def getFields(ifields_, mapList):
fields = OrderedDict()
[g, objOff] = art.fromPointer(ifields_, mapList)
g.seek(objOff)
size = unpack_int(g)
counter = 0
declaring_class_index = get_index("Field", "declaring_class_")
access_flags_index = get_index("Field", "access_flags_")
dex_field_index = get_index("Field", "dex_field_index_")
offset_index = get_index("Field", "offset_")
while counter < size:
#declaring_class_ = hex(struct.unpack("<I", g.read(4))[0])
declaring_class_ = hex(unpack_uint(g))
access_flags_ = unpack_int(g)
dex_field_index_ = unpack_int(g)
offset_ = unpack_int(g)
fields.update({
counter: [
cls.resolveName(declaring_class_, mapList), access_flags_,
dex_field_index_, offset_
]
})
counter += 1
g.close()
return fields
def findThreadGCRoot(refs, lstList, mapList):
ref = '0x0'
[start, end] = art.getSE(lstList)
if refs:
for ref in refs:
[klass, kmonitor, refFile, refOff] = cls.getOKlass(ref, mapList)
name = cls.resolveName(klass, mapList)
if name == 'android.app.ActivityThread$ApplicationThread':
break
return ref
def printRefs(refs, lstList, mapList):
[start, end] = art.getSE(lstList)
if refs:
for ref in refs:
[klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
name = cls.resolveName(klass, mapList)
if not name in notList:
#print ref
[aPath, offset] = art.getOffset(ref, mapList)
addr = art.getFhandle(aPath)
dumpRefs(ref, addr, ref, offset)
def getFields(dexCache, ifields_, mapList):
fields= OrderedDict()
[g, objOff] = art.fromPointer(ifields_, mapList)
g.seek(objOff)
size = struct.unpack("<i", g.read(4))[0]
counter=1;
while counter<=size:
declaring_class_ = hex(struct.unpack("<I", g.read(4))[0])
access_flags_ = struct.unpack("<i", g.read(4))[0]
dex_field_index_ = struct.unpack("<i", g.read(4))[0]
offset_ =struct.unpack("<i", g.read(4))[0]
fields[counter] = [cls.resolveName(declaring_class_, mapList),access_flags_,dex_field_index_,offset_]
counter+=1
return fields
def dumpRefs(ref, addr, address, off):
addr.seek(off + 4)
monitor = hex(unpack_int(addr.read(4))[0])
[klass, kmonitor, refFile, refOff] = cls.getOKlass(ref, mapList)
if klass == '0x0':
#print "++++++++++++++++++++++++++++++++++++++++++++"
#print "Invalid address for class"
#print "\n"
objSize = 8
return objSize
name = cls.resolveName(klass, mapList)
fDict = OrderedDict()
objSize = 0
#print name
if ('java.lang.Class' in name) and not name.startswith('['):
#print "++++++++++++++++++++++++++++++++++++++++++++"
#print "Reference Class is a Class Instance"
[cname, objSize] = getClsObj(ref, refFile, refOff, fDict, addr, off)
if (objSize < 8):
objSize = 8
if cname:
name = name + " - " + cname
else:
name = name + " - Object cannot be derefenced"
#print "\n"
elif ('java.lang.String' in name):
#print "++++++++++++++++++++++++++++++++++++++++++++"
#print "Reference Class is String"
#prettyName=''
'''addr.seek(off+8)
count = unpack_dec(addr.read(4))[0]
l = count >> 1
if (l >0):
addr.seek(addr.tell()+4)
prettyName = addr.read(l)
print prettyName
else:
print "Null String"
objSize = 8+8+l #8 = object inheritance, 8=count+hash, l = length of string'''
refFile.seek(refOff + 8)
count = unpack_dec(refFile.read(4))[0]
l = count >> 1
'''if (l >0):
refFile.seek(refFile.tell()+4)
prettyName = refFile.read(l)
print prettyName
else:
print "Null String"'''
objSize = 8 #8 = object inheritance, 8=count+hash, l = length of string
#print "\n"
elif (name and name.startswith('[')):
#print "++++++++++++++++++++++++++++++++++++++++++++"
#print "Reference Class is an "+ name +" Array "
arrData = []
#[i, arrayObjOff] = art.fromPointer(ref, mapList)
#addr.seek(off+8)
refFile.seek(refOff + 8)
arrSize = unpack_dec(refFile.read(4))[0]
#print "Array size is "+str(arrSize)
#print "here"
arrData = checkArray(name, arrSize, refFile, arrData)
'''if arrData:
print "The array data for "+name +" is " +str(arrData)'''
#objSize = 8+4+len(arrData)#8 = object inheritance, 4=position for length of array, len = length of array data
objSize = 8
#print "\n"
elif (len(name) == 1):
obj = getPrimitive(name, refFile)
#print "++++++++++++++++++++++++++++++++++++++++++++"
#print "Reference Class is a Primitive"
#print obj
#objSize=len(str(obj))
objSize = 8
else:
#print "++++++++++++++++++++++++++++++++++++++++++++"
#address = ref
#print ref+" " +name +" "+ monitor
#print "\n"
#[cname, objSize] = getClsObj(ref, refFile, refOff,fDict, addr, off)
objSize = 8
if (name):
if ('?' in name):
print "Address " + address + " " + monitor + " " + str(objSize)
else:
print "Address " + address + " " + monitor + " " + name + " " + str(
objSize)
else:
print "Address " + address + " " + monitor + " " + str(objSize)
refFile.close()
return objSize
#get class, monitor
#If primitive render data
#If Array render
#Class, get fields and methods and print
#if len(sys.argv)==2:
