARGS__))
19 | #define LOGW(...) ((void)__android_log_print(daWARN, TAG, __VA_ARGS__))
20 |
21 | #endif //DAWN_LOGGER_H
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Disclaimer
2 | Hello, this is a mod menu template from LGL's and KolanHacker(Hard-Android-Menu), a version with SubMenus now.
3 |
4 | I just improved the menu a bit to make it more readable and easier to modify.
5 |
6 | Note: To be easier for submenus, we have an optional case numbers.
7 | Example: "150_Toggle_Unlimited Ammo", use different numbers to get your mods working in a different submenu section.
8 |
9 | # Credits
10 | LGL's Template: https://github.com/LGLTeam/Android-Mod-Menu
11 |
12 | KolanHacker Original Template: https://github.com/KolanHacker/-Hard-Android-Menu-
13 |
14 | # ARM64 DISCLAIMER!
15 | Fixed!
16 |
17 |
18 | 
19 |
20 | 
21 |
--------------------------------------------------------------------------------
/gradle.properties:
--------------------------------------------------------------------------------
1 | # Project-wide Gradle settings.
2 | # IDE (e.g. Android Studio) users:
3 | # Gradle settings configured through the IDE *will override*
4 | # any settings specified in this file.
5 | # For more details on how to configure your build environment visit
6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
7 | # Specifies the JVM arguments used for the daemon process.
8 | # The setting is particularly useful for tweaking memory settings.
9 | org.gradle.jvmargs=-Xmx1536m
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. More details, visit
12 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
13 | # org.gradle.parallel=true
14 |
15 |
16 |
--------------------------------------------------------------------------------
/FloatingModMenu.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
1 | # Add project specific ProGuard rules here.
2 | # You can control the set of applied configuration files using the
3 | # proguardFiles setting in build.gradle.
4 | #
5 | # For more details, see
6 | # http://developer.android.com/guide/developing/tools/proguard.html
7 |
8 | # If your project uses WebView with JS, uncomment the following
9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | # public *;
13 | #}
14 |
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 |
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile
22 | #-dontobfuscate
23 | -keepclassmembers class ** {
24 | public static void Start (***);
25 | }
26 | -keep public class uk.lgl.MainActivity
27 |
--------------------------------------------------------------------------------
/app/src/main/jni/And64InlineHook/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2017 RLib
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/app/src/main/jni/Includes/Color.h:
--------------------------------------------------------------------------------
1 |
2 | class Color {
3 | public:
4 | float r, b, g, a;
5 |
6 | Color() {
7 | SetColor( 0 , 0 , 0 , 255 );
8 | }
9 |
10 | Color( float r , float g , float b ) {
11 | SetColor( r , g , b , 255 );
12 | }
13 |
14 | Color( float r, float g, float b, float a) {
15 | SetColor( r , g , b , a );
16 | }
17 |
18 | void SetColor( float r1 , float g1 , float b1 , float a1 = 255 ) {
19 | r = r1;
20 | g = g1;
21 | b = b1;
22 | a = a1;
23 | }
24 |
25 | static Color Black(float a = 255){ return Color(0, 0, 0, a); }
26 | static Color White(float a = 255){ return Color(255 , 255 , 255, a); }
27 | static Color Red(float a = 255){ return Color(255 , 0 , 0, a); }
28 | static Color Green(float a = 255){ return Color(0 , 255 , 0, a); }
29 | static Color Blue(float a = 255){ return Color(0 , 0 , 255, a); }
30 | static Color Yellow(float a = 255){ return Color(255 , 255 , 0, a); }
31 | static Color Cyan(float a = 255){ return Color(0 , 255 , 255, a); }
32 | static Color Magenta(float a = 255){ return Color(255 , 0 , 255, a); }
33 | };
34 |
--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
1 | apply plugin: 'com.android.application'
2 |
3 | android {
4 | compileSdkVersion 30
5 | defaultConfig {
6 | applicationId "com.simplefucker.source"
7 | minSdkVersion 19
8 | targetSdkVersion 30
9 | versionCode 1
10 | versionName "2.0"
11 | ndk {
12 | abiFilters 'armeabi-v7a', 'arm64-v8a', 'x86'
13 | }
14 | signingConfig signingConfigs.debug
15 | }
16 | buildTypes {
17 | release {
18 | shrinkResources false
19 | minifyEnabled false
20 | proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
21 | }
22 | debug {
23 | shrinkResources false
24 | minifyEnabled false
25 | proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
26 | }
27 | }
28 | externalNativeBuild {
29 | ndkBuild {
30 | path file('src/main/jni/Android.mk')
31 | }
32 | }
33 | ndkVersion = '22.0.7026061'
34 | }
35 |
36 | //aide
37 | dependencies {
38 | implementation fileTree(dir: 'libs', include: ['*.jar'])
39 | }
40 |
--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
7 |
8 |
9 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/app/src/main/jni/KittyMemory/MemoryBackup.h:
--------------------------------------------------------------------------------
1 | //
2 | // MemoryBackup.h
3 | //
4 | // Created by MJ (Ruit) on 4/19/20.
5 | //
6 |
7 | #pragma once
8 |
9 | #include
10 |
11 | #include "KittyMemory.h"
12 | using KittyMemory::Memory_Status;
13 | using KittyMemory::ProcMap;
14 |
15 |
16 | class MemoryBackup {
17 | private:
18 | uintptr_t _address;
19 | size_t _size;
20 |
21 | std::vector _orig_code;
22 |
23 | std::string _hexString;
24 |
25 | public:
26 | MemoryBackup();
27 |
28 | /*
29 | * expects library name and relative address
30 | */
31 | MemoryBackup(const char *libraryName, uintptr_t address, size_t backup_size, bool useMapCache=true);
32 |
33 | /*
34 | * expects absolute address
35 | */
36 | MemoryBackup(uintptr_t absolute_address, size_t backup_size);
37 |
38 |
39 | ~MemoryBackup();
40 |
41 |
42 | /*
43 | * Validate patch
44 | */
45 | bool isValid() const;
46 |
47 |
48 | size_t get_BackupSize() const;
49 |
50 | /*
51 | * Returns pointer to the target address
52 | */
53 | uintptr_t get_TargetAddress() const;
54 |
55 |
56 | /*
57 | * Restores backup code
58 | */
59 | bool Restore();
60 |
61 |
62 | /*
63 | * Returns current target address bytes as hex string
64 | */
65 | std::string get_CurrBytes();
66 | };
67 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/SubstrateDebug.hpp:
--------------------------------------------------------------------------------
1 | /* Cydia Substrate - Powerful Code Insertion Platform
2 | * Copyright (C) 2008-2011 Jay Freeman (saurik)
3 | */
4 |
5 | /* GNU Lesser General Public License, Version 3 {{{ */
6 | /*
7 | * Substrate is free software: you can redistribute it and/or modify it under
8 | * the terms of the GNU Lesser General Public License as published by the
9 | * Free Software Foundation, either version 3 of the License, or (at your
10 | * option) any later version.
11 | *
12 | * Substrate is distributed in the hope that it will be useful, but WITHOUT
13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
15 | * License for more details.
16 | *
17 | * You should have received a copy of the GNU Lesser General Public License
18 | * along with Substrate. If not, see .
19 | **/
20 | /* }}} */
21 |
22 | #ifndef SUBSTRATE_DEBUG_HPP
23 | #define SUBSTRATE_DEBUG_HPP
24 |
25 | #include "SubstrateLog.hpp"
26 | #define lprintf(format, ...) \
27 | MSLog(MSLogLevelNotice, format, ## __VA_ARGS__)
28 |
29 | extern "C" bool MSDebug;
30 | void MSLogHexEx(const void *vdata, size_t size, size_t stride, const char *mark = 0);
31 | void MSLogHex(const void *vdata, size_t size, const char *mark = 0);
32 |
33 | #endif//SUBSTRATE_DEBUG_HPP
34 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/Buffer.hpp:
--------------------------------------------------------------------------------
1 | /* Cydia Substrate - Powerful Code Insertion Platform
2 | * Copyright (C) 2008-2011 Jay Freeman (saurik)
3 | */
4 |
5 | /* GNU Lesser General Public License, Version 3 {{{ */
6 | /*
7 | * Substrate is free software: you can redistribute it and/or modify it under
8 | * the terms of the GNU Lesser General Public License as published by the
9 | * Free Software Foundation, either version 3 of the License, or (at your
10 | * option) any later version.
11 | *
12 | * Substrate is distributed in the hope that it will be useful, but WITHOUT
13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
15 | * License for more details.
16 | *
17 | * You should have received a copy of the GNU Lesser General Public License
18 | * along with Substrate. If not, see .
19 | **/
20 | /* }}} */
21 |
22 | #ifndef SUBSTRATE_BUFFER_HPP
23 | #define SUBSTRATE_BUFFER_HPP
24 |
25 | #include
26 |
27 | template
28 | _disused static _finline void MSWrite(uint8_t *&buffer, Type_ value) {
29 | *reinterpret_cast(buffer) = value;
30 | buffer += sizeof(Type_);
31 | }
32 |
33 | _disused static _finline void MSWrite(uint8_t *&buffer, uint8_t *data, size_t size) {
34 | memcpy(buffer, data, size);
35 | buffer += size;
36 | }
37 |
38 | #endif//SUBSTRATE_BUFFER_HPP
39 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/SubstrateLog.hpp:
--------------------------------------------------------------------------------
1 | /* Cydia Substrate - Powerful Code Insertion Platform
2 | * Copyright (C) 2008-2011 Jay Freeman (saurik)
3 | */
4 |
5 | /* GNU Lesser General Public License, Version 3 {{{ */
6 | /*
7 | * Substrate is free software: you can redistribute it and/or modify it under
8 | * the terms of the GNU Lesser General Public License as published by the
9 | * Free Software Foundation, either version 3 of the License, or (at your
10 | * option) any later version.
11 | *
12 | * Substrate is distributed in the hope that it will be useful, but WITHOUT
13 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
15 | * License for more details.
16 | *
17 | * You should have received a copy of the GNU Lesser General Public License
18 | * along with Substrate. If not, see .
19 | **/
20 | /* }}} */
21 |
22 | #ifndef SUBSTRATE_LOG_HPP
23 | #define SUBSTRATE_LOG_HPP
24 |
25 | #if 0
26 | #include
27 |
28 | #define MSLog(level, format, ...) ((void)__android_log_print(level, "NNNN", format, __VA_ARGS__))
29 |
30 | #define MSLogLevelNotice ANDROID_LOG_INFO
31 | #define MSLogLevelWarning ANDROID_LOG_WARN
32 | #define MSLogLevelError ANDROID_LOG_ERROR
33 |
34 | #else
35 |
36 | #define MSLog(level, format, ...) printf(format, __VA_ARGS__)
37 |
38 | #endif
39 |
40 | #endif//SUBSTRATE_LOG_HPP
41 |
--------------------------------------------------------------------------------
/app/src/main/jni/Android.mk:
--------------------------------------------------------------------------------
1 | LOCAL_PATH := $(call my-dir)
2 | MAIN_LOCAL_PATH := $(call my-dir)
3 | include $(CLEAR_VARS)
4 |
5 | # Here is the name of your lib.
