UNLOZE/sourcemod
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge.

Browse Source
This commit is contained in:
Nicholas Hastings 2012-08-10 21:54:03 -04:00
commit 33ef2ff5c9
13 changed files with 880 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
configs/core.cfg
View File

@ -115,4 +115,14 @@
* In general, this option should be set to "yes" to increase the security of your server.
*/
"SteamAuthstringValidation" "yes"
/**
* Enables or disables whether SourceMod blocks known or potentially malicious plugins from loading.
* It is STRONGLY advised that this is left enabled, there have been cases in the past with plugins that
* allow anyone to delete files on the server, gain full rcon control, etc.
*
* "yes" - Block malware or illegal plugins from loading (default)
* "no" - Warn about malware or illegal plugins loading
*/
"BlockBadPlugins" "yes"
}

69
core/PluginSys.cpp
View File

@ -789,6 +789,8 @@ CPluginManager::CPluginManager()
m_AllPluginsLoaded = false;
m_MyIdent = NULL;
m_LoadingLocked = false;
m_bBlockBadPlugins = true;
}
CPluginManager::~CPluginManager()
@ -1031,6 +1033,41 @@ LoadRes CPluginManager::_LoadPlugin(CPlugin **_plugin, const char *path, bool de
}
}
if (pPlugin->GetStatus() == Plugin_Created)
{
unsigned char *pCodeHash = pPlugin->m_pRuntime->GetCodeHash();
char codeHashBuf[40];
UTIL_Format(codeHashBuf, 40, "plugin_");
for (int i = 0; i < 16; i++)
UTIL_Format(codeHashBuf + 7 + (i * 2), 3, "%02x", pCodeHash[i]);
const char *bulletinUrl = g_pGameConf->GetKeyValue(codeHashBuf);
if (bulletinUrl != NULL)
{
if (m_bBlockBadPlugins)
{
if (error)
{
if (bulletinUrl[0] != '\0')
{
UTIL_Format(error, maxlength, "Known malware detected and blocked. See %s for more info", bulletinUrl);
} else {
UTIL_Format(error, maxlength, "Possible malware or illegal plugin detected and blocked");
}
}
pPlugin->m_status = Plugin_BadLoad;
} else {
if (bulletinUrl[0] != '\0')
{
g_Logger.LogMessage("%s: Known malware detected. See %s for more info, blocking disabled in core.cfg", pPlugin->GetFilename(), bulletinUrl);
} else {
g_Logger.LogMessage("%s: Possible malware or illegal plugin detected, blocking disabled in core.cfg", pPlugin->GetFilename());
}
}
}
}
LoadRes loadFailure = LoadRes_Failure;
/* Get the status */
if (pPlugin->GetStatus() == Plugin_Created)
@ -1129,7 +1166,7 @@ void CPluginManager::LoadAutoPlugin(const char *plugin)
if ((res=_LoadPlugin(&pl, plugin, false, PluginType_MapUpdated, error, sizeof(error))) == LoadRes_Failure)
{
g_Logger.LogError("[SM] Failed to load plugin \"%s\": %s", plugin, error);
g_Logger.LogError("[SM] Failed to load plugin \"%s\": %s.", plugin, error);
pl->SetErrorState(
pl->GetStatus() <= Plugin_Created ? Plugin_BadLoad : pl->GetStatus(),
"%s",
@ -1889,6 +1926,27 @@ void CPluginManager::OnSourceModShutdown()
g_ShareSys.DestroyIdentity(m_MyIdent);
}
ConfigResult CPluginManager::OnSourceModConfigChanged(const char *key,
const char *value,
ConfigSource source,
char *error,
size_t maxlength)
{
if (strcmp(key, "BlockBadPlugins") == 0) {
if (strcasecmp(value, "yes") == 0)
{
m_bBlockBadPlugins = true;
} else if (strcasecmp(value, "no") == 0) {
m_bBlockBadPlugins = false;
} else {
UTIL_Format(error, maxlength, "Invalid value: must be \"yes\" or \"no\"");
return ConfigResult_Reject;
}
return ConfigResult_Accept;
}
return ConfigResult_Ignore;
}
void CPluginManager::OnHandleDestroy(HandleType_t type, void *object)
{
/* We don't care about the internal object, actually */
@ -2269,6 +2327,15 @@ void CPluginManager::OnRootConsoleCommand(const char *cmdname, const CCommand &c
{
g_RootMenu.ConsolePrint(" Timestamp: %s", pl->m_DateTime);
}
unsigned char *pCodeHash = pl->m_pRuntime->GetCodeHash();
unsigned char *pDataHash = pl->m_pRuntime->GetDataHash();
char combinedHash[33];
for (int i = 0; i < 16; i++)
UTIL_Format(combinedHash + (i * 2), 3, "%02x", pCodeHash[i] ^ pDataHash[i]);
g_RootMenu.ConsolePrint(" Hash: %s", combinedHash);
}
else
{

