justan0th3rstud3nt
/
garble
mirror of https://github.com/burrowers/garble
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
ci-test
literalRecheck
v0.14.1
v0.14.0
v0.13.0
v0.12.1
v0.12.0
v0.11.0
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.0
v0.7.2
v0.7.1
v0.7.0
v0.6.0
v0.5.1
v0.5.0
v0.4.0
v0.3.0
v0.2.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e0dbea2b3d'
${ noResults }
garble/testdata/script/linkname.txtar

193 lines
4.7 KiB
Plaintext
Raw Normal View History Unescape Escape

set testscript's RequireExplicitExec and RequireUniqueNames The first makes our test scripts more consistent, as all external program executions happen via "exec" and are not as easily confused with custom builtin commands like our "generate-literals". The second catches mistakes if any of our txtar files have duplicate files, where all but one of the contents would be ignored before.
2 years ago
exec garble build
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
exec ./main
cmp stderr main.stderr
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
# TODO: why is 'obfuscatedMethod' present?
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
! binsubstr main$exe 'obfuscatedFunc' 'ObfuscatedFunc'
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
binsubstr main$exe 'UnobfuscatedMethod'
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
[short] stop # no need to verify this with -short
go build
exec ./main
cmp stderr main.stderr
-- go.mod --
module test/main
drop Go 1.22 and require Go 1.23.0 or later (#876) This lets us start taking advantage of featurs from Go 1.23, particularly tracking aliases in go/types and iterators. Note that we need to add code to properly handle or skip over the new *types.Alias type which go/types produces for Go type aliases. Also note that we actually turn this mode off entirely for now, due to the bug reported at https://go.dev/issue/70394. We don't yet remove our own alias tracking code yet due to the above. We hope to be able to remove it very soon.
5 months ago
go 1.23
Fix calls to linkname functions (#314)
4 years ago
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
replace big.chungus/meme => ./big.chungus/meme
drop support for Go 1.18.x With Go 1.19 having been out for two months, and Go 1.20's first beta coming out in two months, it is now time to move forward again.
3 years ago
require big.chungus/meme v0.0.0
Fix calls to linkname functions (#314)
4 years ago
-- a.go --
package main
// Call a function which is linknamed to another symbol.
// What's special here is that we obfuscate this call before the function declaration.
// If we decide not to obfuscate the name in the function declaration,
// we shouldn't obfuscate the name here either.
func linknameCalledInPkg() {
println(obfuscatedFunc())
}
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
-- main.go --
package main
import (
fixed some bugs related to additional linkname corner cases (#210)
4 years ago
_ "os/exec"
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
"reflect"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
_ "strings"
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
"unsafe"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
_ "big.chungus/meme"
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
"test/main/imported"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
)
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
// A linkname to an external obfuscated func.
//go:linkname obfuscatedFunc test/main/imported.ObfuscatedFuncImpl
func obfuscatedFunc() string
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
// A linkname to an external obfuscated method.
//go:linkname obfuscatedMethod test/main/imported.Receiver.obfuscatedMethod
func obfuscatedMethod(imported.Receiver) string
// A linkname to an external unobfuscated method.
//go:linkname unobfuscatedMethod test/main/imported.Receiver.UnobfuscatedMethod
func unobfuscatedMethod(imported.Receiver) string
// A linkname to an external obfuscated pointer method, with an extra parameter.
//go:linkname obfuscatedPointerMethod test/main/imported.(*Receiver).obfuscatedPointerMethod
func obfuscatedPointerMethod(*imported.Receiver, string) string
// Similar to the above, but for std, plus having to define a type.
// Some libraries do abuse reflect in this way, unfortunately.
type rtype struct{}
//go:linkname rtype_ptrTo reflect.(*rtype).ptrTo
func rtype_ptrTo(*rtype) *rtype
//go:linkname rtype_NumMethod reflect.(*rtype).NumMethod
func rtype_NumMethod(*rtype) int
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
// A linkname to an entirely made up name, implemented elsewhere.
//go:linkname renamedFunc madeup.newName
func renamedFunc() string
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
// A linkname to an external non-obfuscated func in another
// module whose package path has a dot in it.