6 | # When you change the lib name, change also on System.loadLibrary("") under OnCreate method on StaticActivity.java
7 | # Both must have same name
8 | LOCAL_MODULE := KISE
9 |
10 | # Code optimization
11 | # -std=c++17 is required to support AIDE app with NDK
12 | LOCAL_CFLAGS := -Wno-error=format-security -fvisibility=hidden -ffunction-sections -fdata-sections -w
13 | LOCAL_CFLAGS += -fno-rtti -fno-exceptions -fpermissive
14 | LOCAL_CPPFLAGS := -Wno-error=format-security -fvisibility=hidden -ffunction-sections -fdata-sections -w -Werror -s -std=c++17
15 | LOCAL_CPPFLAGS += -Wno-error=c++11-narrowing -fms-extensions -fno-rtti -fno-exceptions -fpermissive
16 | LOCAL_LDFLAGS += -Wl,--gc-sections,--strip-all, -llog
17 | LOCAL_ARM_MODE := arm
18 |
19 | LOCAL_C_INCLUDES += $(MAIN_LOCAL_PATH)
20 |
21 | # Here you add the cpp file
22 | LOCAL_SRC_FILES := Main.cpp \
23 | Substrate/hde64.c \
24 | Substrate/SubstrateDebug.cpp \
25 | Substrate/SubstrateHook.cpp \
26 | Substrate/SubstratePosixMemory.cpp \
27 | Substrate/SymbolFinder.cpp \
28 | KittyMemory/KittyMemory.cpp \
29 | KittyMemory/MemoryPatch.cpp \
30 | KittyMemory/MemoryBackup.cpp \
31 | KittyMemory/KittyUtils.cpp \
32 | And64InlineHook/And64InlineHook.cpp \
33 |
34 | LOCAL_LDLIBS := -llog -landroid -lGLESv2
35 |
36 | include $(BUILD_SHARED_LIBRARY)
37 |
--------------------------------------------------------------------------------
/app/src/main/jni/And64InlineHook/And64InlineHook.hpp:
--------------------------------------------------------------------------------
1 | /*
2 | * @date : 2018/04/18
3 | * @author : Rprop (r_prop@outlook.com)
4 | * https://github.com/Rprop/And64InlineHook
5 | */
6 | /*
7 | MIT License
8 |
9 | Copyright (c) 2018 Rprop (r_prop@outlook.com)
10 |
11 | Permission is hereby granted, free of charge, to any person obtaining a copy
12 | of this software and associated documentation files (the "Software"), to deal
13 | in the Software without restriction, including without limitation the rights
14 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 | copies of the Software, and to permit persons to whom the Software is
16 | furnished to do so, subject to the following conditions:
17 |
18 | The above copyright notice and this permission notice shall be included in all
19 | copies or substantial portions of the Software.
20 |
21 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
27 | SOFTWARE.
28 | */
29 | #pragma once
30 | #define A64_MAX_BACKUPS 256
31 |
32 | #ifdef __cplusplus
33 | extern "C" {
34 | #endif
35 |
36 | void A64HookFunction(void *const symbol, void *const replace, void **result);
37 | void *A64HookFunctionV(void *const symbol, void *const replace, void *const rwx, const uintptr_t rwx_size);
38 |
39 | #ifdef __cplusplus
40 | }
41 | #endif
--------------------------------------------------------------------------------
/app/src/main/jni/KittyMemory/MemoryPatch.h:
--------------------------------------------------------------------------------
1 | //
2 | // MemoryPatch.h
3 | //
4 | // Created by MJ (Ruit) on 1/1/19.
5 | //
6 |
7 | #pragma once
8 |
9 | #include
10 | #include "KittyUtils.h"
11 | #include "KittyMemory.h"
12 | using KittyMemory::Memory_Status;
13 | using KittyMemory::ProcMap;
14 |
15 | class MemoryPatch {
16 | private:
17 | uintptr_t _address;
18 | size_t _size;
19 |
20 | std::vector _orig_code;
21 | std::vector _patch_code;
22 |
23 | std::string _hexString;
24 |
25 | public:
26 | MemoryPatch();
27 |
28 | /*
29 | * expects library name and relative address
30 | */
31 | MemoryPatch(const char *libraryName, uintptr_t address,
32 | const void *patch_code, size_t patch_size, bool useMapCache=true);
33 |
34 |
35 | /*
36 | * expects absolute address
37 | */
38 | MemoryPatch(uintptr_t absolute_address,
39 | const void *patch_code, size_t patch_size);
40 |
41 |
42 | ~MemoryPatch();
43 |
44 | /*
45 | * compatible hex format (0xffff & ffff & ff ff)
46 | */
47 | static MemoryPatch createWithHex(const char *libraryName, uintptr_t address, std::string hex, bool useMapCache=true);
48 | static MemoryPatch createWithHex(uintptr_t absolute_address, std::string hex);
49 |
50 | /*
51 | * Validate patch
52 | */
53 | bool isValid() const;
54 |
55 |
56 | size_t get_PatchSize() const;
57 |
58 | /*
59 | * Returns pointer to the target address
60 | */
61 | uintptr_t get_TargetAddress() const;
62 |
63 |
64 | /*
65 | * Restores patch to original value
66 | */
67 | bool Restore();
68 |
69 |
70 | /*
71 | * Applies patch modifications to target address
72 | */
73 | bool Modify();
74 |
75 |
76 | /*
77 | * Returns current patch target address bytes as hex string
78 | */
79 | std::string get_CurrBytes();
80 | };
81 |
--------------------------------------------------------------------------------
/app/src/main/res/drawable-v24/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
1 |
7 |
12 |
13 |
19 |
2 | #include
3 | #include
4 | #include
5 | #include
6 | #include
7 | #include
8 | #include
9 | #include
10 | //#include
11 | #include "Includes/Vector2.h"
12 | #include "Includes/Rect.h"
13 | #include "Includes/Color.h"
14 | #include "Includes/Quaternion.h"
15 | #include "Includes/Logger.h"
16 | #include "Includes/obfuscate.h"
17 | #include "Includes/Utils.h"
18 | #include "KittyMemory/MemoryPatch.h"
19 | #include "Menu.h"
20 |
21 | #if defined(__aarch64__)
22 |
23 | #include
24 |
25 | #define HOOK(offset, ptr, orig) A64HookFunction((void *)getAbsoluteAddress(targetLibIL2CPP, string2Offset(OBFUSCATE_KEY(offset, 23479432523588))), (void *)ptr, (void **)&orig)
26 |
27 | #else
28 |
29 | #include
30 |
31 | #define HOOK(offset, ptr, orig) MSHookFunction((void *)getAbsoluteAddress(targetLibIL2CPP, string2Offset(OBFUSCATE_KEY(offset, 23479432523588))), (void *)ptr, (void **)&orig)
32 |
33 | #endif
34 |
35 |
36 |
37 | //If you don't want to use HOOK, you can use this code below.
38 | //just added this who thought who wanted to use this or not.
39 | void hooking(void *orig_fcn, void* new_fcn, void **orig_fcn_ptr)
40 | {
41 | #if defined(__aarch64__)
42 | A64HookFunction(orig_fcn, new_fcn, orig_fcn_ptr);
43 | #else
44 | MSHookFunction(orig_fcn, new_fcn, orig_fcn_ptr);
45 | #endif
46 | }
47 |
48 | //!!! KittyMemory || Hex-Patching !!!//
49 | struct My_Patches {
50 | // let's assume we have patches for these functions for whatever game
51 | // like show in miniMap boolean function
52 | MemoryPatch GodMode, GodMode2, SliderExample;
53 | // etc...
54 | } hexPatches;
55 |
56 | bool isTest, isTest2;
57 |
58 | //!!! Hooks !!!//
59 |
60 | bool (*_method)(void *instance);
61 | bool method(void *instance) {
62 | if (instance != NULL){
63 | if(isTest) {
64 | return true;
65 | }
66 | }
67 | return _method(instance);
68 | }
69 |
70 | int (*_method2)(void *instance);
71 | int method2(void *instance){
72 | if (instance != NULL) {
73 | if(isTest2) {
74 | return 99;
75 | }
76 | }
77 | return _method2(instance);
78 | }
79 |
80 | void *hack_thread(void *) {
81 | LOGI(OBFUSCATE("pthread created"));
82 |
83 | do {
84 | sleep(1);
85 | } while (!isLibraryLoaded(targetLibIL2CPP));
86 |
87 | LOGI(OBFUSCATE("%s has been loaded"), (const char *) targetLibIL2CPP);
88 |
89 |
90 | hexPatches.GodMode = MemoryPatch::createWithHex(targetLibIL2CPP, //Normal obfuscate
91 | string2Offset(OBFUSCATE("0x000000")),
92 | OBFUSCATE("00 00 A0 E3 1E FF 2F E1"));
93 | //You can also specify target lib like this
94 | hexPatches.GodMode2 = MemoryPatch::createWithHex("libil2cpp.so",
95 | string2Offset(OBFUSCATE_KEY("0x000000", 23479432523588)), //64-bit key in decimal
96 | OBFUSCATE_KEY("01 00 A0 E3 1E FF 2F E1", 0x3FE63DF21A3B)); //64-bit key in hex works too
97 |
98 | hooking((void*)getAbsoluteAddress(targetLibIL2CPP, string2Offset(OBFUSCATE_KEY("0x000000", 23479432523588))), (void *) method, (void **)&_method);
99 |
100 | HOOK("0x000000", method2, _method2);
101 |
102 | LOGI(OBFUSCATE("Done"));
103 | return NULL;
104 | }
105 |
106 | extern "C" {
107 | JNIEXPORT jobjectArray
108 | JNICALL
109 | Java_com_simplefucker_source_ModMenu_getSettings(JNIEnv *env, jobject activityObject) {
110 | jobjectArray ret;
111 |
112 | const char *features[] = {
113 | OBFUSCATE("0_Category_First Color"),
114 | OBFUSCATE("-110_InputValue_First Color Red"),
115 | OBFUSCATE("-112_InputValue_First Color Green"),
116 | OBFUSCATE("-111_InputValue_First Color Blue"),
117 | OBFUSCATE("0_Category_Secondary Color"),
118 | OBFUSCATE("-210_InputValue_First Color Red"),
119 | OBFUSCATE("-212_InputValue_First Color Green"),
120 | OBFUSCATE("-211_InputValue_First Color Blue"),
121 | };
122 |
123 | int Total_Feature = (sizeof features /
124 | sizeof features[0]); //Now you dont have to manually update the number everytime;
125 | ret = (jobjectArray)
126 | env->NewObjectArray(Total_Feature, env->FindClass(OBFUSCATE("java/lang/String")),
127 | env->NewStringUTF(""));
128 | int i;
129 | for (i = 0; i < Total_Feature; i++)
130 | env->SetObjectArrayElement(ret, i, env->NewStringUTF(features[i]));
131 |
132 | return (ret);
133 | }
134 |
135 |
136 | JNIEXPORT jobjectArray
137 | JNICALL
138 | Java_com_simplefucker_source_ModMenu_getPlayer(JNIEnv *env, jobject activityObject) {
139 | jobjectArray ret;
140 |
141 | const char *features[] = {
142 | OBFUSCATE("0_Category_Player Category"),
143 | OBFUSCATE("100_Toggle_God Mode"),
144 | OBFUSCATE("151_SeekBar_Preview SeekBar_1_13131"),
145 | };
146 |
147 | int Total_Feature = (sizeof features /
148 | sizeof features[0]); //Now you dont have to manually update the number everytime;
149 | ret = (jobjectArray)
150 | env->NewObjectArray(Total_Feature, env->FindClass(OBFUSCATE("java/lang/String")),
151 | env->NewStringUTF(""));
152 | int i;
153 | for (i = 0; i < Total_Feature; i++)
154 | env->SetObjectArrayElement(ret, i, env->NewStringUTF(features[i]));
155 |
156 | pthread_t ptid;
157 | pthread_create(&ptid, NULL, antiLeech, NULL);
158 |
159 | return (ret);
160 | }
161 | JNIEXPORT jobjectArray
162 | JNICALL
163 | Java_com_simplefucker_source_ModMenu_getVisuals(JNIEnv *env, jobject activityObject) {
164 | jobjectArray ret;
165 |
166 | const char *features[] = {
167 | OBFUSCATE("0_Category_Weapon"),
168 | OBFUSCATE("101_Toggle_Ammo"),
169 | OBFUSCATE("151_SeekBar_Preview SeekBar_1_13131"),
170 | };
171 |
172 | int Total_Feature = (sizeof features /
173 | sizeof features[0]); //Now you dont have to manually update the number everytime;
174 | ret = (jobjectArray)
175 | env->NewObjectArray(Total_Feature, env->FindClass(OBFUSCATE("java/lang/String")),
176 | env->NewStringUTF(""));
177 | int i;
178 | for (i = 0; i < Total_Feature; i++)
179 | env->SetObjectArrayElement(ret, i, env->NewStringUTF(features[i]));
180 |
181 | pthread_t ptid;
182 | pthread_create(&ptid, NULL, antiLeech, NULL);
183 |
184 | return (ret);
185 | }
186 |
187 | JNIEXPORT void JNICALL
188 | Java_com_simplefucker_source_SavedPrefs_Changes(JNIEnv *env, jclass clazz, jobject obj,
189 | jint feature, jint value, jboolean boolean, jstring str) {
190 |
191 | const char *featureName = env->GetStringUTFChars(str, 0);
192 |
193 | LOGD(OBFUSCATE("Feature name: %d - %s | Value: = %d | Bool: = %d"), feature, featureName, value,
194 | boolean);
195 |
196 | //!!! BE CAREFUL NOT TO ACCIDENTLY REMOVE break; !!!//
197 |
198 | switch (feature) {
199 | case 100:
200 | isTest = boolean;
201 | break;
202 | case 101:
203 | isTest2 = boolean;
204 | break;
205 | }
206 | }
207 | }
208 |
209 |
210 |
211 | __attribute__((constructor))
212 | void lib_main() {
213 | pthread_t ptid;
214 | pthread_create(&ptid, NULL, hack_thread, NULL);
215 | }
216 |
217 |
--------------------------------------------------------------------------------
/app/app.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 | generateDebugSources
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
105 |
106 |
107 |
108 |
109 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/hde64.c:
--------------------------------------------------------------------------------
1 | /*
2 | * Hacker Disassembler Engine 64 C
3 | * Copyright (c) 2008-2009, Vyacheslav Patkov.