5
core/PluginSys.h
View File

@ -57,6 +57,7 @@
#include "convar_sm.h"
#endif
#include "ITranslator.h"
#include "IGameConfigs.h"
#include "NativeOwner.h"
#include "ShareSys.h"
@ -326,6 +327,7 @@ public: //IPluginManager
public: //SMGlobalClass
void OnSourceModAllInitialized();
void OnSourceModShutdown();
ConfigResult OnSourceModConfigChanged(const char *key, const char *value, ConfigSource source, char *error, size_t maxlength);
void OnSourceModMaxPlayersChanged(int newvalue);
public: //IHandleTypeDispatch
void OnHandleDestroy(HandleType_t type, void *object);
@ -470,6 +472,9 @@ private:
List<FakeNative *> m_Natives;
bool m_LoadingLocked;
// Config
bool m_bBlockBadPlugins;
};
extern CPluginManager g_PluginSys;

16
gamedata/core.games/blacklist.plugins.txt Normal file
View File

@ -0,0 +1,16 @@
/**
* Do not edit this file. Any changes will be overwritten by the gamedata
* updater or by upgrading your SourceMod install.
*
* For more information, see http://wiki.alliedmods.net/Gamedata_Updating_(SourceMod)
*/
"Games"
{
"#default"
{
"Keys"
{
}
}
}

3
gamedata/core.games/master.games.txt
View File

@ -65,4 +65,7 @@
"engine" "csgo"
}
"blacklist.plugins.txt"
{
}
}

2
plugins/include/tf2_stocks.inc
View File

@ -231,7 +231,7 @@ enum {
TF_WEAPON_GRENADE_CLEAVER,
};
// TF2 Weapon Slots for GetPlayerWeaponSlot
// TF2 Weapon Loadout Slots
enum
{
TFWeaponSlot_Primary,

16
public/sourcepawn/sp_vm_api.h
View File

@ -40,7 +40,7 @@
/** SourcePawn Engine API Version */
#define SOURCEPAWN_ENGINE_API_VERSION 4
#define SOURCEPAWN_ENGINE2_API_VERSION 3
#define SOURCEPAWN_ENGINE2_API_VERSION 4
#if !defined SOURCEMOD_BUILD
#define SOURCEMOD_BUILD
@ -479,6 +479,20 @@ namespace SourcePawn
* @return Memory usage, in bytes.
*/
virtual size_t GetMemUsage() =0;
/**
* @brief Returns the MD5 hash of the plugin's P-Code.
*
* @return 16-byte buffer with MD5 hash of the plugin's P-Code.
*/
virtual unsigned char *GetCodeHash() =0;
/**
* @brief Returns the MD5 hash of the plugin's Data.
*
* @return 16-byte buffer with MD5 hash of the plugin's Data.
*/
virtual unsigned char *GetDataHash() =0;
};
/**

1
sourcepawn/jit/AMBuilder
View File

@ -36,6 +36,7 @@ binary.AddSourceFiles('sourcepawn/jit', [
'zlib/trees.c',
'zlib/uncompr.c',
'zlib/zutil.c',
'md5/md5.cpp',
'../../knight/shared/KeCodeAllocator.cpp'
])
SM.AutoVersion('sourcepawn/jit', binary)

