Opened 2 years ago
Closed 2 years ago
#259 closed defect (fixed)
Bug in the file "Decompiler.class.php" with the class extends
| Reported by: | maio | Owned by: | moo |
|---|---|---|---|
| Priority: | critical | Milestone: | |
| Component: | disassembler | Version: | 1.3.1 |
| Keywords: | Cc: | ||
| Application: | PHP Version: | 5.2.17 | |
| Other Exts: | SAPI: | Others | |
| Probability: | Always | Blocked By: | |
| Blocking: |
Description
Hello,
Wanting to debug the result of a PHP file completely OpenSource?, I realized that "XCache 1.3.1" causes an error when it decompiles a class with extends, if I withdraw it works.
php.exe "phpdc.php" "Currency.php" > "out.php"
<?php class not found: currencycoreD:\PHP5\Currency.php01BB9BC5
Subsequently I have also some bugs with variable binary characters, plus an application error as "Windows".
Thank you!
Attachments (1)
Change History (19)
Changed 2 years ago by maio
comment:1 Changed 2 years ago by moo
thanks for your report. but disassembler is an experimental feature and used for me to read opcode. it's not designed for commercial encoder/obfuscation
comment:2 Changed 2 years ago by maio
I understand your answer, I'll fix that when I have free time.
comment:3 Changed 2 years ago by maio
After a lengthy audit, I concluded that this is not a bug "XCache", much less PHP.
So I replaced the verification of the class by name in lowercase, instead of using the key system, this has also reduced the "xc_dasm" by the fact that this is no longer necessary :
int bufsize = 2; char *buf; int keysize;
I also encountered another problem to retrieve an array in the "default_properties" I send you my patch!
!!! Look In The File "Release/ext/xcache/processor_real.c" !!!
void xc_dasm_zval(
{
do {
zval_dtor(dst);
*dst = *src;
zval_copy_ctor(dst);
!!! Add below : !!!
switch (src->type) {
case IS_CONSTANT:
dst->type = UNISW(IS_STRING, UG(unicode) ? IS_UNICODE : IS_STRING);
break;
case IS_CONSTANT_ARRAY:
dst->type = IS_ARRAY;
break;
}
I take this message to congratulate you on your wonderful work !
comment:4 Changed 2 years ago by maio
I come to you for notifying us of another problem this time is confirmed.
This problem is still at the "xc_dasm_zval" which once applied my patch works well but can not retrieve array, for example I insert this as PHP source :
<?php
class Test {
private static $var_test = array(
''''vz' => array('''
'key01' => 'value01',
'key02' => 'value01',
'key03' => 'value01'
),
''''key04' => array('''
'key05' => 'value01',
'key06' => 'value01',
'key07' => 'value01'
),
''''key08' => array('''
'key09' => 'value01',
'key10' => 'value01',
'key11' => 'value01'
)
);
}
?>
Well I released the code like this :
Array
(
[test] => Array
(
[type] => 2
[name_length] => 4
[name] => Test
[parent] =>
[refcount] => 1
[constants_updated] =>
[ce_flags] => 0
[default_properties] => Array
(
)
[properties_info] => Array
(
[var_test] => Array
(
[flags] => 1025
[name_length] => 14
[name] => Testvar_test
[h] => 701449581
[doc_comment_len] => 0
[doc_comment] =>
[ce] => Test
)
)
[default_static_members] => Array
(
[Testvar_test] => Array
(
'''[vz] => 0'''
'''[key04] => 0'''
'''[key08] => 0'''
)
)
[constants_table] => Array
(
)
[] =>
[num_interfaces] => 0
[filename] =>
[line_start] => 3
[line_end] => 23
[doc_comment_len] => 0
[doc_comment] =>
[function_table] => Array
(
)
)
)
class Test {
}
Instead of the extract myself "array", it puts me in place of "0".
I searched several hours how I can extract them, but then I dry.
A solution?