4 | * All rights reserved.
5 | *
6 | */
7 |
8 | #include
9 | #include
10 |
11 | #include "hde64.h"
12 | #include "table64.h"
13 |
14 | unsigned int hde64_disasm(const void *code, hde64s *hs)
15 | {
16 | uint8_t x, c, *p = (uint8_t *)code, cflags, opcode, pref = 0;
17 | uint8_t *ht = hde64_table, m_mod, m_reg, m_rm, disp_size = 0;
18 | uint8_t op64 = 0;
19 |
20 | memset(hs,0,sizeof(hde64s));
21 | char *tmp=(char*)hs;
22 |
23 | for (x = 16; x; x--)
24 | switch (c = *p++) {
25 | case 0xf3:
26 | hs->p_rep = c;
27 | pref |= PRE_F3;
28 | break;
29 | case 0xf2:
30 | hs->p_rep = c;
31 | pref |= PRE_F2;
32 | break;
33 | case 0xf0:
34 | hs->p_lock = c;
35 | pref |= PRE_LOCK;
36 | break;
37 | case 0x26: case 0x2e: case 0x36:
38 | case 0x3e: case 0x64: case 0x65:
39 | hs->p_seg = c;
40 | pref |= PRE_SEG;
41 | break;
42 | case 0x66:
43 | hs->p_66 = c;
44 | pref |= PRE_66;
45 | break;
46 | case 0x67:
47 | hs->p_67 = c;
48 | pref |= PRE_67;
49 | break;
50 | default:
51 | goto pref_done;
52 | }
53 | pref_done:
54 |
55 | hs->flags = (uint32_t)pref << 23;
56 |
57 | if (!pref)
58 | pref |= PRE_NONE;
59 |
60 | if ((c & 0xf0) == 0x40) {
61 | hs->flags |= F_PREFIX_REX;
62 | if ((hs->rex_w = (c & 0xf) >> 3) && (*p & 0xf8) == 0xb8)
63 | op64++;
64 | hs->rex_r = (c & 7) >> 2;
65 | hs->rex_x = (c & 3) >> 1;
66 | hs->rex_b = c & 1;
67 | if (((c = *p++) & 0xf0) == 0x40) {
68 | opcode = c;
69 | goto error_opcode;
70 | }
71 | }
72 |
73 | if ((hs->opcode = c) == 0x0f) {
74 | hs->opcode2 = c = *p++;
75 | ht += DELTA_OPCODES;
76 | } else if (c >= 0xa0 && c <= 0xa3) {
77 | op64++;
78 | if (pref & PRE_67)
79 | pref |= PRE_66;
80 | else
81 | pref &= ~PRE_66;
82 | }
83 |
84 | opcode = c;
85 | cflags = ht[ht[opcode / 4] + (opcode % 4)];
86 |
87 | if (cflags == C_ERROR) {
88 | error_opcode:
89 | hs->flags |= F_ERROR | F_ERROR_OPCODE;
90 | cflags = 0;
91 | if ((opcode & -3) == 0x24)
92 | cflags++;
93 | }
94 |
95 | x = 0;
96 | if (cflags & C_GROUP) {
97 | uint16_t t;
98 | t = *(uint16_t *)(ht + (cflags & 0x7f));
99 | cflags = (uint8_t)t;
100 | x = (uint8_t)(t >> 8);
101 | }
102 |
103 | if (hs->opcode2) {
104 | ht = hde64_table + DELTA_PREFIXES;
105 | if (ht[ht[opcode / 4] + (opcode % 4)] & pref)
106 | hs->flags |= F_ERROR | F_ERROR_OPCODE;
107 | }
108 |
109 | if (cflags & C_MODRM) {
110 | hs->flags |= F_MODRM;
111 | hs->modrm = c = *p++;
112 | hs->modrm_mod = m_mod = c >> 6;
113 | hs->modrm_rm = m_rm = c & 7;
114 | hs->modrm_reg = m_reg = (c & 0x3f) >> 3;
115 |
116 | if (x && ((x << m_reg) & 0x80))
117 | hs->flags |= F_ERROR | F_ERROR_OPCODE;
118 |
119 | if (!hs->opcode2 && opcode >= 0xd9 && opcode <= 0xdf) {
120 | uint8_t t = opcode - 0xd9;
121 | if (m_mod == 3) {
122 | ht = hde64_table + DELTA_FPU_MODRM + t*8;
123 | t = ht[m_reg] << m_rm;
124 | } else {
125 | ht = hde64_table + DELTA_FPU_REG;
126 | t = ht[t] << m_reg;
127 | }
128 | if (t & 0x80)
129 | hs->flags |= F_ERROR | F_ERROR_OPCODE;
130 | }
131 |
132 | if (pref & PRE_LOCK) {
133 | if (m_mod == 3) {
134 | hs->flags |= F_ERROR | F_ERROR_LOCK;
135 | } else {
136 | uint8_t *table_end, op = opcode;
137 | if (hs->opcode2) {
138 | ht = hde64_table + DELTA_OP2_LOCK_OK;
139 | table_end = ht + DELTA_OP_ONLY_MEM - DELTA_OP2_LOCK_OK;
140 | } else {
141 | ht = hde64_table + DELTA_OP_LOCK_OK;
142 | table_end = ht + DELTA_OP2_LOCK_OK - DELTA_OP_LOCK_OK;
143 | op &= -2;
144 | }
145 | for (; ht != table_end; ht++)
146 | if (*ht++ == op) {
147 | if (!((*ht << m_reg) & 0x80))
148 | goto no_lock_error;
149 | else
150 | break;
151 | }
152 | hs->flags |= F_ERROR | F_ERROR_LOCK;
153 | no_lock_error:
154 | ;
155 | }
156 | }
157 |
158 | if (hs->opcode2) {
159 | switch (opcode) {
160 | case 0x20: case 0x22:
161 | m_mod = 3;
162 | if (m_reg > 4 || m_reg == 1)
163 | goto error_operand;
164 | else
165 | goto no_error_operand;
166 | case 0x21: case 0x23:
167 | m_mod = 3;
168 | if (m_reg == 4 || m_reg == 5)
169 | goto error_operand;
170 | else
171 | goto no_error_operand;
172 | }
173 | } else {
174 | switch (opcode) {
175 | case 0x8c:
176 | if (m_reg > 5)
177 | goto error_operand;
178 | else
179 | goto no_error_operand;
180 | case 0x8e:
181 | if (m_reg == 1 || m_reg > 5)
182 | goto error_operand;
183 | else
184 | goto no_error_operand;
185 | }
186 | }
187 |
188 | if (m_mod == 3) {
189 | uint8_t *table_end;
190 | if (hs->opcode2) {
191 | ht = hde64_table + DELTA_OP2_ONLY_MEM;
192 | table_end = ht + sizeof(hde64_table) - DELTA_OP2_ONLY_MEM;
193 | } else {
194 | ht = hde64_table + DELTA_OP_ONLY_MEM;
195 | table_end = ht + DELTA_OP2_ONLY_MEM - DELTA_OP_ONLY_MEM;
196 | }
197 | for (; ht != table_end; ht += 2)
198 | if (*ht++ == opcode) {
199 | if (*ht++ & pref && !((*ht << m_reg) & 0x80))
200 | goto error_operand;
201 | else
202 | break;
203 | }
204 | goto no_error_operand;
205 | } else if (hs->opcode2) {
206 | switch (opcode) {
207 | case 0x50: case 0xd7: case 0xf7:
208 | if (pref & (PRE_NONE | PRE_66))
209 | goto error_operand;
210 | break;
211 | case 0xd6:
212 | if (pref & (PRE_F2 | PRE_F3))
213 | goto error_operand;
214 | break;
215 | case 0xc5:
216 | goto error_operand;
217 | }
218 | goto no_error_operand;
219 | } else
220 | goto no_error_operand;
221 |
222 | error_operand:
223 | hs->flags |= F_ERROR | F_ERROR_OPERAND;
224 | no_error_operand:
225 |
226 | c = *p++;
227 | if (m_reg <= 1) {
228 | if (opcode == 0xf6)
229 | cflags |= C_IMM8;
230 | else if (opcode == 0xf7)
231 | cflags |= C_IMM_P66;
232 | }
233 |
234 | switch (m_mod) {
235 | case 0:
236 | if (pref & PRE_67) {
237 | if (m_rm == 6)
238 | disp_size = 2;
239 | } else
240 | if (m_rm == 5)
241 | disp_size = 4;
242 | break;
243 | case 1:
244 | disp_size = 1;
245 | break;
246 | case 2:
247 | disp_size = 2;
248 | if (!(pref & PRE_67))
249 | disp_size <<= 1;
250 | }
251 |
252 | if (m_mod != 3 && m_rm == 4) {
253 | hs->flags |= F_SIB;
254 | p++;
255 | hs->sib = c;
256 | hs->sib_scale = c >> 6;
257 | hs->sib_index = (c & 0x3f) >> 3;
258 | if ((hs->sib_base = c & 7) == 5 && !(m_mod & 1))
259 | disp_size = 4;
260 | }
261 |
262 | p--;
263 | switch (disp_size) {
264 | case 1:
265 | hs->flags |= F_DISP8;
266 | hs->disp.disp8 = *p;
267 | break;
268 | case 2:
269 | hs->flags |= F_DISP16;
270 | hs->disp.disp16 = *(uint16_t *)p;
271 | break;
272 | case 4:
273 | hs->flags |= F_DISP32;
274 | hs->disp.disp32 = *(uint32_t *)p;
275 | }
276 | p += disp_size;
277 | } else if (pref & PRE_LOCK)
278 | hs->flags |= F_ERROR | F_ERROR_LOCK;
279 |
280 | if (cflags & C_IMM_P66) {
281 | if (cflags & C_REL32) {
282 | if (pref & PRE_66) {
283 | hs->flags |= F_IMM16 | F_RELATIVE;
284 | hs->imm.imm16 = *(uint16_t *)p;
285 | p += 2;
286 | goto disasm_done;
287 | }
288 | goto rel32_ok;
289 | }
290 | if (op64) {
291 | hs->flags |= F_IMM64;
292 | hs->imm.imm64 = *(uint64_t *)p;
293 | p += 8;
294 | } else if (!(pref & PRE_66)) {
295 | hs->flags |= F_IMM32;
296 | hs->imm.imm32 = *(uint32_t *)p;
297 | p += 4;
298 | } else
299 | goto imm16_ok;
300 | }
301 |
302 |
303 | if (cflags & C_IMM16) {
304 | imm16_ok:
305 | hs->flags |= F_IMM16;
306 | hs->imm.imm16 = *(uint16_t *)p;
307 | p += 2;
308 | }
309 | if (cflags & C_IMM8) {
310 | hs->flags |= F_IMM8;
311 | hs->imm.imm8 = *p++;
312 | }
313 |
314 | if (cflags & C_REL32) {
315 | rel32_ok:
316 | hs->flags |= F_IMM32 | F_RELATIVE;
317 | hs->imm.imm32 = *(uint32_t *)p;
318 | p += 4;
319 | } else if (cflags & C_REL8) {
320 | hs->flags |= F_IMM8 | F_RELATIVE;
321 | hs->imm.imm8 = *p++;
322 | }
323 |
324 | disasm_done:
325 |
326 | if ((hs->len = (uint8_t)(p-(uint8_t *)code)) > 15) {
327 | hs->flags |= F_ERROR | F_ERROR_LENGTH;
328 | hs->len = 15;
329 | }
330 |
331 | return (unsigned int)hs->len;
332 | }
333 |
--------------------------------------------------------------------------------
/app/src/main/jni/Substrate/SymbolFinder.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 | #include
6 | #include
7 | #include
8 | #include
9 | #include
10 | #include "SymbolFinder.h"
11 |
12 | #define TAG "MSHook"
13 | #define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, TAG, __VA_ARGS__)
14 | #define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, TAG, __VA_ARGS__)
15 | /* memory map for libraries */
16 | #define MAX_NAME_LEN 256
17 | #define MEMORY_ONLY "[memory]"
18 | struct mm {
19 | char name[MAX_NAME_LEN];
20 | unsigned long start, end;
21 | };
22 |
23 | typedef struct symtab *symtab_t;
24 | struct symlist {
25 | Elf32_Sym *sym; /* symbols */
26 | char *str; /* symbol strings */
27 | unsigned num; /* number of symbols */
28 | };
29 | struct symtab {
30 | struct symlist *st; /* "static" symbols */