25
sourcepawn/jit/BaseRuntime.cpp
View File

@ -8,6 +8,8 @@
#include "sp_vm_basecontext.h"
#include "engine2.h"
#include "md5/md5.h"
using namespace SourcePawn;
BaseRuntime::BaseRuntime() : m_Debug(&m_plugin), m_pPlugin(&m_plugin), m_pCtx(NULL),
@ -18,6 +20,9 @@ m_PubFuncs(NULL), m_PubJitFuncs(NULL), m_pCo(NULL), m_CompSerial(0)
m_FuncCache = NULL;
m_MaxFuncs = 0;
m_NumFuncs = 0;
memset(m_CodeHash, 0, sizeof(m_CodeHash));
memset(m_DataHash, 0, sizeof(m_DataHash));
}
BaseRuntime::~BaseRuntime()
@ -227,6 +232,16 @@ int BaseRuntime::CreateFromMemory(sp_file_hdr_t *hdr, uint8_t *base)
memset(m_PubJitFuncs, 0, sizeof(JitFunction *) * m_pPlugin->num_publics);
}
MD5 md5_pcode;
md5_pcode.update(plugin->pcode, plugin->pcode_size);
md5_pcode.finalize();
md5_pcode.raw_digest(m_CodeHash);
MD5 md5_data;
md5_data.update(plugin->data, plugin->data_size);
md5_data.finalize();
md5_data.raw_digest(m_DataHash);
m_pPlugin->profiler = g_engine2.GetProfiler();
m_pCtx = new BaseContext(this);
m_pCo = g_Jit.StartCompilation(this);
@ -483,6 +498,16 @@ size_t BaseRuntime::GetMemUsage()
return mem;
}
unsigned char *BaseRuntime::GetCodeHash()
{
return m_CodeHash;
}
unsigned char *BaseRuntime::GetDataHash()
{
return m_DataHash;
}
BaseContext *BaseRuntime::GetBaseContext()
{
return m_pCtx;

5
sourcepawn/jit/BaseRuntime.h
View File

@ -48,6 +48,8 @@ public:
virtual void SetPauseState(bool paused);
virtual bool IsPaused();
virtual size_t GetMemUsage();
virtual unsigned char *GetCodeHash();
virtual unsigned char *GetDataHash();
JitFunction *GetJittedFunction(uint32_t idx);
uint32_t AddJittedFunction(JitFunction *fn);
public:
@ -65,6 +67,9 @@ public:
JitFunction **m_PubJitFuncs;
ICompilation *m_pCo;
unsigned int m_CompSerial;
unsigned char m_CodeHash[16];
unsigned char m_DataHash[16];
};
#endif //_INCLUDE_SOURCEPAWN_JIT_RUNTIME_H_