//go:linkname tagline big.chungus/meme.chungify
func tagline() string
Fix reflection detection for linknamed methods (#883)
5 months ago
// A linkname to an external non-obfuscated func with receiver which is also non-obfuscated
//go:linkname changeThing test/main/imported.(*channel).changeThing
func changeThing(c unsafe.Pointer, to string)
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
func main() {
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
println(obfuscatedFunc())
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
r := imported.Receiver{Field: "field value"}
println(obfuscatedMethod(r))
println(unobfuscatedMethod(r))
println(obfuscatedPointerMethod(&r, "another value"))
typ := reflect.TypeOf(new(error)).Elem()
type emptyInterface struct {
_ *rtype
ptr unsafe.Pointer
}
rtyp := (*rtype)(((*emptyInterface)(unsafe.Pointer(&typ))).ptr)
println("rtype_ptrTo non-nil", rtype_ptrTo(rtyp) != nil)
println("rtype_NumMethod", rtype_NumMethod(rtyp))
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
println(renamedFunc())
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
println(tagline())
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
println(imported.ByteIndex("01234", '3'))
Fix calls to linkname functions (#314)
4 years ago
linknameCalledInPkg()
Fix reflection detection for linknamed methods (#883)
5 months ago
a := imported.Return("initial_text")
val := reflect.ValueOf(a)
changeThing(val.UnsafePointer(), "to this")
println(a.DoThing())
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
}
-- imported/imported.go --
package imported
import (
default to GOGARBLE=*, stop using GOPRIVATE We can drop the code that kicked in when GOGARBLE was empty. We can also add the value in addGarbleToHash unconditionally, as we never allow it to be empty. In the tests, remove all GOGARBLE lines where it just meant "obfuscate everything" or "obfuscate the entire main module". cgo.txtar had "obfuscate everything" as a separate step, so remove it entirely. linkname.txtar started failing because the imported package did not import strings, so listPackage errored out. This wasn't a problem when strings itself wasn't obfuscated, as transformLinkname silently left strings.IndexByte untouched. It is a problem when IndexByte does get obfuscated. Make that kind of listPackage error visible, and fix it. reflect.txtar started failing with "unreachable method" runtime throws. It's not clear to me why; it appears that GOGARBLE=* makes the linker think that ExportedMethodName is suddenly unreachable. Work around the problem by making the method explicitly reachable, and leave a TODO as a reminder to investigate. Finally, gogarble.txtar no longer needs to test for GOPRIVATE. The rest of the test is left the same, as we still want the various values for GOGARBLE to continue to work just like before. Fixes #594.
2 years ago
_ "strings"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
_ "unsafe"
Fix reflection detection for linknamed methods (#883)
5 months ago
"reflect"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
)
Fix reflection detection for linknamed methods (#883)
5 months ago
type Test interface {
DoThing() string
}
func Return(c string) Test {
return &channel{dummy: c}
}
type channel struct {
dummy string
}
var _ = reflect.TypeOf(channel{})
func (c *channel) DoThing() string {
return c.dummy
}
func (c *channel) changeThing(to string) {
c.dummy = to
}
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
func ObfuscatedFuncImpl() string {
return "obfuscated func"
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
}
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
type Receiver struct{
Field string
}
func (r Receiver) obfuscatedMethod() string {
return "obfuscated method: " + r.Field
}
func (r *Receiver) obfuscatedPointerMethod(extra string) string {
return "obfuscated pointer method: " + r.Field + " plus " + extra
}
func (r Receiver) UnobfuscatedMethod() string {
return "unobfuscated method: " + r.Field
}
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
//go:linkname renamedFunc madeup.newName
func renamedFunc() string {
return "renamed func"
}
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
// A linkname to an external non-obfuscated func.
// Different from byteIndex, as we call this from an importer package.
//go:linkname ByteIndex strings.IndexByte
func ByteIndex(s string, c byte) int
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
-- big.chungus/meme/go.mod --
module test/main
drop Go 1.22 and require Go 1.23.0 or later (#876) This lets us start taking advantage of featurs from Go 1.23, particularly tracking aliases in go/types and iterators. Note that we need to add code to properly handle or skip over the new *types.Alias type which go/types produces for Go type aliases. Also note that we actually turn this mode off entirely for now, due to the bug reported at https://go.dev/issue/70394. We don't yet remove our own alias tracking code yet due to the above. We hope to be able to remove it very soon.