31 | struct symlist *dyn; /* dynamic symbols */
32 | };
33 |
34 | static void *xmalloc(size_t size) {
35 | void *p;
36 | p = malloc(size);
37 | if (!p) {
38 | printf(OBFUSCATE("Out of memory\n"));
39 | exit(1);
40 | }
41 | return p;
42 | }
43 |
44 | static int my_pread(int fd, void *buf, size_t count, off_t offset) {
45 | lseek(fd, offset, SEEK_SET);
46 | return read(fd, buf, count);
47 | }
48 |
49 | static struct symlist *get_syms(int fd, Elf32_Shdr *symh, Elf32_Shdr *strh) {
50 | struct symlist *sl, *ret;
51 | int rv;
52 |
53 | ret = NULL;
54 | sl = (struct symlist *) xmalloc(sizeof(struct symlist));
55 | sl->str = NULL;
56 | sl->sym = NULL;
57 |
58 | /* sanity */
59 | if (symh->sh_size % sizeof(Elf32_Sym)) {
60 | //printf("elf_error\n");
61 | goto out;
62 | }
63 |
64 | /* symbol table */
65 | sl->num = symh->sh_size / sizeof(Elf32_Sym);
66 | sl->sym = (Elf32_Sym *) xmalloc(symh->sh_size);
67 | rv = my_pread(fd, sl->sym, symh->sh_size, symh->sh_offset);
68 | if (0 > rv) {
69 | //perror("read");
70 | goto out;
71 | }
72 | if (rv != symh->sh_size) {
73 | //printf("elf error\n");
74 | goto out;
75 | }
76 |
77 | /* string table */
78 | sl->str = (char *) xmalloc(strh->sh_size);
79 | rv = my_pread(fd, sl->str, strh->sh_size, strh->sh_offset);
80 | if (0 > rv) {
81 | //perror("read");
82 | goto out;
83 | }
84 | if (rv != strh->sh_size) {
85 | //printf("elf error");
86 | goto out;
87 | }
88 |
89 | ret = sl;
90 | out:
91 | return ret;
92 | }
93 |
94 | static int do_load(int fd, symtab_t symtab) {
95 | int rv;
96 | size_t size;
97 | Elf32_Ehdr ehdr;
98 | Elf32_Shdr *shdr = NULL, *p;
99 | Elf32_Shdr *dynsymh, *dynstrh;
100 | Elf32_Shdr *symh, *strh;
101 | char *shstrtab = NULL;
102 | int i;
103 | int ret = -1;
104 |
105 | /* elf header */
106 | rv = read(fd, &ehdr, sizeof(ehdr));
107 | if (0 > rv) {
108 | LOGD(OBFUSCATE("read\n"));
109 | goto out;
110 | }
111 | if (rv != sizeof(ehdr)) {
112 | LOGD(OBFUSCATE("elf error 1\n"));
113 | goto out;
114 | }
115 | if (strncmp((const char *) ELFMAG, (const char *) ehdr.e_ident, SELFMAG)) { /* sanity */
116 | LOGD(OBFUSCATE("not an elf\n"));
117 | goto out;
118 | }
119 | if (sizeof(Elf32_Shdr) != ehdr.e_shentsize) { /* sanity */
120 | LOGD(OBFUSCATE("elf error 2\n"));
121 | goto out;
122 | }
123 |
124 | /* section header table */
125 | size = ehdr.e_shentsize * ehdr.e_shnum;
126 | shdr = (Elf32_Shdr *) xmalloc(size);
127 | rv = my_pread(fd, shdr, size, ehdr.e_shoff);
128 | if (0 > rv) {
129 | LOGD(OBFUSCATE("read\n"));
130 | goto out;
131 | }
132 | if (rv != size) {
133 | LOGD(OBFUSCATE("elf error 3 %d %d\n"), rv, size);
134 | goto out;
135 | }
136 |
137 | /* section header string table */
138 | size = shdr[ehdr.e_shstrndx].sh_size;
139 | shstrtab = (char *) xmalloc(size);
140 | rv = my_pread(fd, shstrtab, size, shdr[ehdr.e_shstrndx].sh_offset);
141 | if (0 > rv) {
142 | LOGD(OBFUSCATE("read\n"));
143 | goto out;
144 | }
145 | if (rv != size) {
146 | LOGD(OBFUSCATE("elf error 4 %d %d\n"), rv, size);
147 | goto out;
148 | }
149 |
150 | /* symbol table headers */
151 | symh = dynsymh = NULL;
152 | strh = dynstrh = NULL;
153 | for (i = 0, p = shdr; i < ehdr.e_shnum; i++, p++)
154 | if (SHT_SYMTAB == p->sh_type) {
155 | if (symh) {
156 | LOGD(OBFUSCATE("too many symbol tables\n"));
157 | goto out;
158 | }
159 | symh = p;
160 | } else if (SHT_DYNSYM == p->sh_type) {
161 | if (dynsymh) {
162 | LOGD(OBFUSCATE("too many symbol tables\n"));
163 | goto out;
164 | }
165 | dynsymh = p;
166 | } else if (SHT_STRTAB == p->sh_type
167 | && !strncmp(shstrtab + p->sh_name, OBFUSCATE(".strtab"), 7)) {
168 | if (strh) {
169 | LOGD(OBFUSCATE("too many string tables\n"));
170 | goto out;
171 | }
172 | strh = p;
173 | } else if (SHT_STRTAB == p->sh_type
174 | && !strncmp(shstrtab + p->sh_name, OBFUSCATE(".dynstr"), 7)) {
175 | if (dynstrh) {
176 | LOGD(OBFUSCATE("too many string tables\n"));
177 | goto out;
178 | }
179 | dynstrh = p;
180 | }
181 | /* sanity checks */
182 | if ((!dynsymh && dynstrh) || (dynsymh && !dynstrh)) {
183 | LOGD(OBFUSCATE("bad dynamic symbol table\n"));
184 | goto out;
185 | }
186 | if ((!symh && strh) || (symh && !strh)) {
187 | LOGD(OBFUSCATE("bad symbol table\n"));
188 | goto out;
189 | }
190 | if (!dynsymh && !symh) {
191 | LOGD(OBFUSCATE("no symbol table\n"));
192 | goto out;
193 | }
194 |
195 | /* symbol tables */
196 | if (dynsymh)
197 | symtab->dyn = get_syms(fd, dynsymh, dynstrh);
198 | if (symh)
199 | symtab->st = get_syms(fd, symh, strh);
200 | ret = 0;
201 | out:
202 | free(shstrtab);
203 | free(shdr);
204 | return ret;
205 | }
206 |
207 | static symtab_t load_symtab(char *filename) {
208 | int fd;
209 | symtab_t symtab;
210 |
211 | symtab = (symtab_t) xmalloc(sizeof(*symtab));
212 | memset(symtab, 0, sizeof(*symtab));
213 |
214 | fd = open(filename, O_RDONLY);
215 | if (0 > fd) {
216 | LOGE(OBFUSCATE("%s open\n"), __func__);
217 | return NULL;
218 | }
219 | if (0 > do_load(fd, symtab)) {
220 | LOGE(OBFUSCATE("Error ELF parsing %s\n"), filename);
221 | free(symtab);
222 | symtab = NULL;
223 | }
224 | close(fd);
225 | return symtab;
226 | }
227 |
228 | static int load_memmap(pid_t pid, struct mm *mm, int *nmmp) {
229 | size_t buf_size = 0x40000;
230 | char *p_buf = (char *) malloc(buf_size); // increase this if needed for larger "maps"
231 | char name[MAX_NAME_LEN] = {0};
232 | char *p;
233 | unsigned long start, end;
234 | struct mm *m;
235 | int nmm = 0;
236 | int fd, rv;
237 | int i;
238 |
239 | sprintf(p_buf, OBFUSCATE("/proc/%d/maps"), pid);
240 | fd = open(p_buf, O_RDONLY);
241 | if (0 > fd) {
242 | LOGE(OBFUSCATE("Can't open %s for reading\n"), p_buf);
243 | free(p_buf);
244 | return -1;
245 | }
246 |
247 | /* Zero to ensure data is null terminated */
248 | memset(p_buf, 0, buf_size);
249 |
250 | p = p_buf;
251 | while (1) {
252 | rv = read(fd, p, buf_size - (p - p_buf));
253 | if (0 > rv) {
254 | LOGE(OBFUSCATE("%s read"), __FUNCTION__);
255 | free(p_buf);
256 | return -1;
257 | }
258 | if (0 == rv)
259 | break;
260 | p += rv;
261 | if (p - p_buf >= buf_size) {
262 | LOGE(OBFUSCATE("Too many memory mapping\n"));
263 | free(p_buf);
264 | return -1;
265 | }
266 | }
267 | close(fd);
268 |
269 | p = strtok(p_buf, "\n");
270 | m = mm;
271 | while (p) {
272 | /* parse current map line */
273 | rv = sscanf(p, OBFUSCATE("%08lx-%08lx %*s %*s %*s %*s %s\n"), &start, &end, name);
274 |
275 | p = strtok(NULL, "\n");
276 |
277 | if (rv == 2) {
278 | m = &mm[nmm++];
279 | m->start = start;
280 | m->end = end;
281 | memcpy(m->name, MEMORY_ONLY, sizeof(MEMORY_ONLY));
282 | continue;
283 | }
284 |
285 | /* search backward for other mapping with same name */
286 | for (i = nmm - 1; i >= 0; i--) {
287 | m = &mm[i];
288 | if (!strcmp(m->name, name))
289 | break;
290 | }
291 |
292 | if (i >= 0) {
293 | if (start < m->start)
294 | m->start = start;
295 | if (end > m->end)
296 | m->end = end;
297 | } else {
298 | /* new entry */
299 | m = &mm[nmm++];
300 | m->start = start;
301 | m->end = end;
302 | memcpy(m->name, name, strlen(name));
303 | }
304 | }
305 |
306 | *nmmp = nmm;
307 | free(p_buf);
308 | return 0;
309 | }
310 |
311 | /* Find libc in MM, storing no more than LEN-1 chars of
312 | its name in NAME and set START to its starting
313 | address. If libc cannot be found return -1 and
314 | leave NAME and START untouched. Otherwise return 0
315 | and null-terminated NAME. */
316 | static int find_libname(const char *libn, char *name, int len, unsigned long *start,
317 | struct mm *mm, int nmm) {
318 | int i;
319 | struct mm *m;
320 | char *p;
321 | for (i = 0, m = mm; i < nmm; i++, m++) {
322 | if (!strcmp(m->name, MEMORY_ONLY))
323 | continue;
324 | p = strrchr(m->name, '/');
325 | if (!p)
326 | continue;
327 | p++;
328 | if (strncmp(libn, p, strlen(libn)))
329 | continue;
330 | p += strlen(libn);
331 |
332 | /* here comes our crude test -> 'libc.so' or 'libc-[0-9]' */
333 | if (!strncmp(OBFUSCATE("so"), p, 2) || 1) // || (p[0] == '-' && isdigit(p[1])))
334 | break;
335 | }
336 | if (i >= nmm)
337 | /* not found */
338 | return -1;
339 |
340 | *start = m->start;
341 | strncpy(name, m->name, len);
342 | if (strlen(m->name) >= len)
343 | name[len - 1] = '\0';
344 |
345 | mprotect((void *) m->start, m->end - m->start,
346 | PROT_READ | PROT_WRITE | PROT_EXEC);
347 | return 0;
348 | }
349 |
350 | static int lookup2(struct symlist *sl, unsigned char type, char *name,
351 | unsigned long *val) {
352 | Elf32_Sym *p;
353 | int len;
354 | int i;
355 |
356 | len = strlen(name);
357 | for (i = 0, p = sl->sym; i < sl->num; i++, p++) {
