def getClassMembers(reference, g, objOff, mapList):
name = resolveName(reference, mapList)
primType = getType(g, objOff)
classFlag = getClsFlag(g, objOff)
obj = art.getIndex('Class_Obj', 'object_size_')
g.seek(objOff+obj)
objSize = struct.unpack("<i", g.read(4))[0]
if(name!='Cannot Be Resolved'):
dexCache = getClsDexCache(g, objOff)
ifields_ = getIfields(g, objOff, 'ifields_')
sfields_ = getIfields(g, objOff, 'sfields_')
methods_=getClsMethod(g, objOff)
#classFlag = getClsFlag(g, objOff)
#primType = getType(g, objOff)
super_class_ = getSuperClass(g, objOff)
refi = art.getIndex('Class_Obj', 'num_reference_instance_fields_')
g.seek(objOff+refi)
refSize = struct.unpack("<i", g.read(4))[0]
#print "ref instance size "+str(refSize)
cls = art.getIndex('Class_Obj', 'class_size_')
g.seek(objOff+cls)
clsSize = struct.unpack("<i", g.read(4))[0]
ins = art.getIndex('Class_Obj', 'reference_instance_offsets_')
g.seek(objOff+ins)
#print "instance off "+str(struct.unpack("<i", g.read(4))[0])
#print "Class Size "+ str(clsSize)
return [name, classFlag, primType, ifields_,methods_, sfields_, dexCache, objSize, refSize, super_class_]
else:
return [None, classFlag, primType, None,None, None, None,objSize,0,None]
def getIfields(g, objOff, field):
fIndex=""
if (field=='ifields_'):
fIndex = art.getIndex('Class_Obj', 'ifields_')
else:
fIndex = art.getIndex('Class_Obj', 'sfields_')
g.seek(objOff+fIndex)
fields_ = hex(struct.unpack("<Q", g.read(8))[0])
return fields_
def getDex(dexCache, mapList):
[g, offset] = art.fromPointer(dexCache, mapList)
dexFileIdx = art.getIndex("DexCache", "dex_file_")
g.seek(offset + dexFileIdx)
dexFile = hex(struct.unpack("<Q", g.read(8))[0])
#print "dexFile "+dexFile
loc_ = art.getIndex("DexCache", "location_")
g.seek(offset + loc_)
loc = hex(struct.unpack("<I", g.read(4))[0])
[g, offset] = art.fromPointer(loc, mapList)
#print "DexFile Location "+art.getStringClass(offset, g)
return dexFile
def getObjectSize(g, objOff, mapList):
objSizeOff = art.getIndex('Class_Obj', 'object_size_')
g.seek(objOff+objSizeOff)
objSize = struct.unpack("<i", g.read(4))[0]
#compKlassName = resolveName(compClass, mapList)
g.close()
return objSize
def getComponent(g, objOff,mapList):
compTypeOff = art.getIndex('Class_Obj', 'component_type_')
g.seek(objOff+compTypeOff)
compClass = hex(struct.unpack("<I", g.read(4))[0])
#compKlassName = resolveName(compClass, mapList)
g.close()
return compClass
def getLibsOffset(vmPath, offset):
index = art.getIndex('JavaVMExt', 'libraries_')
g = art.getFhandle(vmPath)
g.seek(offset+index)
libraries_ = hex(unpack_int(g.read(4))[0])
g.close()
return libraries_
def getJVMPointer(nPath, rAddr):
k = art.getFhandle(nPath)
index = art.getIndex('Runtime', 'java_vm_')
k.seek(rAddr + index)
ret = hex(unpack_int(k.read(4))[0])
k.close()
return ret
def getIds(g, offset):
strIds = art.getIndex("DexFile", "string_ids_")
g.seek(offset + strIds)
sIdsOff = hex(unpack_int(g.read(4))[0])
fieldIds = art.getIndex("DexFile", "field_ids_")
g.seek(offset + fieldIds)
fIdsOff = hex(unpack_int(g.read(4))[0])