476
sourcepawn/jit/md5/md5.cpp Normal file
View File

@ -0,0 +1,476 @@
// MD5.CC - source code for the C++/object oriented translation and
// modification of MD5.
// Translation and modification (c) 1995 by Mordechai T. Abzug
// This translation/ modification is provided "as is," without express or
// implied warranty of any kind.
// The translator/ modifier does not claim (1) that MD5 will do what you think
// it does; (2) that this translation/ modification is accurate; or (3) that
// this software is "merchantible." (Language for this disclaimer partially
// copied from the disclaimer below).
/* based on:
MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
MDDRIVER.C - test driver for MD2, MD4 and MD5
Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
rights reserved.
License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.
License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
#include "md5.h"
#include <assert.h>
#include <string.h>
// MD5 simple initialization method
MD5::MD5(){
init();
}
// MD5 block update operation. Continues an MD5 message-digest
// operation, processing another message block, and updating the
// context.
void MD5::update (uint1 *input, uint4 input_length) {
uint4 input_index, buffer_index;
uint4 buffer_space; // how much space is left in buffer
if (finalized){ // so we can't update!
/*cerr << "MD5::update: Can't update a finalized digest!" << endl;*/
return;
}
// Compute number of bytes mod 64
buffer_index = (unsigned int)((count[0] >> 3) & 0x3F);
// Update number of bits
if ( (count[0] += ((uint4) input_length << 3))<((uint4) input_length << 3) )
count[1]++;
count[1] += ((uint4)input_length >> 29);
buffer_space = 64 - buffer_index; // how much space is left in buffer
// Transform as many times as possible.
if (input_length >= buffer_space) { // ie. we have enough to fill the buffer
// fill the rest of the buffer and transform
memcpy (buffer + buffer_index, input, buffer_space);
transform (buffer);
// now, transform each 64-byte piece of the input, bypassing the buffer
for (input_index = buffer_space; input_index + 63 < input_length;
input_index += 64)
transform (input+input_index);
buffer_index = 0; // so we can buffer remaining
}
else
input_index=0; // so we can buffer the whole input
// and here we do the buffering:
memcpy(buffer+buffer_index, input+input_index, input_length-input_index);
}
// MD5 update for files.
// Like above, except that it works on files (and uses above as a primitive.)
void MD5::update(FILE *file){
unsigned char buffer[1024];
int len;
while ((len=fread(buffer, 1, 1024, file)))
update(buffer, len);
fclose (file);
}
// MD5 finalization. Ends an MD5 message-digest operation, writing the
// the message digest and zeroizing the context.
void MD5::finalize (){
unsigned char bits[8];
unsigned int index, padLen;
static uint1 PADDING[64]={
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
if (finalized){
/* cerr << "MD5::finalize: Already finalized this digest!" << endl;*/
return;
}
// Save number of bits
encode (bits, count, 8);
// Pad out to 56 mod 64.
index = (uint4) ((count[0] >> 3) & 0x3f);
padLen = (index < 56) ? (56 - index) : (120 - index);
update (PADDING, padLen);
// Append length (before padding)
update (bits, 8);
// Store state in digest
encode (digest, state, 16);
// Zeroize sensitive information
memset (buffer, 0, sizeof(*buffer));
finalized=1;
}
MD5::MD5(FILE *file){
init(); // must be called be all constructors
update(file);
finalize ();
}
unsigned char *MD5::raw_digest(){
uint1 *s = new uint1[16];
if (!finalized){
/* cerr << "MD5::raw_digest: Can't get digest if you haven't "<<
"finalized the digest!" <<endl;*/
return ( (unsigned char*) "");
}
memcpy(s, digest, 16);
return s;
}
unsigned char *MD5::raw_digest(unsigned char buffer[16])
{
if (!finalized)
{
return ( (unsigned char*) "");
}
memcpy(buffer, digest, 16);