358 | //LOGD("name: %s %x\n", sl->str+p->st_name, p->st_value)
359 | if (!strncmp(sl->str + p->st_name, name, len)
360 | && *(sl->str + p->st_name + len) == 0
361 | && ELF32_ST_TYPE(p->st_info) == type) {
362 | //if (p->st_value != 0) {
363 | *val = p->st_value;
364 | return 0;
365 | //}
366 | }
367 | }
368 | return -1;
369 | }
370 |
371 | static int lookup_sym(symtab_t s, unsigned char type, char *name,
372 | unsigned long *val) {
373 | if (s->dyn && !lookup2(s->dyn, type, name, val))
374 | return 0;
375 | if (s->st && !lookup2(s->st, type, name, val))
376 | return 0;
377 | return -1;
378 | }
379 |
380 | static int lookup_func_sym(symtab_t s, char *name, unsigned long *val) {
381 | return lookup_sym(s, STT_FUNC, name, val);
382 | }
383 |
384 | int find_name(pid_t pid, const char *name, const char *libn,
385 | unsigned long *addr) {
386 | struct mm mm[1000] = {0};
387 | unsigned long libcaddr;
388 | int nmm;
389 | char libc[1024] = {0};
390 | symtab_t s;
391 |
392 | if (0 > load_memmap(pid, mm, &nmm)) {
393 | LOGD(OBFUSCATE("cannot read memory map\n"));
394 | return -1;
395 | }
396 | if (0
397 | > find_libname((char *) libn, (char *) libc, sizeof(libc),
398 | &libcaddr, mm, nmm)) {
399 | LOGD(OBFUSCATE("cannot find lib: %s\n"), libn);
400 | return -1;
401 | }
402 | //LOGD("lib: >%s<\n", libc)
403 | s = load_symtab(libc);
404 | if (!s) {
405 | LOGD(OBFUSCATE("cannot read symbol table\n"));
406 | return -1;
407 | }
408 | if (0 > lookup_func_sym(s, (char *) name, addr)) {
409 | LOGD(OBFUSCATE("cannot find function: %s\n"), name);
410 | return -1;
411 | }
412 | *addr += libcaddr;
413 | return 0;
414 | }
415 |
416 | int find_libbase(pid_t pid, const char *libn, unsigned long *addr) {
417 | struct mm mm[1000] = {0};
418 | unsigned long libcaddr;
419 | int nmm;
420 | char libc[1024] = {0};
421 | symtab_t s;
422 |
423 | if (0 > load_memmap(pid, mm, &nmm)) {
424 | LOGD(OBFUSCATE("cannot read memory map\n"));
425 | return -1;
426 | }
427 | if (0 > find_libname(libn, libc, sizeof(libc), &libcaddr, mm, nmm)) {
428 | LOGD(OBFUSCATE("cannot find lib\n"));
429 | return -1;
430 | }
431 | *addr = libcaddr;
432 | return 0;
433 | }
434 |
--------------------------------------------------------------------------------
/app/src/main/jni/Includes/Vector2.h:
--------------------------------------------------------------------------------
1 | /**
2 | * ============================================================================
3 | * MIT License
4 | *
5 | * Copyright (c) 2016 Eric Phillips
6 | *
7 | * Permission is hereby granted, free of charge, to any person obtaining a
8 | * copy of this software and associated documentation files (the "Software"),
9 | * to deal in the Software without restriction, including without limitation
10 | * the rights to use, copy, modify, merge, publish, distribute, sublicense,
11 | * and/or sell copies of the Software, and to permit persons to whom the
12 | * Software is furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in
15 | * all copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
22 | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
23 | * DEALINGS IN THE SOFTWARE.
24 | * ============================================================================
25 | *
26 | *
27 | * This file implements a series of math functions for manipulating a
28 | * 2D vector.
29 | *
30 | * Created by Eric Phillips on October 15, 2016.
31 | */
32 |
33 | #pragma once
34 |
35 | #define _USE_MATH_DEFINES
36 | #include "../../../../../../../../AppData/Local/Android/Sdk/ndk/22.0.7026061/sources/cxx-stl/llvm-libc++/include/math.h"
37 |
38 |
39 | struct Vector2
40 | {
41 | union
42 | {
43 | struct
44 | {
45 | float X;
46 | float Y;
47 | };
48 | float data[2];
49 | };
50 |
51 |
52 | /**
53 | * Constructors.
54 | */
55 | inline Vector2();
56 | inline Vector2(float data[]);
57 | inline Vector2(float value);
58 | inline Vector2(float x, float y);
59 |
60 |
61 | /**
62 | * Constants for common vectors.
63 | */
64 | static inline Vector2 Zero();
65 | static inline Vector2 One();
66 | static inline Vector2 Right();
67 | static inline Vector2 Left();
68 | static inline Vector2 Up();
69 | static inline Vector2 Down();
70 |
71 |
72 | /**
73 | * Returns the angle between two vectors in radians.
74 | * @param a: The first vector.
75 | * @param b: The second vector.
76 | * @return: A scalar value.
77 | */
78 | static inline float Angle(Vector2 a, Vector2 b);
79 |
80 | /**
81 | * Returns a vector with its magnitude clamped to maxLength.
82 | * @param vector: The target vector.
83 | * @param maxLength: The maximum length of the return vector.
84 | * @return: A new vector.
85 | */
86 | static inline Vector2 ClampMagnitude(Vector2 vector, float maxLength);
87 |
88 | /**
89 | * Returns the component of a in the direction of b (scalar projection).
90 | * @param a: The target vector.
91 | * @param b: The vector being compared against.
92 | * @return: A scalar value.
93 | */
94 | static inline float Component(Vector2 a, Vector2 b);
95 |
96 | /**
97 | * Returns the distance between a and b.
98 | * @param a: The first point.
99 | * @param b: The second point.
100 | * @return: A scalar value.
101 | */
102 | static inline float Distance(Vector2 a, Vector2 b);
103 |
104 | /**
105 | * Returns the dot product of two vectors.
106 | * @param lhs: The left side of the multiplication.
107 | * @param rhs: The right side of the multiplication.
108 | * @return: A scalar value.
109 | */
110 | static inline float Dot(Vector2 lhs, Vector2 rhs);
111 |
112 | /**
113 | * Converts a polar representation of a vector into cartesian
114 | * coordinates.
115 | * @param rad: The magnitude of the vector.
116 | * @param theta: The angle from the X axis.
117 | * @return: A new vector.
118 | */
119 | static inline Vector2 FromPolar(float rad, float theta);
120 |
121 | /**
122 | * Returns a vector linearly interpolated between a and b, moving along
123 | * a straight line. The vector is clamped to never go beyond the end points.
124 | * @param a: The starting point.
125 | * @param b: The ending point.
126 | * @param t: The interpolation value [0-1].
127 | * @return: A new vector.
128 | */
129 | static inline Vector2 Lerp(Vector2 a, Vector2 b, float t);
130 |
131 | /**
132 | * Returns a vector linearly interpolated between a and b, moving along
133 | * a straight line.
134 | * @param a: The starting point.
135 | * @param b: The ending point.
136 | * @param t: The interpolation value [0-1] (no actual bounds).
137 | * @return: A new vector.
138 | */
139 | static inline Vector2 LerpUnclamped(Vector2 a, Vector2 b, float t);
140 |
141 | /**
142 | * Returns the magnitude of a vector.
143 | * @param v: The vector in question.
144 | * @return: A scalar value.
145 | */
146 | static inline float Magnitude(Vector2 v);
147 |
148 | /**
149 | * Returns a vector made from the largest components of two other vectors.
150 | * @param a: The first vector.
151 | * @param b: The second vector.
152 | * @return: A new vector.
153 | */
154 | static inline Vector2 Max(Vector2 a, Vector2 b);
155 |
156 | /**
157 | * Returns a vector made from the smallest components of two other vectors.
158 | * @param a: The first vector.
159 | * @param b: The second vector.
160 | * @return: A new vector.
161 | */
162 | static inline Vector2 Min(Vector2 a, Vector2 b);
163 |
164 | /**
165 | * Returns a vector "maxDistanceDelta" units closer to the target. This
166 | * interpolation is in a straight line, and will not overshoot.
167 | * @param current: The current position.
168 | * @param target: The destination position.
169 | * @param maxDistanceDelta: The maximum distance to move.
170 | * @return: A new vector.
171 | */
172 | static inline Vector2 MoveTowards(Vector2 current, Vector2 target,
173 | float maxDistanceDelta);
174 |
175 | /**
176 | * Returns a new vector with magnitude of one.
177 | * @param v: The vector in question.
178 | * @return: A new vector.
179 | */
180 | static inline Vector2 Normalized(Vector2 v);
181 |
182 | /**
183 | * Creates a new coordinate system out of the two vectors.
184 | * Normalizes "normal" and normalizes "tangent" and makes it orthogonal to
185 | * "normal"..
186 | * @param normal: A reference to the first axis vector.
187 | * @param tangent: A reference to the second axis vector.
188 | */
189 | static inline void OrthoNormalize(Vector2 &normal, Vector2 &tangent);
190 |
191 | /**
192 | * Returns the vector projection of a onto b.
193 | * @param a: The target vector.
194 | * @param b: The vector being projected onto.