I know you use this to debug your tests, but it would be nice to have a fix in order to disassemble all the properties of "class".
comment:5 Changed 2 years ago by moo
- Status changed from new to assigned
processor_real.c is a intermediate file which is not a real source file. see processor/processor.m4
and yes, class data is different from when used in runtime which i didn't take care of. class var $a = array(array()) will issue SEGV (or windows application error APPCRASH) when disassemble
builtin function is dump by disassembler, i'll fix it
comment:6 Changed 2 years ago by maio
Super thank you!
For the problem I spoke earlier I came to your method that you regenerate the key for the class it was just that I delete the last character, which gives this in the file "Decompiler.class.php" :
if (isset( $op1['u.constant'] )) {
$class = $this->dc['class_table'];
if (isset( $class[substr( $op1['u.constant'], 0 ,-1 )] )) {
$this->dclass( $class, $class[substr( $op1['u.constant'], 0 ,-1 )] );
} else {
exit( dez_print( 'Class not found: ' . $op1['u.constant'], true, false ) );
}
}
comment:7 Changed 2 years ago by moo
it's a bug for mangled (and delayed binding) classes that there're 1 char (or UChar) off for class_table assoc keys. was fixed in [713] and will be back port to branches/1.3 soon. i need to confirm it still works with older version of PHP
comment:8 Changed 2 years ago by maio
Hello and thank you!
I just tested with a completely original version on "PHP 5.2.17" and it does not work with what version of PHP you have managed to extract the array?
I'll try just now with "PHP 5.3.6".
comment:9 Changed 2 years ago by moo
XCache is decompiling member variables in array fine here against 5.2 and 5.3. u might want to svn up and make clean, make all; I'm still checking the Decompiler
comment:10 Changed 2 years ago by maio
I do not think it matters a difference, but I compiled on the VC6?
I except this course with a thorough cleaning of all files, and reconfigure and recompile "trunk-r723" :
<?php
class Test
{}
return 1;
?>
comment:11 Changed 2 years ago by moo
- Resolution set to fixed
- Status changed from assigned to closed
It's mostly fine now, however condition branch is still not decompiled as it was
make sure you remove the processor_real.c file as it's intermediate. or you might want to start a fresh checkout
comment:12 Changed 2 years ago by maio
This is what I do every time :
["default_static_members"]=>
array(1) {
["('''NULL BYTE''')Test('''NULL BYTE''')var_test('''NULL BYTE''')"]=>
UNKNOWN:0
}
The text "NULL BYTE" is the character that I can not paste, so I replaced it with this comment.
I even delete the folder "Release" which contains all the files compile.
I even also a reconfiguration, but to no avail, I just that with a var_dump.
If you confirm that this works, I want to see Linux.
comment:13 Changed 2 years ago by moo
what code do you reproduce this?
\0*\0name\0 is right mangled
comment:14 Changed 2 years ago by moo
btw, are u using phpdc.phpr? try:
php-cli.exe -c php.ini ./phpdc.phpr file.php
comment:15 Changed 2 years ago by maio
Yes well I use this command from the start:
php.exe "phpdop.phpr" "test.php " > "out.php"
Xcache is compiled into PHP, not extended.
I tried your method and it can not read the index, but with a foreach logically it should do, as what passes for the keys of the class ?
If I use print_r me out a system error, the same problem that I solved by adding the zval type, see above ...
comment:16 Changed 2 years ago by moo
the decompiler works fine with Currency.php you uploaded. i need your test.php. do you use IRC (freenode#lighttpd)? or gmail chat or google talk (i just added you)
comment:17 Changed 2 years ago by maio
- Resolution fixed deleted
- Status changed from closed to reopened
I have that "MSN", I can send it privately?
Otherwise the test is that it does not work for me :
<?php
class Test {
private static $var_test = array(
'vz' => array(
'key01' => 'value01',
'key02' => 'value01',
'key03' => 'value01'
),
'key04' => array(
'key05' => 'value01',
'key06' => 'value01',
'key07' => 'value01'
),
'key08' => array(
'key09' => 'value01',
'key10' => 'value01',
'key11' => 'value01'
)
);
}
?>
comment:18 Changed 2 years ago by moo
- Resolution set to fixed
- Status changed from reopened to closed
Currency.php