methodIds = art.getIndex("DexFile", "method_ids_")
g.seek(offset + methodIds)
mIdsOff = hex(unpack_int(g.read(4))[0])
typeIds = art.getIndex("DexFile", "type_ids_")
g.seek(offset + typeIds)
tIdsOff = hex(unpack_int(g.read(4))[0])
begin = art.getIndex("DexFile", "begin_")
g.seek(offset + begin)
beginOff = hex(unpack_int(g.read(4))[0])
#fieldId = getIdx(fieldIds, fieldIdx, dexFile, memList)
return [beginOff, sIdsOff, fIdsOff, mIdsOff, tIdsOff]
def getNamePointer(klass, mapList):
nameOff = art.getIndex('Class_Obj', 'name_')
[k, clOff] = art.fromPointer(klass, mapList)
if k != None:
k.seek(clOff+nameOff)
nameOff = hex(struct.unpack("<I", k.read(4))[0])
return nameOff
else:
return "0x0"
def getType(g, objOff):
primTypeOff = art.getIndex('Class_Obj', 'primitive_type_')
g.seek(objOff+primTypeOff)
primType = struct.unpack("<H", g.read(2))[0]
typeSwitch = {
0: "jObject",
1: "jBoolean",
2: "jByte",
3: "jChar",
4: "jShort",
5: "jInt",
6: "jLong",
7: "jFloat",
8: "jDouble",
}
t = typeSwitch.get(primType, "jObject")
return t
def getClsFlag(g, objOff):
clsFlagOff = art.getIndex('Class_Obj', 'class_flags_')
g.seek(objOff+clsFlagOff)
clsFlag = hex(struct.unpack("<I", g.read(4))[0])
typeSwitch = {
"0x0": "kClassFlagNormal",
"0x1": "kClassFlagNoReferenceFields",
"0x4": "kClassFlagString",
"0x8": "kClassFlagObjectArray",
"0x10": "kClassFlagClass",
"0x20": "kClassFlagClassLoader",
"0x40": "kClassFlagDexCache",
"0x80": "kClassFlagSoftReference",
"0x100": "kClassFlagWeakReference",
"0x200": "kClassFlagFinalizerReference",
"0x400": "kClassFlagPhantomReference",
}
t = typeSwitch.get(clsFlag, "kClassFlagNormal")
return t
def getWeakGlob(vmPath, offset):
index = art.getIndex('JavaVMExt', 'weak_globals_')
wOff = offset + index
return getIrefTable(vmPath, wOff)
def getGlob(vmPath, offset):
index = art.getIndex('JavaVMExt', 'globals_')
gOff = offset + index
return getIrefTable(vmPath, gOff)
def getHeap(self, nPath, rAddr, memList):
index = art.getIndex('Runtime', 'heap_')
heapAddr = self.readPointer(nPath, rAddr, index)
print "Heap Offset " + heapAddr
[heapPath, offset] = art.getOffset(heapAddr, memList)
return [heapPath, offset]
def getJVMPointer(nPath, rAddr):
k = art.getFhandle(nPath)
index = art.getIndex('Runtime', 'java_vm_')
k.seek(rAddr + index)
return hex(struct.unpack("<I", k.read(4))[0])
def getLibsOffset(vmPath, offset):
index = art.getIndex('JavaVMExt', 'libraries_')
g = art.getFhandle(vmPath)
g.seek(offset + index)
libraries_ = hex(struct.unpack("<I", g.read(4))[0])
return libraries_
def getClsDexCache(g, objOff):
dexCacheIdx = art.getIndex('Class_Obj', 'dex_cache_')
g.seek(objOff+dexCacheIdx)
dexCache = hex(struct.unpack("<I", g.read(4))[0])
#print "dexCache "+ dexCache
return dexCache
def getSuperClass(g, objOff):
mIndex = art.getIndex('Class_Obj', 'super_class_')
g.seek(objOff+mIndex)
super_class_ = hex(struct.unpack("<I", g.read(4))[0])
return super_class_
def getClsMethod(g, objOff):
mIndex = art.getIndex('Class_Obj', 'methods_')
g.seek(objOff+mIndex)
methods_ = hex(struct.unpack("<Q", g.read(8))[0])
return methods_
