@zsa233/frida-analykit-agent 2.0.0 → 2.0.1

package/dist/elf/struct.d.ts

@@ -0,0 +1,235 @@
+export type Ehdr = {
+    ei_class: number;
+    e_type: number;
+    e_phoff: number;
+    e_shoff: number;
+    e_phnum: number;
+    e_shnum: number;
+    e_shstrndx: number;
+};
+export type Phdr = {
+    p_type: number;
+    p_offset: number;
+    p_vaddr: number;
+    p_paddr: number;
+    p_filesz: number;
+    p_memsz: number;
+    p_align: number;
+};
+export type Shdr = {
+    name: string | null;
+    base: NativePointer;
+    size: number;
+    sh_name: number;
+    sh_type: number;
+    sh_addr: number;
+    sh_offset: number;
+    sh_size: number;
+    sh_link: number;
+    sh_info: number;
+    sh_addralign: number;
+    sh_entsize: number;
+};
+export type Dyn = {
+    d_tag: number;
+    d_un: number;
+};
+export declare class Soinfo {
+    strtab: NativePointer;
+    strtab_size: number;
+    symtab: NativePointer;
+    plt_rela: NativePointer;
+    plt_rela_count: number;
+    rela: NativePointer;
+    rela_count: number;
+    relr: NativePointer;
+    relr_count: number;
+    init_func: NativePointer;
+    init_array: NativePointer;
+    init_array_count: number;
+    fini_array: NativePointer;
+    fini_array_count: number;
+    plt_got: NativePointer;
+}
+export type Rela = {
+    r_offset: number;
+    r_info: number;
+    r_addend: number;
+};
+export type Sym = {
+    name: string;
+    relocPtr: NativePointer | null;
+    hook: NativePointer | null;
+    implPtr: NativePointer | null;
+    linked: boolean;
+    st_name: number;
+    st_info: number;
+    st_other: number;
+    st_shndx: number;
+    st_value: NativePointer | null;
+    st_size: number;
+};
+export declare const Elf_Ehdr: {
+    EI_Magic: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => ArrayBuffer;
+    EI_CLASS: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+    B64: {
+        E_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Phoff: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shoff: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Phnum: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shnum: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shstrndx: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+    B32: {
+        E_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Phoff: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shoff: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Phnum: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shnum: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Shstrndx: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+};
+export declare const Elf_Phdr: {
+    B64: {
+        P_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Flags: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Vaddr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Paddr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Filesz: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Memsz: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Align: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+    B32: {
+        P_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        E_Flags: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Vaddr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Paddr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Filesz: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Memsz: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        P_Align: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+};
+export declare const Elf_Shdr: {
+    B64: {
+        Sh_Name: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Flags: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Addr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Size: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Link: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Addralign: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Entsize: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+    B32: {
+        Sh_Name: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Type: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Flags: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Addr: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Size: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Link: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Addralign: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        Sh_Entsize: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+};
+export declare const Elf_Dyn: {
+    B64: {
