Added Capability of Combining Results

OffsetHunter/HardcodedOffsetInfo.cpp

@@ -10,12 +10,10 @@ bool HardcodedOffsetInfo::Init()
 
 void HardcodedOffsetInfo::ComputeOffset()
 {
-    if (JSON_ASSERT(mOffsetInfo.getMetadata(), "value") == false)
-        return;
-
     uintptr_t value = mOffsetInfo.getMetadata().get<uintptr_t>("value", 0);
+    size_t disp = mOffsetInfo.getMetadata().get<uintptr_t>("disp", 0);
 
-    mOffsetInfo.setFinalOffset(value);
+    mOffsetInfo.setFinalOffset(value + disp);
 
     return;
 }

OffsetHunter/IOffset.cpp

@@ -12,6 +12,8 @@ bool IOffset::Init()
 	if (mOffsetInfo.Init() == false)
 		return false;
 
+	mParent->LinkOffsetWithName(mOffsetInfo.getName(), this);
+
 	return true;
 }
 
@@ -96,5 +98,20 @@ ObfuscationManager* IOffset::getObfuscationManager()
 	return mTargetMgr->getObfuscationManager();
 }
 
+OffsetInfo* IOffset::getOffsetInfo()
+{
+	return &mOffsetInfo;
+}
+
+void IOffset::OnParentTargetFinish()
+{
+	mOffsetInfo.OnParentTargetFinish();
+}
+
 void IOffset::ComputeJsonResult()
 {}
+
+bool IOffset::WasComputed()
+{
+	return mOffsetInfo.WasComputed();
+}

OffsetHunter/IOffset.h

@@ -53,7 +53,11 @@ class IOffset : public IChild<SingleDumpTarget>
 	ICapstoneHelper* getCapstoneHelper();
 	JsonValueWrapper* getResultJson();
 	ObfuscationManager* getObfuscationManager();
-
+	OffsetInfo* getOffsetInfo();
+
+	virtual void OnParentTargetFinish();
 	virtual void ComputeJsonResult();
+
+	bool WasComputed();
 };
 

OffsetHunter/OffsetClassifier.cpp

@@ -9,8 +9,11 @@ void OffsetClassifier::Classify(JsonValueWrapper& metadata, std::unique_ptr<IOff
     std::unordered_map<std::string, std::vector<std::string>> signatureTypes;
 
     bool bContainsValue = JSON_ASSERT(metadata, "value");
+    bool bContainsCombine = JSON_ASSERT(metadata, "combine");
+    bool bContainsPattern = JSON_ASSERT(metadata, "pattern");
 
-    if (bContainsValue == true)
+    if (bContainsValue == true ||
+        bContainsCombine && bContainsPattern == false)
         outOffset = std::move(std::make_unique<HardcodedOffsetInfo>());
     else 
         outOffset = std::move(std::make_unique<FutureOffset>());

OffsetHunter/OffsetInfo.cpp

@@ -90,7 +90,7 @@ const std::string& OffsetInfo::getComment()
 
 uint64_t OffsetInfo::getFinalOffset()
 {
-	return mFinalOffset;
+	return mFinalOffset == ERR_INVALID_OFFSET ? 0 : mFinalOffset;
 }
 
 uint64_t OffsetInfo::getFinalObfOffset()
@@ -174,3 +174,39 @@ ObfuscationManager* OffsetInfo::getObfuscationManager()
 {
 	return mParent->getObfuscationManager();
 }
+
+void OffsetInfo::OnParentTargetFinish()
+{
+	if (JSON_ASSERT(mMetadata, "combine") == false)
+		return;
+
+	JsonValueWrapper combineWithNames = mMetadata["combine"];
+
+	if (combineWithNames.isArray() == false)
+		return;
+
+	for (uint32_t i = 0; i < combineWithNames.size(); i++)
+	{
+		std::string combiningWith = combineWithNames[i].asString();
+		IOffset* curr = mParent->getParent()->getOffsetByName(combiningWith);
+
+		if (curr == nullptr)
+		{
+			printf("\"%s\" trying to combine with a non existing offset \"%s\"\n", mUIdentifier.c_str(), combiningWith.c_str());
+			continue;
+		}
+
+		if (curr->WasComputed() == false)
+		{
+			printf("\"%s\" trying to combine with a non computed offset \"%s\"\n", mUIdentifier.c_str(), combiningWith.c_str());
+			continue;
+		}
+
+		setFinalOffset(getFinalOffset() + curr->getOffsetInfo()->getFinalOffset());
+	}
+}
+
+bool OffsetInfo::WasComputed()
+{
+	return mFinalOffset != ERR_INVALID_OFFSET;
+}

OffsetHunter/OffsetInfo.h

@@ -58,5 +58,7 @@ class OffsetInfo : public IChild<IOffset>
 
 	std::string getUidentifier();
 	ObfuscationManager* getObfuscationManager();
+	void OnParentTargetFinish();
+	bool WasComputed();
 };
 

OffsetHunter/SingleDumpTarget.cpp

@@ -142,6 +142,14 @@ void SingleDumpTarget::ComputeAll()
 {
 	for (auto& kv : mOffsets)
 		kv.second->ComputeOffset();
+
+	DispatchFinishEventAll();
+}
+
+void SingleDumpTarget::DispatchFinishEventAll()
+{
+	for (auto& kv : mOffsets)
+		kv.second->OnParentTargetFinish();
 }
 
 std::string SingleDumpTarget::getCategoryName()
@@ -210,6 +218,22 @@ JsonValueWrapper* SingleDumpTarget::getResultJson()
 	return mParent->getResultJson();
 }
 
+IOffset* SingleDumpTarget::getOffsetByName(const std::string& name)
+{
+	for (auto& kv : mOffsetsByName)
+	{
+		if (kv.first == name)
+			return kv.second;
+	}
+
+	return nullptr;
+}
+
+void SingleDumpTarget::LinkOffsetWithName(const std::string& name, IOffset* off)
+{
+	mOffsetsByName[name] = off;
+}
+
 void SingleDumpTarget::ComputeJsonResult()
 {
 	for (auto& currOff : mOffsets)

OffsetHunter/SingleDumpTarget.h

@@ -18,6 +18,7 @@ class SingleDumpTarget : public IDumpTarget, public IChild<DumpTargetGroup>
 	std::string mCategoryName;
 	std::string mCategoryObjName; // by default "m" + mCategoryName
 	std::unordered_map<IOffset*, std::unique_ptr<IOffset>> mOffsets;
+	std::unordered_map<std::string, IOffset*> mOffsetsByName;
 	ICapstoneHelper* mCapstoneHelper;
 	std::string mTargetMetadataPath;
 	JsonValueWrapper mTargetMetadataRoot;
@@ -41,6 +42,7 @@ class SingleDumpTarget : public IDumpTarget, public IChild<DumpTargetGroup>
 	void RemoveOffset(IOffset* offset);
 
 	void ComputeAll();
+	void DispatchFinishEventAll();
 
 	std::string getCategoryName();
 
@@ -56,6 +58,8 @@ class SingleDumpTarget : public IDumpTarget, public IChild<DumpTargetGroup>
 	HeaderFileManager* getHppWriter();
 	ICapstoneHelper* getCapstoneHelper();
 	JsonValueWrapper* getResultJson();
+	IOffset* getOffsetByName(const std::string& name);
+	void LinkOffsetWithName(const std::string& name, IOffset* off);
 
 	void ComputeJsonResult();
 };