From fbc8e0950cf56cb32b1ef03150dbd79325387a11 Mon Sep 17 00:00:00 2001 From: Katy Coe Date: Mon, 21 Dec 2020 22:03:43 +0100 Subject: [PATCH] IL2CPP: Use mapped objects for Sizeof --- Il2CppInspector.Common/IL2CPP/ImageScan.cs | 4 ++-- Il2CppInspector.Common/IL2CPP/Metadata.cs | 9 ++++++--- Il2CppInspector.Common/IL2CPP/ReconstructMetadata.cs | 8 ++++---- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/Il2CppInspector.Common/IL2CPP/ImageScan.cs b/Il2CppInspector.Common/IL2CPP/ImageScan.cs index 70d3e54..5701cee 100644 --- a/Il2CppInspector.Common/IL2CPP/ImageScan.cs +++ b/Il2CppInspector.Common/IL2CPP/ImageScan.cs @@ -116,7 +116,7 @@ namespace Il2CppInspector throw new InvalidOperationException("More than one valid pointer chain found during data heuristics"); // pCodeGenModules is the last field in CodeRegistration so we subtract the size of one pointer from the struct size - codeRegistration = codeRegVas.First() - ((ulong) Metadata.Sizeof(typeof(Il2CppCodeRegistration), Image.Version, Image.Bits / 8) - ptrSize); + codeRegistration = codeRegVas.First() - ((ulong) metadata.Sizeof(typeof(Il2CppCodeRegistration), Image.Version, Image.Bits / 8) - ptrSize); // In v24.3, windowsRuntimeFactoryTable collides with codeGenModules. So far no samples have had windowsRuntimeFactoryCount > 0; // if this changes we'll have to get smarter about disambiguating these two. @@ -157,7 +157,7 @@ namespace Il2CppInspector // Find TypeDefinitionsSizesCount (4th last field) then work back to the start of the struct // This saves us from guessing where metadataUsagesCount is later - var mrSize = (ulong) Metadata.Sizeof(typeof(Il2CppMetadataRegistration), Image.Version, Image.Bits / 8); + var mrSize = (ulong) metadata.Sizeof(typeof(Il2CppMetadataRegistration), Image.Version, Image.Bits / 8); vas = FindAllMappedWords(imageBytes, (ulong) metadata.Types.Length).Select(a => a - mrSize + ptrSize * 4); // >= 19 && < 27 diff --git a/Il2CppInspector.Common/IL2CPP/Metadata.cs b/Il2CppInspector.Common/IL2CPP/Metadata.cs index 8040dda..116d5b7 100644 --- a/Il2CppInspector.Common/IL2CPP/Metadata.cs +++ b/Il2CppInspector.Common/IL2CPP/Metadata.cs @@ -198,7 +198,7 @@ namespace Il2CppInspector // Now confirm that all the keys are present // If they aren't, that means one or more of the null terminators wasn't null, indicating potential encryption // Only do this if we need to because it's very slow - if (stringOffsets.Except(Strings.Keys).Any()) { + if (Header.stringCount > 0 && stringOffsets.Except(Strings.Keys).Any()) { Console.WriteLine("Decrypting strings..."); StatusUpdate("Decrypting strings"); @@ -251,9 +251,12 @@ namespace Il2CppInspector CopyTo(outFile); } - internal int Sizeof(Type type) => Sizeof(type, Version); + public int Sizeof(Type type) => Sizeof(type, Version); + + public int Sizeof(Type type, double metadataVersion, int longSizeBytes = 8) { - public static int Sizeof(Type type, double metadataVersion, int longSizeBytes = 8) { + if (Reader.ObjectMappings.TryGetValue(type, out var streamType)) + type = streamType; int size = 0; foreach (var i in type.GetTypeInfo().GetFields()) diff --git a/Il2CppInspector.Common/IL2CPP/ReconstructMetadata.cs b/Il2CppInspector.Common/IL2CPP/ReconstructMetadata.cs index 069c12a..15945d7 100644 --- a/Il2CppInspector.Common/IL2CPP/ReconstructMetadata.cs +++ b/Il2CppInspector.Common/IL2CPP/ReconstructMetadata.cs @@ -22,10 +22,10 @@ namespace Il2CppInspector // optinally constrained by the highest count in the IL2CPP metadata type and by the end of the nearest section in the image. // Returns an array of the pointers in sorted order and an array of maximum byte/word counts with corresponding indexes private (List ptrs, List limits, List originalCounts) - preparePointerList(Type type, ulong typePtr, IEnumerable
sections, bool itemsAreWords = false) { + preparePointerList(Metadata metadata, Type type, ulong typePtr, IEnumerable
sections, bool itemsAreWords = false) { // Get number of pointer/count pairs in each structure - var itemsCount = Metadata.Sizeof(type, Image.Version, Image.Bits / 8) / (Image.Bits / 8) / 2; + var itemsCount = metadata.Sizeof(type, Image.Version, Image.Bits / 8) / (Image.Bits / 8) / 2; // Read pointers and counts as two lists var itemArray = Image.ReadMappedArray(typePtr, itemsCount * 2); @@ -101,8 +101,8 @@ namespace Il2CppInspector } // Fetch and sanitize our pointer and count lists - var (codePtrsOrdered, codeCountLimits, codeCounts) = preparePointerList(typeof(Il2CppCodeRegistration), CodeRegistrationPointer, dataSections, true); - var (metaPtrsOrdered, metaCountLimits, metaCounts) = preparePointerList(typeof(Il2CppMetadataRegistration), MetadataRegistrationPointer, dataSections); + var (codePtrsOrdered, codeCountLimits, codeCounts) = preparePointerList(metadata, typeof(Il2CppCodeRegistration), CodeRegistrationPointer, dataSections, true); + var (metaPtrsOrdered, metaCountLimits, metaCounts) = preparePointerList(metadata, typeof(Il2CppMetadataRegistration), MetadataRegistrationPointer, dataSections); // Progress updater var maxProgress = codeCounts.Sum() + metaCounts.Sum();