return buffer;
}
char *MD5::hex_digest(){
int i;
char *s= new char[33];
assert(finalized);
for (i=0; i<16; i++)
sprintf(s+i*2, "%02x", digest[i]);
s[32]='\0';
return s;
}
char *MD5::hex_digest(char buffer[33]){
int i;
assert(finalized);
for (i=0; i<16; i++)
sprintf(buffer+i*2, "%02x", digest[i]);
buffer[32]='\0';
return buffer;
}
// PRIVATE METHODS:
void MD5::init(){
finalized=0; // we just started!
// Nothing counted, so count=0
count[0] = 0;
count[1] = 0;
// Load magic initialization constants.
state[0] = 0x67452301;
state[1] = 0xefcdab89;
state[2] = 0x98badcfe;
state[3] = 0x10325476;
}
// Constants for MD5Transform routine.
// Although we could use C++ style constants, defines are actually better,
// since they let us easily evade scope clashes.
#define S11 7
#define S12 12
#define S13 17
#define S14 22
#define S21 5
#define S22 9
#define S23 14
#define S24 20
#define S31 4
#define S32 11
#define S33 16
#define S34 23
#define S41 6
#define S42 10
#define S43 15
#define S44 21
// MD5 basic transformation. Transforms state based on block.
void MD5::transform (uint1 block[64]){
uint4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
decode (x, block, 64);
assert(!finalized); // not just a user error, since the method is private
/* Round 1 */
FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
/* Round 2 */
GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
/* Round 3 */
HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
/* Round 4 */
II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
// Zeroize sensitive information.
memset ( (uint1 *) x, 0, sizeof(x));
}
// Encodes input (UINT4) into output (unsigned char). Assumes len is
// a multiple of 4.
void MD5::encode (uint1 *output, uint4 *input, uint4 len) {
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4) {
output[j] = (uint1) (input[i] & 0xff);
output[j+1] = (uint1) ((input[i] >> 8) & 0xff);
output[j+2] = (uint1) ((input[i] >> 16) & 0xff);
output[j+3] = (uint1) ((input[i] >> 24) & 0xff);
}
}
// Decodes input (unsigned char) into output (UINT4). Assumes len is
// a multiple of 4.
void MD5::decode (uint4 *output, uint1 *input, uint4 len){
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
output[i] = ((uint4)input[j]) | (((uint4)input[j+1]) << 8) |
(((uint4)input[j+2]) << 16) | (((uint4)input[j+3]) << 24);
}
// Note: Replace "for loop" with standard memcpy if possible.
void MD5::memcpy (uint1 *output, uint1 *input, uint4 len){
unsigned int i;
for (i = 0; i < len; i++)
output[i] = input[i];
}
// Note: Replace "for loop" with standard memset if possible.
void MD5::memset (uint1 *output, uint1 value, uint4 len){
unsigned int i;
for (i = 0; i < len; i++)
output[i] = value;
}
// ROTATE_LEFT rotates x left n bits.
inline unsigned int MD5::rotate_left (uint4 x, uint4 n){
return (x << n) | (x >> (32-n)) ;
}
// F, G, H and I are basic MD5 functions.
inline unsigned int MD5::F (uint4 x, uint4 y, uint4 z){
return (x & y) | (~x & z);
}
inline unsigned int MD5::G (uint4 x, uint4 y, uint4 z){
return (x & z) | (y & ~z);
}
inline unsigned int MD5::H (uint4 x, uint4 y, uint4 z){
return x ^ y ^ z;
}
inline unsigned int MD5::I (uint4 x, uint4 y, uint4 z){
return y ^ (x | ~z);
}
// FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
// Rotation is separate from addition to prevent recomputation.
inline void MD5::FF(uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac){
a += F(b, c, d) + x + ac;
a = rotate_left (a, s) +b;
}
inline void MD5::GG(uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac){
a += G(b, c, d) + x + ac;
a = rotate_left (a, s) +b;
}
inline void MD5::HH(uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac){
a += H(b, c, d) + x + ac;
a = rotate_left (a, s) +b;
}
inline void MD5::II(uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac){
a += I(b, c, d) + x + ac;
a = rotate_left (a, s) +b;
}