195 | * @return: A new vector.
196 | */
197 | static inline Vector2 Project(Vector2 a, Vector2 b);
198 |
199 | /**
200 | * Returns a vector reflected about the provided line.
201 | * This behaves as if there is a plane with the line as its normal, and the
202 | * vector comes in and bounces off this plane.
203 | * @param vector: The vector traveling inward at the imaginary plane.
204 | * @param line: The line about which to reflect.
205 | * @return: A new vector pointing outward from the imaginary plane.
206 | */
207 | static inline Vector2 Reflect(Vector2 vector, Vector2 line);
208 |
209 | /**
210 | * Returns the vector rejection of a on b.
211 | * @param a: The target vector.
212 | * @param b: The vector being projected onto.
213 | * @return: A new vector.
214 | */
215 | static inline Vector2 Reject(Vector2 a, Vector2 b);
216 |
217 | /**
218 | * Rotates vector "current" towards vector "target" by "maxRadiansDelta".
219 | * This treats the vectors as directions and will linearly interpolate
220 | * between their magnitudes by "maxMagnitudeDelta". This function does not
221 | * overshoot. If a negative delta is supplied, it will rotate away from
222 | * "target" until it is pointing the opposite direction, but will not
223 | * overshoot that either.
224 | * @param current: The starting direction.
225 | * @param target: The destination direction.
226 | * @param maxRadiansDelta: The maximum number of radians to rotate.
227 | * @param maxMagnitudeDelta: The maximum delta for magnitude interpolation.
228 | * @return: A new vector.
229 | */
230 | static inline Vector2 RotateTowards(Vector2 current, Vector2 target,
231 | float maxRadiansDelta,
232 | float maxMagnitudeDelta);
233 |
234 | /**
235 | * Multiplies two vectors component-wise.
236 | * @param a: The lhs of the multiplication.
237 | * @param b: The rhs of the multiplication.
238 | * @return: A new vector.
239 | */
240 | static inline Vector2 Scale(Vector2 a, Vector2 b);
241 |
242 | /**
243 | * Returns a vector rotated towards b from a by the percent t.
244 | * Since interpolation is done spherically, the vector moves at a constant
245 | * angular velocity. This rotation is clamped to 0 <= t <= 1.
246 | * @param a: The starting direction.
247 | * @param b: The ending direction.
248 | * @param t: The interpolation value [0-1].
249 | */
250 | static inline Vector2 Slerp(Vector2 a, Vector2 b, float t);
251 |
252 | /**
253 | * Returns a vector rotated towards b from a by the percent t.
254 | * Since interpolation is done spherically, the vector moves at a constant
255 | * angular velocity. This rotation is unclamped.
256 | * @param a: The starting direction.
257 | * @param b: The ending direction.
258 | * @param t: The interpolation value [0-1].
259 | */
260 | static inline Vector2 SlerpUnclamped(Vector2 a, Vector2 b, float t);
261 |
262 | /**
263 | * Returns the squared magnitude of a vector.
264 | * This is useful when comparing relative lengths, where the exact length
265 | * is not important, and much time can be saved by not calculating the
266 | * square root.
267 | * @param v: The vector in question.
268 | * @return: A scalar value.
269 | */
270 | static inline float SqrMagnitude(Vector2 v);
271 |
272 | /**
273 | * Calculates the polar coordinate space representation of a vector.
274 | * @param vector: The vector to convert.
275 | * @param rad: The magnitude of the vector.
276 | * @param theta: The angle from the X axis.
277 | */
278 | static inline void ToPolar(Vector2 vector, float &rad, float &theta);
279 |
280 |
281 | /**
282 | * Operator overloading.
283 | */
284 | inline struct Vector2& operator+=(const float rhs);
285 | inline struct Vector2& operator-=(const float rhs);
286 | inline struct Vector2& operator*=(const float rhs);
287 | inline struct Vector2& operator/=(const float rhs);
288 | inline struct Vector2& operator+=(const Vector2 rhs);
289 | inline struct Vector2& operator-=(const Vector2 rhs);
290 | };
291 |
292 | inline Vector2 operator-(Vector2 rhs);
293 | inline Vector2 operator+(Vector2 lhs, const float rhs);
294 | inline Vector2 operator-(Vector2 lhs, const float rhs);
295 | inline Vector2 operator*(Vector2 lhs, const float rhs);
296 | inline Vector2 operator/(Vector2 lhs, const float rhs);
297 | inline Vector2 operator+(const float lhs, Vector2 rhs);
298 | inline Vector2 operator-(const float lhs, Vector2 rhs);
299 | inline Vector2 operator*(const float lhs, Vector2 rhs);
300 | inline Vector2 operator/(const float lhs, Vector2 rhs);
301 | inline Vector2 operator+(Vector2 lhs, const Vector2 rhs);
302 | inline Vector2 operator-(Vector2 lhs, const Vector2 rhs);
303 | inline bool operator==(const Vector2 lhs, const Vector2 rhs);
304 | inline bool operator!=(const Vector2 lhs, const Vector2 rhs);
305 |
306 |
307 |
308 | /*******************************************************************************
309 | * Implementation
310 | */
311 |
312 | Vector2::Vector2() : X(0), Y(0) {}
313 | Vector2::Vector2(float data[]) : X(data[0]), Y(data[1]) {}
314 | Vector2::Vector2(float value) : X(value), Y(value) {}
315 | Vector2::Vector2(float x, float y) : X(x), Y(y) {}
316 |
317 |
318 | Vector2 Vector2::Zero() { return Vector2(0, 0); }
319 | Vector2 Vector2::One() { return Vector2(1, 1); }
320 | Vector2 Vector2::Right() { return Vector2(1, 0); }
321 | Vector2 Vector2::Left() { return Vector2(-1, 0); }
322 | Vector2 Vector2::Up() { return Vector2(0, 1); }
323 | Vector2 Vector2::Down() { return Vector2(0, -1); }
324 |
325 |
326 | float Vector2::Angle(Vector2 a, Vector2 b)
327 | {
328 | float v = Dot(a, b) / (Magnitude(a) * Magnitude(b));
329 | v = fmax(v, -1.0);
330 | v = fmin(v, 1.0);
331 | return acos(v);
332 | }
333 |
334 | Vector2 Vector2::ClampMagnitude(Vector2 vector, float maxLength)
335 | {
336 | float length = Magnitude(vector);
337 | if (length > maxLength)
338 | vector *= maxLength / length;
339 | return vector;
340 | }
341 |
342 | float Vector2::Component(Vector2 a, Vector2 b)
343 | {
344 | return Dot(a, b) / Magnitude(b);
345 | }
346 |
347 | float Vector2::Distance(Vector2 a, Vector2 b)
348 | {
349 | return Vector2::Magnitude(a - b);
350 | }
351 |
352 | float Vector2::Dot(Vector2 lhs, Vector2 rhs)
353 | {
354 | return lhs.X * rhs.X + lhs.Y * rhs.Y;
355 | }
356 |
357 | Vector2 Vector2::FromPolar(float rad, float theta)
358 | {
359 | Vector2 v;
360 | v.X = rad * cos(theta);
361 | v.Y = rad * sin(theta);
362 | return v;
363 | }
364 |
365 | Vector2 Vector2::Lerp(Vector2 a, Vector2 b, float t)
366 | {
367 | if (t < 0) return a;
368 | else if (t > 1) return b;
369 | return LerpUnclamped(a, b, t);
370 | }
371 |
372 | Vector2 Vector2::LerpUnclamped(Vector2 a, Vector2 b, float t)
373 | {
374 | return (b - a) * t + a;
375 | }
376 |
377 | float Vector2::Magnitude(Vector2 v)
378 | {
379 | return sqrt(SqrMagnitude(v));
380 | }
381 |
382 | Vector2 Vector2::Max(Vector2 a, Vector2 b)
383 | {
384 | float x = a.X > b.X ? a.X : b.X;
385 | float y = a.Y > b.Y ? a.Y : b.Y;
386 | return Vector2(x, y);
387 | }
388 |
389 | Vector2 Vector2::Min(Vector2 a, Vector2 b)
390 | {
391 | float x = a.X > b.X ? b.X : a.X;
392 | float y = a.Y > b.Y ? b.Y : a.Y;
393 | return Vector2(x, y);
394 | }
395 |
396 | Vector2 Vector2::MoveTowards(Vector2 current, Vector2 target,
397 | float maxDistanceDelta)
398 | {
399 | Vector2 d = target - current;
400 | float m = Magnitude(d);
401 | if (m < maxDistanceDelta || m == 0)
402 | return target;
403 | return current + (d * maxDistanceDelta / m);
404 | }
405 |
406 | Vector2 Vector2::Normalized(Vector2 v)
407 | {
408 | float mag = Magnitude(v);
409 | if (mag == 0)
410 | return Vector2::Zero();
411 | return v / mag;
412 | }
413 |
414 | void Vector2::OrthoNormalize(Vector2 &normal, Vector2 &tangent)
415 | {
416 | normal = Normalized(normal);
417 | tangent = Reject(tangent, normal);
418 | tangent = Normalized(tangent);
419 | }
420 |
421 | Vector2 Vector2::Project(Vector2 a, Vector2 b)
422 | {
423 | float m = Magnitude(b);
424 | return Dot(a, b) / (m * m) * b;
425 | }
426 |
427 | Vector2 Vector2::Reflect(Vector2 vector, Vector2 planeNormal)
428 | {
429 | return vector - 2 * Project(vector, planeNormal);
430 | }
431 |
432 | Vector2 Vector2::Reject(Vector2 a, Vector2 b)
433 | {
434 | return a - Project(a, b);
435 | }
436 |
437 | Vector2 Vector2::RotateTowards(Vector2 current, Vector2 target,
438 | float maxRadiansDelta,
439 | float maxMagnitudeDelta)
440 | {
441 | float magCur = Magnitude(current);
442 | float magTar = Magnitude(target);
443 | float newMag = magCur + maxMagnitudeDelta *
444 | ((magTar > magCur) - (magCur > magTar));
445 | newMag = fmin(newMag, fmax(magCur, magTar));
446 | newMag = fmax(newMag, fmin(magCur, magTar));
447 |
448 | float totalAngle = Angle(current, target) - maxRadiansDelta;
449 | if (totalAngle <= 0)
450 | return Normalized(target) * newMag;
451 | else if (totalAngle >= M_PI)
452 | return Normalized(-target) * newMag;
453 |
454 | float axis = current.X * target.Y - current.Y * target.X;
455 | axis = axis / fabs(axis);
456 | if (!(1 - fabs(axis) < 0.00001))
457 | axis = 1;
458 | current = Normalized(current);
459 | Vector2 newVector = current * cos(maxRadiansDelta) +
460 | Vector2(-current.Y, current.X) * sin(maxRadiansDelta) * axis;
461 | return newVector * newMag;
462 | }
463 |
464 | Vector2 Vector2::Scale(Vector2 a, Vector2 b)
465 | {
466 | return Vector2(a.X * b.X, a.Y * b.Y);
467 | }
468 |
469 | Vector2 Vector2::Slerp(Vector2 a, Vector2 b, float t)
470 | {
