leaningtech/cheerpj-meta

make it possible to use beatified .jar.js files

gl91306 opened this issue · 1 comments

gl91306 commented

currently if you use a jar.js file that was compiled directly from cheerpj it works just fine, but if you deobfuscate it it breaks due to how class names are found. In loader.js at the function "cjG" it states:

function cjG(a)
{
	// Centralized handler for all guards
	// Deduce the guard to initialize by code inspection
	var code = a.f.toString();
	var guardPos = 0;
	var pcVal = a.pc | 0;
	if(pcVal < 0)
	{
		var pcVal = -pcVal | 0;
		guardPos = pcVal | 0;
		// Skip until the guard, first "a.pc=-" and ";;if((";
		guardPos = guardPos + 12 | 0;
		while(pcVal)
		{
			guardPos = guardPos + 1 | 0;
			pcVal = pcVal / 10 | 0;
		}
	}
	else
	{
		var pc = "a.pc=" + pcVal + ";;if((";
		guardPos = code.indexOf(pc) + pc.length;
	}
	var endOfGuard = code.indexOf("G|0)", guardPos);
	var mangledClassName = code.substring(guardPos, endOfGuard);
	var cinit=self[mangledClassName + 'X'];
	if(cinit===undefined)
	{
		var cl = null;
		if(cjEnablePreciseClassLoaders){
			var className = cjGetClassName(a.f.name);
			cl = self[className].cl;
			if(cl.hasOwnProperty("cl"))
				cl = cl.cl;
		}
		icjLoadWeakClass(mangledClassName, a, false, cl);
		cinit=self[mangledClassName + 'X'];
	}
	// The guard is called again if continuation are required
	cinit({p:a,f:null,pc:0});
}

Specifically at the lines
var pc = "a.pc=" + pcVal + ";;if((";
and
var endOfGuard = code.indexOf("G|0)", guardPos);,
it shows that it uses obusfcated strings to get the class name. In a debofuscated code the first line would only work with
var pc = "a.pc = " + pcVal + ";(\n)if ((";
It can be seen that this string finding method should be replaced by using a regex to ignore any amount of spaces so that even "a.pc(big space)=(big space)" would work. It should also accomodate any amount of semicolons and stuff. yeah.

alexp-sssup commented

jar.js files are not intended for human reading or manipulation. The code is optimized for speed and the layout is relevant for multiple internal purposes. As a matter of fact, we are currently working on CheerpJ 3.0 that will require no jar.js files at all.

As a workaround you might be able to use the internal "beautification" from the devtools, but actual support for this is outside the scope of the project.