106
sourcepawn/jit/md5/md5.h Normal file
View File

@ -0,0 +1,106 @@
// MD5.CC - source code for the C++/object oriented translation and
// modification of MD5.
// Translation and modification (c) 1995 by Mordechai T. Abzug
// This translation/ modification is provided "as is," without express or
// implied warranty of any kind.
// The translator/ modifier does not claim (1) that MD5 will do what you think
// it does; (2) that this translation/ modification is accurate; or (3) that
// this software is "merchantible." (Language for this disclaimer partially
// copied from the disclaimer below).
/* based on:
MD5.H - header file for MD5C.C
MDDRIVER.C - test driver for MD2, MD4 and MD5
Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
rights reserved.
License to copy and use this software is granted provided that it
is identified as the "RSA Data Security, Inc. MD5 Message-Digest
Algorithm" in all material mentioning or referencing this software
or this function.
License is also granted to make and use derivative works provided
that such works are identified as "derived from the RSA Data
Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing the derived work.
RSA Data Security, Inc. makes no representations concerning either
the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is"
without express or implied warranty of any kind.
These notices must be retained in any copies of any part of this
documentation and/or software.
*/
#include <stdio.h>
//#include <fstream.h>
//#include <iostream.h>
class MD5 {
public:
// methods for controlled operation:
MD5 (); // simple initializer
void update (unsigned char *input, unsigned int input_length);
void update (FILE *file);
void finalize ();
// constructors for special circumstances. All these constructors finalize
// the MD5 context.
MD5 (unsigned char *string); // digest string, finalize
MD5 (FILE *file); // digest file, close, finalize
// methods to acquire finalized result
unsigned char *raw_digest (); // digest as a 16-byte binary array
unsigned char *raw_digest(unsigned char buffer[16]);
char * hex_digest (); // digest as a 33-byte ascii-hex string
char * hex_digest (char buffer[33]); //same as above, passing buffer
private:
// first, some types:
typedef unsigned int uint4; // assumes integer is 4 words long
typedef unsigned short int uint2; // assumes short integer is 2 words long
typedef unsigned char uint1; // assumes char is 1 word long
// next, the private data:
uint4 state[4];
uint4 count[2]; // number of *bits*, mod 2^64
uint1 buffer[64]; // input buffer
uint1 digest[16];
uint1 finalized;
// last, the private methods, mostly static:
void init (); // called by all constructors
void transform (uint1 *buffer); // does the real update work. Note
// that length is implied to be 64.
static void encode (uint1 *dest, uint4 *src, uint4 length);
static void decode (uint4 *dest, uint1 *src, uint4 length);
static void memcpy (uint1 *dest, uint1 *src, uint4 length);
static void memset (uint1 *start, uint1 val, uint4 length);
static inline uint4 rotate_left (uint4 x, uint4 n);
static inline uint4 F (uint4 x, uint4 y, uint4 z);
static inline uint4 G (uint4 x, uint4 y, uint4 z);
static inline uint4 H (uint4 x, uint4 y, uint4 z);
static inline uint4 I (uint4 x, uint4 y, uint4 z);
static inline void FF (uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac);
static inline void GG (uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac);
static inline void HH (uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac);
static inline void II (uint4& a, uint4 b, uint4 c, uint4 d, uint4 x,
uint4 s, uint4 ac);
};

