diff options
author | ckitagawa <ckitagawa@chromium.org> | 2021-09-03 15:48:28 +0000 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2021-09-03 08:59:53 -0700 |
commit | 26518ffbdf042c4c35617be2446dac49590a89c2 (patch) | |
tree | 1fc7aa788fd12474c4df6bd18b47461cd93e6023 /type_dex.h | |
parent | f137bf4b5542b966abc4c08762c5e60b21913f4d (diff) | |
download | zucchini-26518ffbdf042c4c35617be2446dac49590a89c2.tar.gz |
[Zucchini] DEX Version 38 Support
DEX Version 38 added:
* CallSiteId & CallSite items
* MethodHandle items
* invoke-polymorphic containing meth@BBBB and proto@HHHH references
* invoke-custom containing a call_site@BBBB reference
This CL:
* Adds CallSiteIdToCallSite
* Adds MethodHandleTo{MethodId, FieldId}
* Adds CodeToProtoId16 for invoke-polymorphic
* Adds CodeToCallSiteId16 and WriteCallSiteId16 for invoke-custom
* Updates CodeToMethodId16 for invoke-polymorphic
Fuzzed about 1 million iterations locally and uploaded new samples to
the clusterfuzz bucket. 97% coverage.
Manually tested on hand-written dex files using smali as well as the
dexdump test corpus.
Bug: 1231885
Change-Id: Icd885be2cfd433d0befe689d16c4a1e99573ca6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3060745
Reviewed-by: Samuel Huang <huangs@chromium.org>
Reviewed-by: Etienne Pierre-Doray <etiennep@chromium.org>
Commit-Queue: Calder Kitagawa <ckitagawa@chromium.org>
Cr-Commit-Position: refs/heads/main@{#918119}
NOKEYCHECK=True
GitOrigin-RevId: 9cc600ef0b60ff1ec76683a2bfb98a6bdbb05d1e
Diffstat (limited to 'type_dex.h')
-rw-r--r-- | type_dex.h | 83 |
1 files changed, 61 insertions, 22 deletions
@@ -12,11 +12,11 @@ namespace dex { // Contains types that models DEX executable format data structures. // See https://source.android.com/devices/tech/dalvik/dex-format -// The supported versions are 035 and 037. +// The supported versions are 035, 037, and 038. enum class FormatId : uint8_t { b, // 22b. - c, // 21c, 22c, 31c, 35c, 3rc. + c, // 21c, 22c, 31c, 35c, 3rc, 45cc, 4rcc. h, // 21h. i, // 31i. l, // 51l. @@ -110,6 +110,10 @@ constexpr Instruction kByteCode[] = { {0xD0, 2, FormatId::s, 8}, {0xD8, 2, FormatId::b, 11}, // {0xE3, 1, FormatId::x, 29}, unused + {0xFA, 4, FormatId::c}, + {0xFB, 4, FormatId::c}, + {0xFC, 3, FormatId::c}, + {0xFD, 3, FormatId::c}, }; // Supported by MSVC, g++, and clang++. Ensures no gaps in packing. @@ -185,6 +189,36 @@ struct ClassDefItem { uint32_t static_values_off; }; +// call_site_id_item: Call site identifiers list. +struct CallSiteIdItem { + uint32_t call_site_off; +}; + +// method_handle_type: Determines the behavior of the MethodHandleItem. +enum class MethodHandleType : uint16_t { + // FieldId + kStaticPut = 0x00, + kStaticGet = 0x01, + kInstancePut = 0x02, + kInstanceGet = 0x03, + // MethodId + kInvokeStatic = 0x04, + kInvokeInstance = 0x05, + kInvokeConstructor = 0x06, + kInvokeDirect = 0x07, + kInvokeInterface = 0x08, + // Sentinel. If new types are added put them before this and increment. + kMaxMethodHandleType = 0x09 +}; + +// method_handle_item: Method handles referred within the Dex file. +struct MethodHandleItem { + uint16_t method_handle_type; + uint16_t unused_1; + uint16_t field_or_method_id; + uint16_t unused_2; +}; + // code_item: Header of a code item. struct CodeItem { uint16_t registers_size; @@ -196,7 +230,31 @@ struct CodeItem { // Variable length data follow for complete code item. }; -constexpr uint32_t kMaxItemListSize = 18; +// Number of valid type codes for map_item elements in map_list. +// See: https://source.android.com/devices/tech/dalvik/dex-format#type-codes +constexpr uint32_t kMaxItemListSize = 21; + +constexpr uint16_t kTypeHeaderItem = 0x0000; +constexpr uint16_t kTypeStringIdItem = 0x0001; +constexpr uint16_t kTypeTypeIdItem = 0x0002; +constexpr uint16_t kTypeProtoIdItem = 0x0003; +constexpr uint16_t kTypeFieldIdItem = 0x0004; +constexpr uint16_t kTypeMethodIdItem = 0x0005; +constexpr uint16_t kTypeClassDefItem = 0x0006; +constexpr uint16_t kTypeCallSiteIdItem = 0x0007; +constexpr uint16_t kTypeMethodHandleItem = 0x0008; +constexpr uint16_t kTypeMapList = 0x1000; +constexpr uint16_t kTypeTypeList = 0x1001; +constexpr uint16_t kTypeAnnotationSetRefList = 0x1002; +constexpr uint16_t kTypeAnnotationSetItem = 0x1003; +constexpr uint16_t kTypeClassDataItem = 0x2000; +constexpr uint16_t kTypeCodeItem = 0x2001; +constexpr uint16_t kTypeStringDataItem = 0x2002; +constexpr uint16_t kTypeDebugInfoItem = 0x2003; +constexpr uint16_t kTypeAnnotationItem = 0x2004; +constexpr uint16_t kTypeEncodedArrayItem = 0x2005; +constexpr uint16_t kTypeAnnotationsDirectoryItem = 0x2006; +constexpr uint16_t kTypeHiddenApiClassDataItem = 0xF000; // map_item struct MapItem { @@ -264,25 +322,6 @@ struct TryItem { uint16_t handler_off; }; -constexpr uint16_t kTypeHeaderItem = 0x0000; -constexpr uint16_t kTypeStringIdItem = 0x0001; -constexpr uint16_t kTypeTypeIdItem = 0x0002; -constexpr uint16_t kTypeProtoIdItem = 0x0003; -constexpr uint16_t kTypeFieldIdItem = 0x0004; -constexpr uint16_t kTypeMethodIdItem = 0x0005; -constexpr uint16_t kTypeClassDefItem = 0x0006; -constexpr uint16_t kTypeMapList = 0x1000; -constexpr uint16_t kTypeTypeList = 0x1001; -constexpr uint16_t kTypeAnnotationSetRefList = 0x1002; -constexpr uint16_t kTypeAnnotationSetItem = 0x1003; -constexpr uint16_t kTypeClassDataItem = 0x2000; -constexpr uint16_t kTypeCodeItem = 0x2001; -constexpr uint16_t kTypeStringDataItem = 0x2002; -constexpr uint16_t kTypeDebugInfoItem = 0x2003; -constexpr uint16_t kTypeAnnotationItem = 0x2004; -constexpr uint16_t kTypeEncodedArrayItem = 0x2005; -constexpr uint16_t kTypeAnnotationsDirectoryItem = 0x2006; - #pragma pack(pop) } // namespace dex |