471 | if (t < 0) return a;
472 | else if (t > 1) return b;
473 | return SlerpUnclamped(a, b, t);
474 | }
475 |
476 | Vector2 Vector2::SlerpUnclamped(Vector2 a, Vector2 b, float t)
477 | {
478 | float magA = Magnitude(a);
479 | float magB = Magnitude(b);
480 | a /= magA;
481 | b /= magB;
482 | float dot = Dot(a, b);
483 | dot = fmax(dot, -1.0);
484 | dot = fmin(dot, 1.0);
485 | float theta = acos(dot) * t;
486 | Vector2 relativeVec = Normalized(b - a * dot);
487 | Vector2 newVec = a * cos(theta) + relativeVec * sin(theta);
488 | return newVec * (magA + (magB - magA) * t);
489 | }
490 |
491 | float Vector2::SqrMagnitude(Vector2 v)
492 | {
493 | return v.X * v.X + v.Y * v.Y;
494 | }
495 |
496 | void Vector2::ToPolar(Vector2 vector, float &rad, float &theta)
497 | {
498 | rad = Magnitude(vector);
499 | theta = atan2(vector.Y, vector.X);
500 | }
501 |
502 |
503 | struct Vector2& Vector2::operator+=(const float rhs)
504 | {
505 | X += rhs;
506 | Y += rhs;
507 | return *this;
508 | }
509 |
510 | struct Vector2& Vector2::operator-=(const float rhs)
511 | {
512 | X -= rhs;
513 | Y -= rhs;
514 | return *this;
515 | }
516 |
517 | struct Vector2& Vector2::operator*=(const float rhs)
518 | {
519 | X *= rhs;
520 | Y *= rhs;
521 | return *this;
522 | }
523 |
524 | struct Vector2& Vector2::operator/=(const float rhs)
525 | {
526 | X /= rhs;
527 | Y /= rhs;
528 | return *this;
529 | }
530 |
531 | struct Vector2& Vector2::operator+=(const Vector2 rhs)
532 | {
533 | X += rhs.X;
534 | Y += rhs.Y;
535 | return *this;
536 | }
537 |
538 | struct Vector2& Vector2::operator-=(const Vector2 rhs)
539 | {
540 | X -= rhs.X;
541 | Y -= rhs.Y;
542 | return *this;
543 | }
544 |
545 | Vector2 operator-(Vector2 rhs) { return rhs * -1; }
546 | Vector2 operator+(Vector2 lhs, const float rhs) { return lhs += rhs; }
547 | Vector2 operator-(Vector2 lhs, const float rhs) { return lhs -= rhs; }
548 | Vector2 operator*(Vector2 lhs, const float rhs) { return lhs *= rhs; }
549 | Vector2 operator/(Vector2 lhs, const float rhs) { return lhs /= rhs; }
550 | Vector2 operator+(const float lhs, Vector2 rhs) { return rhs += lhs; }
551 | Vector2 operator-(const float lhs, Vector2 rhs) { return rhs -= lhs; }
552 | Vector2 operator*(const float lhs, Vector2 rhs) { return rhs *= lhs; }
553 | Vector2 operator/(const float lhs, Vector2 rhs) { return rhs /= lhs; }
554 | Vector2 operator+(Vector2 lhs, const Vector2 rhs) { return lhs += rhs; }
555 | Vector2 operator-(Vector2 lhs, const Vector2 rhs) { return lhs -= rhs; }
556 |
557 | bool operator==(const Vector2 lhs, const Vector2 rhs)
558 | {
559 | return lhs.X == rhs.X && lhs.Y == rhs.Y;
560 | }
561 |
562 | bool operator!=(const Vector2 lhs, const Vector2 rhs)
563 | {
564 | return !(lhs == rhs);
565 | }
--------------------------------------------------------------------------------
/app/src/main/jni/And64InlineHook/And64InlineHook.cpp:
--------------------------------------------------------------------------------
1 | /*
2 | * @date : 2018/04/18
3 | * @author : Rprop (r_prop@outlook.com)
4 | * https://github.com/Rprop/And64InlineHook
5 | */
6 | /*
7 | MIT License
8 |
9 | Copyright (c) 2018 Rprop (r_prop@outlook.com)
10 |
11 | Permission is hereby granted, free of charge, to any person obtaining a copy
12 | of this software and associated documentation files (the "Software"), to deal
13 | in the Software without restriction, including without limitation the rights
14 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 | copies of the Software, and to permit persons to whom the Software is
16 | furnished to do so, subject to the following conditions:
17 |
18 | The above copyright notice and this permission notice shall be included in all
19 | copies or substantial portions of the Software.
20 |
21 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
27 | SOFTWARE.
28 | */
29 | #define __STDC_FORMAT_MACROS
30 |
31 | #include
32 | #include
33 | #include
34 | #include
35 | #include
36 | #include
37 |
38 | #if defined(__aarch64__)
39 |
40 | #include "And64InlineHook.hpp"
41 |
42 | #define A64_MAX_INSTRUCTIONS 5
43 | #define A64_MAX_REFERENCES (A64_MAX_INSTRUCTIONS * 2)
44 | #define A64_NOP 0xd503201fu
45 | #define A64_JNIEXPORT __attribute__((visibility("hidden")))
46 | #define A64_LOGE(...) ((void)__android_log_print(ANDROID_LOG_ERROR, "A64_HOOK", __VA_ARGS__))
47 | #ifndef NDEBUG
48 | # define A64_LOGI(...) ((void)__android_log_print(ANDROID_LOG_INFO, "A64_HOOK", __VA_ARGS__))
49 | #else
50 | # define A64_LOGI(...) ((void)0)
51 | #endif // NDEBUG
52 | typedef uint32_t *__restrict *__restrict instruction;
53 | typedef struct {
54 | struct fix_info {
55 | uint32_t *bp;
56 | uint32_t ls; // left-shift counts
57 | uint32_t ad; // & operand
58 | };
59 | struct insns_info {
60 | union {
61 | uint64_t insu;
62 | int64_t ins;
63 | void *insp;
64 | };
65 | fix_info fmap[A64_MAX_REFERENCES];
66 | };
67 | int64_t basep;
68 | int64_t endp;
69 | insns_info dat[A64_MAX_INSTRUCTIONS];
70 |
71 | public:
72 | inline bool is_in_fixing_range(const int64_t absolute_addr) {
73 | return absolute_addr >= this->basep && absolute_addr < this->endp;
74 | }
75 |
76 | inline intptr_t get_ref_ins_index(const int64_t absolute_addr) {
77 | return static_cast((absolute_addr - this->basep) / sizeof(uint32_t));
78 | }
79 |
80 | inline intptr_t get_and_set_current_index(uint32_t *__restrict inp, uint32_t *__restrict outp) {
81 | intptr_t current_idx = this->get_ref_ins_index(reinterpret_cast(inp));
82 | this->dat[current_idx].insp = outp;
83 | return current_idx;
84 | }
85 |
86 | inline void reset_current_ins(const intptr_t idx, uint32_t *__restrict outp) {
87 | this->dat[idx].insp = outp;
88 | }
89 |
90 | void
91 | insert_fix_map(const intptr_t idx, uint32_t *bp, uint32_t ls = 0u, uint32_t ad = 0xffffffffu) {
92 | for (auto &f : this->dat[idx].fmap) {
93 | if (f.bp == NULL) {
94 | f.bp = bp;
95 | f.ls = ls;
96 | f.ad = ad;
97 | return;
98 | } //if
99 | }
100 | // What? GGing..
101 | }
102 |
103 | void process_fix_map(const intptr_t idx) {
104 | for (auto &f : this->dat[idx].fmap) {
105 | if (f.bp == NULL) break;
106 | *(f.bp) = *(f.bp) |
107 | (((int32_t(this->dat[idx].ins - reinterpret_cast(f.bp)) >> 2)
108 | << f.ls) & f.ad);
109 | f.bp = NULL;
110 | }
111 | }
112 | } context;
113 |
114 | //-------------------------------------------------------------------------
115 |
116 | static bool __fix_branch_imm(instruction inpp, instruction outpp, context *ctxp) {
117 | static constexpr uint32_t mbits = 6u;
118 | static constexpr uint32_t mask = 0xfc000000u; // 0b11111100000000000000000000000000
119 | static constexpr uint32_t rmask = 0x03ffffffu; // 0b00000011111111111111111111111111
120 | static constexpr uint32_t op_b = 0x14000000u; // "b" ADDR_PCREL26
121 | static constexpr uint32_t op_bl = 0x94000000u; // "bl" ADDR_PCREL26
122 |
123 | const uint32_t ins = *(*inpp);
124 | const uint32_t opc = ins & mask;
125 | switch (opc) {
126 | case op_b:
127 | case op_bl: {
128 | intptr_t current_idx = ctxp->get_and_set_current_index(*inpp, *outpp);
129 | int64_t absolute_addr = reinterpret_cast(*inpp) +
130 | (static_cast(ins << mbits)
131 | >> (mbits - 2u)); // sign-extended
132 | int64_t new_pc_offset =
133 | static_cast(absolute_addr - reinterpret_cast(*outpp))
134 | >> 2; // shifted
135 | bool special_fix_type = ctxp->is_in_fixing_range(absolute_addr);
136 | // whether the branch should be converted to absolute jump
137 | if (!special_fix_type && llabs(new_pc_offset) >= (rmask >> 1)) {
138 | bool b_aligned = (reinterpret_cast(*outpp + 2) & 7u) == 0u;
139 | if (opc == op_b) {
140 | if (b_aligned != true) {
141 | (*outpp)[0] = A64_NOP;
142 | ctxp->reset_current_ins(current_idx, ++(*outpp));
143 | } //if
144 | (*outpp)[0] = 0x58000051u; // LDR X17, #0x8
145 | (*outpp)[1] = 0xd61f0220u; // BR X17
146 | memcpy(*outpp + 2, &absolute_addr, sizeof(absolute_addr));
147 | *outpp += 4;
148 | } else {
149 | if (b_aligned == true) {
150 | (*outpp)[0] = A64_NOP;
151 | ctxp->reset_current_ins(current_idx, ++(*outpp));
152 | } //if
153 | (*outpp)[0] = 0x58000071u; // LDR X17, #12
154 | (*outpp)[1] = 0x1000009eu; // ADR X30, #16
155 | (*outpp)[2] = 0xd61f0220u; // BR X17
156 | memcpy(*outpp + 3, &absolute_addr, sizeof(absolute_addr));
157 | *outpp += 5;
158 | } //if
159 | } else {
160 | if (special_fix_type) {
161 | intptr_t ref_idx = ctxp->get_ref_ins_index(absolute_addr);
162 | if (ref_idx <= current_idx) {
163 | new_pc_offset = static_cast(ctxp->dat[ref_idx].ins -
164 | reinterpret_cast(*outpp))
165 | >> 2;
166 | } else {
167 | ctxp->insert_fix_map(ref_idx, *outpp, 0u, rmask);
168 | new_pc_offset = 0;
169 | } //if
170 | } //if
171 |
172 | (*outpp)[0] = opc | (new_pc_offset & ~mask);
173 | ++(*outpp);
174 | } //if
175 |
176 | ++(*inpp);
177 | return ctxp->process_fix_map(current_idx), true;
178 | }
179 | }
180 | return false;
181 | }
182 |
183 | //-------------------------------------------------------------------------
184 |
185 | static bool __fix_cond_comp_test_branch(instruction inpp, instruction outpp, context *ctxp) {
186 | static constexpr uint32_t lsb = 5u;
187 | static constexpr uint32_t lmask01 = 0xff00001fu; // 0b11111111000000000000000000011111
188 | static constexpr uint32_t mask0 = 0xff000010u; // 0b11111111000000000000000000010000
189 | static constexpr uint32_t op_bc = 0x54000000u; // "b.c" ADDR_PCREL19
190 | static constexpr uint32_t mask1 = 0x7f000000u; // 0b01111111000000000000000000000000