+        D_Tag: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        D_Un: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+    B32: {
+        D_Tag: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        D_Un: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+};
+export declare const Elf_Sym: {
+    B64: {
+        St_Name: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Other: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Shndx: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Value: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Size: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+    B32: {
+        St_Name: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Other: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Shndx: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Value: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        St_Size: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+    };
+};
+export declare const Elf_Rela: {
+    B64: {
+        R_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        R_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        R_Addend: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+        INFO_SYM: bigint;
+        INFO_TYPE: bigint;
+        Reloc: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+    };
+    B32: {
+        R_Offset: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        R_Info: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        R_Addend: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+        SIZE: number;
+        INFO_SYM: bigint;
+        INFO_TYPE: bigint;
+        Reloc: (base: NativePointer | import("../utils/array_pointer.js").ArrayPointer) => number;
+    };
+};
+export declare enum DyntabTag {
+    DT_NULL = 0,
+    DT_NEEDED = 1,
+    DT_PLTRELSZ = 2,
+    DT_PLTGOT = 3,
+    DT_HASH = 4,
+    DT_STRTAB = 5,
+    DT_SYMTAB = 6,
+    DT_RELA = 7,
+    DT_RELASZ = 8,
+    DT_RELAENT = 9,
+    DT_STRSZ = 10,
+    DT_SYMENT = 11,
+    DT_INIT = 12,
+    DT_FINI = 13,
+    DT_SONAME = 14,
+    DT_RPATH = 15,
+    DT_SYMBOLIC = 16,
+    DT_REL = 17,
+    DT_RELSZ = 18,
+    DT_RELENT = 19,
+    DT_PLTREL = 20,
+    DT_DEBUG = 21,
+    DT_TEXTREL = 22,
+    DT_JMPREL = 23,
+    DT_ENCODING = 32,
+    DT_BIND_NOW = 24,
+    DT_INIT_ARRAY = 25,
+    DT_FINI_ARRAY = 26,
+    DT_INIT_ARRAYSZ = 27,
+    DT_FINI_ARRAYSZ = 28,
+    DT_RUNPATH = 29,
+    DT_FLAGS = 30,
+    DT_RELR = 1879040000,
+    DT_RELRSZ = 1879040001,
+    DT_RELRENT = 1879040003,
+    DT_RELRCOUNT = 1879040005
+}

package/{src/elf/struct.ts → dist/elf/struct.js}

@@ -1,97 +1,23 @@
-
-import {
-    readByteArray,
-    binaryReadU8, binaryReadU16,
-    binaryReadU32, binaryReadS32,
-    binaryReadU64, binaryReadS64,
-} from "../utils/utils.js"
-
-
-
-export type Ehdr = {
-    ei_class: number,
-    e_type: number,
-    e_phoff: number,
-    e_shoff: number,
-    e_phnum: number,
-    e_shnum: number,
-    e_shstrndx: number,
-}
-
-export type Phdr = {
-    p_type: number,
-    p_offset: number,
-    p_vaddr: number,
-    p_paddr: number,
-    p_filesz: number,
-    p_memsz: number,
-    p_align: number,
-}
-
-export type Shdr = {
-    name: string | null,
-    base: NativePointer
-    size: number
-
-    sh_name: number,
-    sh_type: number,
-    sh_addr: number,
-    sh_offset: number,
-    sh_size: number,
-    sh_link: number,
-    sh_info: number,
-    sh_addralign: number,
-    sh_entsize: number,
-}
-
-
-export type Dyn = {
-    d_tag: number,
-    d_un: number,
-}
-
-
+import { readByteArray, binaryReadU8, binaryReadU16, binaryReadU32, binaryReadS32, binaryReadU64, binaryReadS64, } from "../utils/utils.js";
 export class Soinfo {
-    strtab: NativePointer = NULL
-    strtab_size: number = 0
-    symtab: NativePointer = NULL
-    plt_rela: NativePointer = NULL
-    plt_rela_count: number = 0
-    rela: NativePointer = NULL
-    rela_count: number = 0
-    relr: NativePointer = NULL
-    relr_count: number = 0
-    init_func: NativePointer = NULL
-    init_array: NativePointer = NULL
-    init_array_count: number = 0
-    fini_array: NativePointer = NULL
-    fini_array_count: number = 0
-    plt_got: NativePointer = NULL
-}
-
-export type Rela = {
-    r_offset: number,
-    r_info: number,
-    r_addend: number,
-}
-
-
-export type Sym = {
-    name: string
-    relocPtr: NativePointer | null
-    hook: NativePointer | null
-    implPtr: NativePointer | null
-    linked: boolean
-
-    st_name: number
-    st_info: number
-    st_other: number
-    st_shndx: number
-    st_value: NativePointer | null