5 months ago
go 1.23
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
-- big.chungus/meme/dante.go --
package meme
func chungify() string {
return "featuring Dante from the Devil May Cry series"
}
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
-- main.stderr --
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
obfuscated func
support go:linkname directives pointing at methods This is not common, but it is done by a few projects. Namely, github.com/goccy/go-json reached into reflect's guts, which included a number of methods: internal/runtime/rtype.go 11://go:linkname rtype_Align reflect.(*rtype).Align 19://go:linkname rtype_FieldAlign reflect.(*rtype).FieldAlign 27://go:linkname rtype_Method reflect.(*rtype).Method 35://go:linkname rtype_MethodByName reflect.(*rtype).MethodByName [...] Add tests for such go:linkname directives pointing at methods. Note that there are two possible symbol string variants; "pkg/path.(*Receiver).method" for methods with pointer receivers, and "pkg/path.Receiver.method" for the rest. We can't assume that the presence of two dots means a method either. For example, a package path may be "pkg/path.with.dots", and so "pkg/path.with.dots.SomeFunc" is the function "SomeFunc" rather than the method "SomeFunc" on a type "dots". To account for this ambiguity, rather than splitting on the last dot like we used to, try to find a package path prefix by splitting on an increasing number of first dots. This can in theory still be ambiguous. For example, we could have the package "pkg/path" expose the method "foo.bar", and the package "pkg/path.foo" expose the func "bar". Then, the symbol string "pkg/path.foo.bar" could mean either of them. However, this seems extremely unlikely to happen in practice, and I'm not sure that Go's toolchain would support it either. I also noticed that goccy/go-json still failed to build after the fix. The reason was that the type reflect.rtype wasn't being obfuscated. We could, and likely should, teach our assembly and linkname transformers about which names we chose not to obfuscate due to the use of reflection. However, in this particular case, reflect's own types can be obfuscated safely, so just do that. Fixes #656.
2 years ago
obfuscated method: field value
unobfuscated method: field value
obfuscated pointer method: field value plus another value
rtype_ptrTo non-nil true
rtype_NumMethod 1
rewrite go:linkname directives with garbled names (#200) If code includes a linkname directive pointing at a name in an imported package, like: //go:linkname localName importedpackage.RemoteName func localName() We should rewrite the comment to replace "RemoteName" with its obfuscated counterpart, if the package in question was obfuscated and that name was as well. We already had some code to handle linkname directives, but only to ensure that "localName" was never obfuscated. This behavior is kept, to ensure that the directive applies to the right name. In the future, we could instead rewrite "localName" in the directive, like we do with "RemoteName". Add plenty of tests, too. The linkname directive used to be tested in imports.txt and syntax.txt, but that was hard to maintain as each file tested different edge cases. Now that we have build caching, adding one extra testscript file isn't a big problem anymoree. Add linkname.txt, which is self-explanatory. The other two scripts also get a bit less complex. Fixes #197.
4 years ago
renamed func
fix obfuscating linkname directives that where the package name contained a dot
4 years ago
featuring Dante from the Devil May Cry series
fix a regression involving imported linkname funcs In ce2c45440a, we simplified the code a bit and removed one call to obfuscatedTypesPackage. Unfortunately, we introduced a regression; if an exported function is linknamed to another symbol name, and it's called from an importer package, we would have a build failure now: > garble build [stderr] # test/main ZiOACuw7.go:1: undefined: ODC0xN52.BaDqbhkj This is because the imported package would not hash the original name, via its ignoreObjects logic. And, since the importer package has no access to that knowledge, it would hash the same name, and fail to find it in the final build. The regression happened because we used to have a types.Scope Lookup that saved us in this scenario. Add the test, and re-add the Lookup, this time only for this particular scenario with function names. Thanks to Andrew LeFevre for reporting and describing the test case. While at it, replace more uses of "garbled" to "obfuscated".
4 years ago
3
Fix calls to linkname functions (#314)
4 years ago
obfuscated func
Fix reflection detection for linknamed methods (#883)
5 months ago
to this