191 | static constexpr uint32_t op_cbz = 0x34000000u; // "cbz" Rt, ADDR_PCREL19
192 | static constexpr uint32_t op_cbnz = 0x35000000u; // "cbnz" Rt, ADDR_PCREL19
193 | static constexpr uint32_t lmask2 = 0xfff8001fu; // 0b11111111111110000000000000011111
194 | static constexpr uint32_t mask2 = 0x7f000000u; // 0b01111111000000000000000000000000
195 | static constexpr uint32_t op_tbz = 0x36000000u; // 0b00110110000000000000000000000000 "tbz" Rt, BIT_NUM, ADDR_PCREL14
196 | static constexpr uint32_t op_tbnz = 0x37000000u; // 0b00110111000000000000000000000000 "tbnz" Rt, BIT_NUM, ADDR_PCREL14
197 |
198 | const uint32_t ins = *(*inpp);
199 | uint32_t lmask = lmask01;
200 | if ((ins & mask0) != op_bc) {
201 | uint32_t opc = ins & mask1;
202 | if (opc != op_cbz && opc != op_cbnz) {
203 | opc = ins & mask2;
204 | if (opc != op_tbz && opc != op_tbnz) {
205 | return false;
206 | } //if
207 | lmask = lmask2;
208 | } //if
209 | } //if
210 |
211 | intptr_t current_idx = ctxp->get_and_set_current_index(*inpp, *outpp);
212 | int64_t absolute_addr = reinterpret_cast(*inpp) + ((ins & ~lmask) >> (lsb - 2u));
213 | int64_t new_pc_offset =
214 | static_cast(absolute_addr - reinterpret_cast(*outpp)) >> 2; // shifted
215 | bool special_fix_type = ctxp->is_in_fixing_range(absolute_addr);
216 | if (!special_fix_type && llabs(new_pc_offset) >= (~lmask >> (lsb + 1))) {
217 | if ((reinterpret_cast(*outpp + 4) & 7u) != 0u) {
218 | (*outpp)[0] = A64_NOP;
219 | ctxp->reset_current_ins(current_idx, ++(*outpp));
220 | } //if
221 | (*outpp)[0] = (((8u >> 2u) << lsb) & ~lmask) | (ins & lmask); // B.C #0x8
222 | (*outpp)[1] = 0x14000005u; // B #0x14
223 | (*outpp)[2] = 0x58000051u; // LDR X17, #0x8
224 | (*outpp)[3] = 0xd61f0220u; // BR X17
225 | memcpy(*outpp + 4, &absolute_addr, sizeof(absolute_addr));
226 | *outpp += 6;
227 | } else {
228 | if (special_fix_type) {
229 | intptr_t ref_idx = ctxp->get_ref_ins_index(absolute_addr);
230 | if (ref_idx <= current_idx) {
231 | new_pc_offset = static_cast(ctxp->dat[ref_idx].ins -
232 | reinterpret_cast(*outpp)) >> 2;
233 | } else {
234 | ctxp->insert_fix_map(ref_idx, *outpp, lsb, ~lmask);
235 | new_pc_offset = 0;
236 | } //if
237 | } //if
238 |
239 | (*outpp)[0] = (static_cast(new_pc_offset << lsb) & ~lmask) | (ins & lmask);
240 | ++(*outpp);
241 | } //if
242 |
243 | ++(*inpp);
244 | return ctxp->process_fix_map(current_idx), true;
245 | }
246 |
247 | //-------------------------------------------------------------------------
248 |
249 | static bool __fix_loadlit(instruction inpp, instruction outpp, context *ctxp) {
250 | const uint32_t ins = *(*inpp);
251 |
252 | // memory prefetch("prfm"), just skip it
253 | // http://infocenter.arm.com/help/topic/com.arm.doc.100069_0608_00_en/pge1427897420050.html
254 | if ((ins & 0xff000000u) == 0xd8000000u) {
255 | ctxp->process_fix_map(ctxp->get_and_set_current_index(*inpp, *outpp));
256 | ++(*inpp);
257 | return true;
258 | } //if
259 |
260 | static constexpr uint32_t msb = 8u;
261 | static constexpr uint32_t lsb = 5u;
262 | static constexpr uint32_t mask_30 = 0x40000000u; // 0b01000000000000000000000000000000
263 | static constexpr uint32_t mask_31 = 0x80000000u; // 0b10000000000000000000000000000000
264 | static constexpr uint32_t lmask = 0xff00001fu; // 0b11111111000000000000000000011111
265 | static constexpr uint32_t mask_ldr = 0xbf000000u; // 0b10111111000000000000000000000000
266 | static constexpr uint32_t op_ldr = 0x18000000u; // 0b00011000000000000000000000000000 "LDR Wt/Xt, label" | ADDR_PCREL19
267 | static constexpr uint32_t mask_ldrv = 0x3f000000u; // 0b00111111000000000000000000000000
268 | static constexpr uint32_t op_ldrv = 0x1c000000u; // 0b00011100000000000000000000000000 "LDR St/Dt/Qt, label" | ADDR_PCREL19
269 | static constexpr uint32_t mask_ldrsw = 0xff000000u; // 0b11111111000000000000000000000000
270 | static constexpr uint32_t op_ldrsw = 0x98000000u; // "LDRSW Xt, label" | ADDR_PCREL19 | load register signed word
271 | // LDR S0, #0 | 0b00011100000000000000000000000000 | 32-bit
272 | // LDR D0, #0 | 0b01011100000000000000000000000000 | 64-bit
273 | // LDR Q0, #0 | 0b10011100000000000000000000000000 | 128-bit
274 | // INVALID | 0b11011100000000000000000000000000 | may be 256-bit
275 |
276 | uint32_t mask = mask_ldr;
277 | uintptr_t faligned = (ins & mask_30) ? 7u : 3u;
278 | if ((ins & mask_ldr) != op_ldr) {
279 | mask = mask_ldrv;
280 | if (faligned != 7u)
281 | faligned = (ins & mask_31) ? 15u : 3u;
282 | if ((ins & mask_ldrv) != op_ldrv) {
283 | if ((ins & mask_ldrsw) != op_ldrsw) {
284 | return false;
285 | } //if
286 | mask = mask_ldrsw;
287 | faligned = 7u;
288 | } //if
289 | } //if
290 |
291 | intptr_t current_idx = ctxp->get_and_set_current_index(*inpp, *outpp);
292 | int64_t absolute_addr = reinterpret_cast(*inpp) +
293 | ((static_cast(ins << msb) >> (msb + lsb - 2u)) & ~3u);
294 | int64_t new_pc_offset =
295 | static_cast(absolute_addr - reinterpret_cast(*outpp)) >> 2; // shifted
296 | bool special_fix_type = ctxp->is_in_fixing_range(absolute_addr);
297 | // special_fix_type may encounter issue when there are mixed data and code
298 | if (special_fix_type || (llabs(new_pc_offset) + (faligned + 1u - 4u) / 4u) >=
299 | (~lmask >> (lsb + 1))) { // inaccurate, but it works
300 | while ((reinterpret_cast(*outpp + 2) & faligned) != 0u) {
301 | *(*outpp)++ = A64_NOP;
302 | }
303 | ctxp->reset_current_ins(current_idx, *outpp);
304 |
305 | // Note that if memory at absolute_addr is writeable (non-const), we will fail to fetch it.
306 | // And what's worse, we may unexpectedly overwrite something if special_fix_type is true...
307 | uint32_t ns = static_cast((faligned + 1) / sizeof(uint32_t));
308 | (*outpp)[0] = (((8u >> 2u) << lsb) & ~mask) | (ins & lmask); // LDR #0x8
309 | (*outpp)[1] = 0x14000001u + ns; // B #0xc
310 | memcpy(*outpp + 2, reinterpret_cast(absolute_addr), faligned + 1);
311 | *outpp += 2 + ns;
312 | } else {
313 | faligned >>= 2; // new_pc_offset is shifted and 4-byte aligned
314 | while ((new_pc_offset & faligned) != 0) {
315 | *(*outpp)++ = A64_NOP;
316 | new_pc_offset =
317 | static_cast(absolute_addr - reinterpret_cast(*outpp)) >> 2;
318 | }
319 | ctxp->reset_current_ins(current_idx, *outpp);
320 |
321 | (*outpp)[0] = (static_cast(new_pc_offset << lsb) & ~mask) | (ins & lmask);
322 | ++(*outpp);
323 | } //if
324 |
325 | ++(*inpp);
326 | return ctxp->process_fix_map(current_idx), true;
327 | }
328 |
329 | //-------------------------------------------------------------------------
330 |
331 | static bool __fix_pcreladdr(instruction inpp, instruction outpp, context *ctxp) {
332 | // Load a PC-relative address into a register
333 | // http://infocenter.arm.com/help/topic/com.arm.doc.100069_0608_00_en/pge1427897645644.html
334 | static constexpr uint32_t msb = 8u;
335 | static constexpr uint32_t lsb = 5u;
336 | static constexpr uint32_t mask = 0x9f000000u; // 0b10011111000000000000000000000000
337 | static constexpr uint32_t rmask = 0x0000001fu; // 0b00000000000000000000000000011111
338 | static constexpr uint32_t lmask = 0xff00001fu; // 0b11111111000000000000000000011111
339 | static constexpr uint32_t fmask = 0x00ffffffu; // 0b00000000111111111111111111111111
340 | static constexpr uint32_t max_val = 0x001fffffu; // 0b00000000000111111111111111111111
341 | static constexpr uint32_t op_adr = 0x10000000u; // "adr" Rd, ADDR_PCREL21
342 | static constexpr uint32_t op_adrp = 0x90000000u; // "adrp" Rd, ADDR_ADRP
343 |
344 | const uint32_t ins = *(*inpp);
345 | intptr_t current_idx;
346 | switch (ins & mask) {
347 | case op_adr: {
348 | current_idx = ctxp->get_and_set_current_index(*inpp, *outpp);
349 | int64_t lsb_bytes = static_cast(ins << 1u) >> 30u;
350 | int64_t absolute_addr = reinterpret_cast(*inpp) +
351 | (((static_cast(ins << msb) >> (msb + lsb - 2u)) &
352 | ~3u) | lsb_bytes);
353 | int64_t new_pc_offset = static_cast(absolute_addr -
354 | reinterpret_cast(*outpp));
355 | bool special_fix_type = ctxp->is_in_fixing_range(absolute_addr);
356 | if (!special_fix_type && llabs(new_pc_offset) >= (max_val >> 1)) {
357 | if ((reinterpret_cast(*outpp + 2) & 7u) != 0u) {
358 | (*outpp)[0] = A64_NOP;
359 | ctxp->reset_current_ins(current_idx, ++(*outpp));
360 | } //if
361 |
362 | (*outpp)[0] =
363 | 0x58000000u | (((8u >> 2u) << lsb) & ~mask) | (ins & rmask); // LDR #0x8
364 | (*outpp)[1] = 0x14000003u; // B #0xc
365 | memcpy(*outpp + 2, &absolute_addr, sizeof(absolute_addr));
366 | *outpp += 4;
367 | } else {
368 | if (special_fix_type) {
369 | intptr_t ref_idx = ctxp->get_ref_ins_index(absolute_addr & ~3ull);
370 | if (ref_idx <= current_idx) {
371 | new_pc_offset = static_cast(ctxp->dat[ref_idx].ins -
372 | reinterpret_cast(*outpp));
373 | } else {
374 | ctxp->insert_fix_map(ref_idx, *outpp, lsb, fmask);
375 | new_pc_offset = 0;
376 | } //if
377 | } //if
378 |
379 | // the lsb_bytes will never be changed, so we can use lmask to keep it
380 | (*outpp)[0] = (static_cast(new_pc_offset << (lsb - 2u)) & fmask) |
381 | (ins & lmask);
382 | ++(*outpp);
383 | } //if
384 | }
385 | break;
386 | case op_adrp: {
387 | current_idx = ctxp->get_and_set_current_index(*inpp, *outpp);
388 | int32_t lsb_bytes = static_cast(ins << 1u) >> 30u;
389 | int64_t absolute_addr = (reinterpret_cast(*inpp) & ~0xfffll) +
390 | ((((static_cast(ins << msb) >> (msb + lsb - 2u)) &
391 | ~3u) | lsb_bytes) << 12);
392 | A64_LOGI("ins = 0x%.8X, pc = %p, abs_addr = %p",
393 | ins, *inpp, reinterpret_cast