159
tools/ida_scripts/vtable_dump.py
View File

@ -18,6 +18,79 @@ __license__ = "zlib/libpng"
import re
"""
Output Format:"
VTable for <1>: (<2>, <3>)
Lin Win Function
<4><5> <6> <7>
<4><5> <6> <7>
...
<4><5> <6> <7>
1: Classname
2: VTable Offset
3: Linux This Pointer Offset
4: "T" if the function is a MI thunk
5: Linux VTable Index
6: Windows VTable Index
7: Function Signature
"""
catchclass = False
innerclass = ""
classname = None
offsetdata = {}
def ExtractTypeInfo(ea, level = 0):
global catchclass
global innerclass
global classname
global offsetdata
# Param needed to support old IDAPython versions
end = NextHead(ea, 4294967295)
# Skip vtable
ea += 4
# Get type name
name = Demangle("_Z" + GetString(Dword(ea)), GetLongPrm(INF_LONG_DN))
ea += 4
if classname is None and level == 0:
classname = name
if catchclass:
innerclass = name
catchclass = False
print "%*s%s" % (level, "", name)
if not ea < end: # Base Type
pass
elif isData(GetFlags(Dword(ea))): # Single Inheritance
ExtractTypeInfo(Dword(ea), level + 1)
ea += 4
else: # Multiple Inheritance
ea += 8
while ea < end:
catchclass = True
ExtractTypeInfo(Dword(ea), level + 1)
ea += 4
offset = Dword(ea)
ea += 4
#print "%*s Offset: 0x%06X" % (level, "", offset >> 8)
if (offset >> 8) != 0:
offsetdata[offset >> 8] = innerclass
# Source: http://stackoverflow.com/a/9147327
def twos_comp(val, bits):
"""compute the 2's compliment of int value val"""
if (val & (1 << (bits - 1))) != 0:
val = val - (1 << bits)
return val
def Analyze():
SetStatus(IDA_STATUS_WORK)
@ -29,7 +102,8 @@ def Analyze():
ea = ScreenEA()
if not isHead(GetFlags(ea)):
ea = PrevHead(ea)
# Param needed to support old IDAPython versions
ea = PrevHead(ea, 0)
# Param needed to support old IDAPython versions
end = NextHead(ea, 4294967295)
@ -43,18 +117,23 @@ def Analyze():
linux_vtable = []
temp_windows_vtable = []
other_linux_vtables = {}
other_thunk_linux_vtables = {}
temp_other_windows_vtables = {}
# Extract vtable
while ea < end:
offset = Dword(ea)
# Read thisoffs
offset = -twos_comp(Dword(ea), 32)
ea += 4
# A vtable starts with some metadata, if it's missing...
if isCode(GetFlags(offset)):
Warning("Something went wrong!")
SetStatus(IDA_STATUS_READY)
return
# Read typeinfo address
typeinfo = Dword(ea)
ea += 4
# Skip thisoffs and typeinfo address
ea += 8
if offset == 0: # We only need to read this once
print "Inheritance Tree:"
ExtractTypeInfo(typeinfo)
while ea < end and isCode(GetFlags(Dword(ea))):
name = Demangle(Name(Dword(ea)), GetLongPrm(INF_LONG_DN))
@ -63,9 +142,22 @@ def Analyze():
linux_vtable.append(name)
temp_windows_vtable.append(name)
else:
if offset not in other_linux_vtables:
other_linux_vtables[offset] = []
temp_other_windows_vtables[offset] = []
other_thunk_linux_vtables[offset] = []
if "`non-virtual thunk to'" in name:
other_linux_vtables[offset].append(name[22:])
other_thunk_linux_vtables[offset].append(name[22:])
temp_other_windows_vtables[offset].append(name[22:])
else:
other_linux_vtables[offset].append(name)
temp_other_windows_vtables[offset].append(name)
# MI entry, strip "`non-virtual thunk to'" and remove from list
# But not if it's a dtor... what the hell is this.
if (name.find("`non-virtual thunk to'") != -1) and name.find("::~") == -1:
if "`non-virtual thunk to'" in name and "::~" not in name:
name = name[22:]
#print "Stripping '%s' from windows vtable." % (name)
temp_windows_vtable.remove(name)
@ -73,7 +165,7 @@ def Analyze():
ea += 4
for i, v in enumerate(temp_windows_vtable):
if v.find("::~") != -1:
if "::~" in v:
#print "Found destructor at index %d: %s" % (i, v)
del temp_windows_vtable[i]
break
@ -96,8 +188,6 @@ def Analyze():
overload_stack.append(v)
else:
# If we've moved onto something new, dump the stack first
if len(overload_stack) > 0:
#print overload_stack
while len(overload_stack) > 0:
windows_vtable.append(overload_stack.pop())
@ -106,6 +196,11 @@ def Analyze():
prev_function = function
prev_symbol = v
# If there is anything left in the stack, dump it
while len(overload_stack) > 0:
windows_vtable.append(overload_stack.pop())
print "\nVTable for %s: (0, 0)" % (classname)
print "Lin Win Function"
for i, v in enumerate(linux_vtable):
winindex = windows_vtable.index(v) if v in windows_vtable else None
@ -114,6 +209,44 @@ def Analyze():
else:
print "%3d %s" % (i, v)
for k in temp_other_windows_vtables:
for i, v in enumerate(temp_other_windows_vtables[k]):
if v.find("::~") != -1:
#print "Found destructor at index %d: %s" % (i, v)
del temp_other_windows_vtables[k][i]
break
other_windows_vtables = {}
for k in temp_other_windows_vtables:
other_windows_vtables[k] = []
overload_stack = []
prev_function = ""
prev_symbol = ""
for v in temp_other_windows_vtables[k]:
function = v.split("(", 1)[0]
if function == prev_function:
if len(overload_stack) == 0:
other_windows_vtables[k].pop()
overload_stack.append(prev_symbol)
overload_stack.append(v)
else:
if len(overload_stack) > 0:
while len(overload_stack) > 0:
other_windows_vtables[k].append(overload_stack.pop())
other_windows_vtables[k].append(v)
prev_function = function
prev_symbol = v
for k in other_linux_vtables:
print "\nVTable for %s: (%d, %d)" % (offsetdata[k], offsetdata.keys().index(k) + 1, k)
print "Lin Win Function"
for i, v in enumerate(other_linux_vtables[k]):
winindex = other_windows_vtables[k].index(v)
if v not in other_thunk_linux_vtables[k]:
print "%3d %3d %s" % (i, winindex, v)
else:
print "T%2d %3d %s" % (i, winindex, v)
SetStatus(IDA_STATUS_READY)
if __name__ == '__main__':