# refs = mainRefs("Globals")
# printRefs (refs)
#elif (sys.argv[2]=="-d"):
# ref = sys.argv[3]
# searchRef(ref)
# objSize = dumpRefs(ref)
#cls.getClsFlag(klass, mapList) +" "+ cls.getType(klass, mapList)
#if ('java.lang.Class' in name):
# [dexCache, classFlag, ifields_,methods_, sfields_, name] = getClassObj(ref, mapList)
# print "jClass "+ name
# print ifields_ +" "+methods_+" "+sfields_
# if ifields_!="0x0":
# print getFields(dexCache, ifields_)
#if sfields_!="0x0":
# print getFields(sfields_)
#if methods_!="0x0":
# print getMethods(methods_)
#elif ('java.lang.String' in name):
# stringClassOff= refOff+8
# print "jString "
#getStringClass(stringClassOff, refFile)
#else:
# print "jObect "
#for i in refs:
#[klass, monitor]=getOKlass(i)
#name = resolveName(klass)
#out[i] = name
#print i, name
#return out
#print i, name
#if ('java.lang.Class' in name):
#print "Resolved Class Name is == "+getClassClass(i)
#print monitor
# if ('java.lang.String' in name):
# [fHandle, strOff] = fromPointer(i, mapList)
# print i
# print "The data in String == "+getStringClass(strOff, fHandle)
#print "Reference \t JType"
#for key, value in out.items():
# print key+"\t"+value
#print getLibsOffset(vmPath, offset)
#print "Object Size " + str(objSize)
#print "Is ClassClass "+name
'''if (l >0):
addr.seek(addr.tell()+4)
prettyName = addr.read(l)
print "The data for "+name +" is " +prettyName
else:
print "Null String"'''
#print art.getStringClass(off, addr)
'''elif(name):#&& classFlag==kClassFlagNormal
print name+" "+classFlag #+" "+ primType #+" "+ ifields_+" "+ methods_+" "+ sfields_+" "+ dexCache
print "Object Size " + str(objSize)
if ifields_!="0x0":
fields = fld.getFields(dexCache, ifields_, mapList)
for key, values in fields.items():
fieldIdx = values[2]
cl,type ,fname = dx.getMeta(dexCache,fieldIdx,mapList, memList)
#print "FieldName - "+name+ " - "+type+" offset "+str(values[3])
fDict[values[3]] = [fname,type]
if fDict:
fld.getValue(fDict, addr, off)
else:
print "No Fields for the object"
oSize = objSize
else:
#print "Object is either null or cannot be dereferenced"
oSize=8 '''
#print fld.getValue(ref, iIndex+values[3], mapList, type)
'''if sfields_!="0x0":
def printRefs(refs):
if refs:
for ref in refs:
[klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
print ref + " " + cls.resolveName(klass, mapList) + " " + monitor
def dumpRefs(ref, addr, off):
ret = []
[klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList)
ret.append(monitor)
if klass == '0x0':
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
ret.append("Invalid address for class")
ret.append("\n")
objSize = 8
return objSize
name = cls.resolveName(klass, mapList)
fDict = OrderedDict()
objSize = 0
#print name
if ('java.lang.Class' in name):
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
ret.append("Reference Class is a Class Instance")
objSize, r = getClsObj(ref, refFile, refOff, fDict, addr, off)
[ret.append(i) for i in r]
ret.append("\n")
elif ('java.lang.String' in name):
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
ret.append("Reference Class is String")
prettyName = ''
'''addr.seek(off+8)
count = unpack_dec(addr.read(4))[0]
l = count >> 1
if (l >0):
addr.seek(addr.tell()+4)
prettyName = addr.read(l)
print prettyName
else:
print "Null String"
objSize = 8+8+l #8 = object inheritance, 8=count+hash, l = length of string'''
refFile.seek(refOff + 8)
count = unpack_int(refFile)
l = count >> 1
if l > 65536:
l = 0
if (l > 0):
refFile.seek(refFile.tell() + 4)
prettyName = refFile.read(l)
ret.append(prettyName)
else:
ret.append("Null String")
refFile.close()
objSize = 8 #8 = object inheritance, 8=count+hash, l = length of string
print "\n"
elif (name and name.startswith('[')):
#count number of [ and loop through
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
print "Reference Class is an " + name + " Array "
arrData = []
#[i, arrayObjOff] = art.fromPointer(ref, mapList)
#addr.seek(off+8)
refFile.seek(refOff + 8)
arrSize = unpack_int(refFile)
ret.append("Array size is " + str(arrSize))
arrData = checkArray(name, arrSize, refFile, arrData)
if arrData:
ret.append("The array data for " + name + " is " + str(arrData))
#objSize = 8+4+len(arrData)#8 = object inheritance, 4=position for length of array, len = length of array data
objSize = 8
refFile.close()
ret.append("\n")
elif (len(name) == 1):
obj = getPrimitive(name, addr)
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
ret.append("Reference Class is a Primitive")
ret.append(obj)
objSize = len(str(obj))
else:
ret.append("++++++++++++++++++++++++++++++++++++++++++++")
objSize = 8
if ('?' in name):
ret.append(ref + " Cannot Be Resolved " + str(objSize))
else:
ret.append(ref + " " + name + " " + monitor)
ret.append("\n")
refFile.close()
return objSize, ret