-    st_size: number
+    constructor() {
+        this.strtab = NULL;
+        this.strtab_size = 0;
+        this.symtab = NULL;
+        this.plt_rela = NULL;
+        this.plt_rela_count = 0;
+        this.rela = NULL;
+        this.rela_count = 0;
+        this.relr = NULL;
+        this.relr_count = 0;
+        this.init_func = NULL;
+        this.init_array = NULL;
+        this.init_array_count = 0;
+        this.fini_array = NULL;
+        this.fini_array_count = 0;
+        this.plt_got = NULL;
+    }
 }
-
-
 export const Elf_Ehdr = {
     EI_Magic: readByteArray(0, 4),
     EI_CLASS: binaryReadU8(4),
@@ -113,9 +39,7 @@ export const Elf_Ehdr = {
         E_Shstrndx: binaryReadU16(50),
         SIZE: 52,
     },
-}
-
-
+};
 export const Elf_Phdr = {
     B64: {
         P_Type: binaryReadU32(0),
@@ -139,9 +63,7 @@ export const Elf_Phdr = {
         P_Align: binaryReadU32(28),
         SIZE: 32,
     },
-}
-
-
+};
 export const Elf_Shdr = {
     B64: {
         Sh_Name: binaryReadU32(0),
@@ -169,8 +91,7 @@ export const Elf_Shdr = {
         Sh_Entsize: binaryReadU32(36),
         SIZE: 40,
     },
-}
-
+};
 export const Elf_Dyn = {
     B64: {
         D_Tag: binaryReadU64(0),
@@ -182,9 +103,7 @@ export const Elf_Dyn = {
         D_Un: binaryReadU32(4),
         SIZE: 8,
     },
-}
-
-
+};
 export const Elf_Sym = {
     B64: {
         St_Name: binaryReadU32(0),
@@ -204,8 +123,7 @@ export const Elf_Sym = {
         St_Size: binaryReadU32(12),
         SIZE: 16,
     }
-}
-
+};
 export const Elf_Rela = {
     B64: {
         R_Offset: binaryReadU64(0),
@@ -225,47 +143,43 @@ export const Elf_Rela = {
         INFO_TYPE: 0xffffn,
         Reloc: binaryReadU32(0),
     },
-}
-
-
-export enum DyntabTag {
-    DT_NULL = 0,
-    DT_NEEDED = 1,
-    DT_PLTRELSZ = 2,
-    DT_PLTGOT = 3,
-    DT_HASH = 4,
-    DT_STRTAB = 5,
-    DT_SYMTAB = 6,
-    DT_RELA = 7,
-    DT_RELASZ = 8,
-    DT_RELAENT = 9,
-    DT_STRSZ = 10,
-    DT_SYMENT = 11,
-    DT_INIT = 12,
-    DT_FINI = 13,
-    DT_SONAME = 14,
-    DT_RPATH = 15,
-    DT_SYMBOLIC = 16,
-    DT_REL = 17,
-    DT_RELSZ = 18,
-    DT_RELENT = 19,
-    DT_PLTREL = 20,
-    DT_DEBUG = 21,
-    DT_TEXTREL = 22,
-    DT_JMPREL = 23,
-    DT_ENCODING = 32,
-
-    DT_BIND_NOW = 24,
-    DT_INIT_ARRAY = 25,
-    DT_FINI_ARRAY = 26,
-    DT_INIT_ARRAYSZ = 27,
-    DT_FINI_ARRAYSZ = 28,
-    DT_RUNPATH = 29,
-    DT_FLAGS = 30,
-    
-    DT_RELR = 0x6fffe000,
-    DT_RELRSZ = 0x6fffe001,
-    DT_RELRENT = 0x6fffe003,
-    DT_RELRCOUNT = 0x6fffe005,
-}
-
+};
+export var DyntabTag;
+(function (DyntabTag) {
+    DyntabTag[DyntabTag["DT_NULL"] = 0] = "DT_NULL";
+    DyntabTag[DyntabTag["DT_NEEDED"] = 1] = "DT_NEEDED";
+    DyntabTag[DyntabTag["DT_PLTRELSZ"] = 2] = "DT_PLTRELSZ";
+    DyntabTag[DyntabTag["DT_PLTGOT"] = 3] = "DT_PLTGOT";
+    DyntabTag[DyntabTag["DT_HASH"] = 4] = "DT_HASH";
+    DyntabTag[DyntabTag["DT_STRTAB"] = 5] = "DT_STRTAB";
+    DyntabTag[DyntabTag["DT_SYMTAB"] = 6] = "DT_SYMTAB";
+    DyntabTag[DyntabTag["DT_RELA"] = 7] = "DT_RELA";
+    DyntabTag[DyntabTag["DT_RELASZ"] = 8] = "DT_RELASZ";
+    DyntabTag[DyntabTag["DT_RELAENT"] = 9] = "DT_RELAENT";
+    DyntabTag[DyntabTag["DT_STRSZ"] = 10] = "DT_STRSZ";
+    DyntabTag[DyntabTag["DT_SYMENT"] = 11] = "DT_SYMENT";
+    DyntabTag[DyntabTag["DT_INIT"] = 12] = "DT_INIT";
+    DyntabTag[DyntabTag["DT_FINI"] = 13] = "DT_FINI";
+    DyntabTag[DyntabTag["DT_SONAME"] = 14] = "DT_SONAME";
+    DyntabTag[DyntabTag["DT_RPATH"] = 15] = "DT_RPATH";
+    DyntabTag[DyntabTag["DT_SYMBOLIC"] = 16] = "DT_SYMBOLIC";
+    DyntabTag[DyntabTag["DT_REL"] = 17] = "DT_REL";
+    DyntabTag[DyntabTag["DT_RELSZ"] = 18] = "DT_RELSZ";
+    DyntabTag[DyntabTag["DT_RELENT"] = 19] = "DT_RELENT";
+    DyntabTag[DyntabTag["DT_PLTREL"] = 20] = "DT_PLTREL";
+    DyntabTag[DyntabTag["DT_DEBUG"] = 21] = "DT_DEBUG";
+    DyntabTag[DyntabTag["DT_TEXTREL"] = 22] = "DT_TEXTREL";
+    DyntabTag[DyntabTag["DT_JMPREL"] = 23] = "DT_JMPREL";
+    DyntabTag[DyntabTag["DT_ENCODING"] = 32] = "DT_ENCODING";
+    DyntabTag[DyntabTag["DT_BIND_NOW"] = 24] = "DT_BIND_NOW";
+    DyntabTag[DyntabTag["DT_INIT_ARRAY"] = 25] = "DT_INIT_ARRAY";
+    DyntabTag[DyntabTag["DT_FINI_ARRAY"] = 26] = "DT_FINI_ARRAY";
+    DyntabTag[DyntabTag["DT_INIT_ARRAYSZ"] = 27] = "DT_INIT_ARRAYSZ";
+    DyntabTag[DyntabTag["DT_FINI_ARRAYSZ"] = 28] = "DT_FINI_ARRAYSZ";
+    DyntabTag[DyntabTag["DT_RUNPATH"] = 29] = "DT_RUNPATH";
+    DyntabTag[DyntabTag["DT_FLAGS"] = 30] = "DT_FLAGS";
+    DyntabTag[DyntabTag["DT_RELR"] = 1879040000] = "DT_RELR";
+    DyntabTag[DyntabTag["DT_RELRSZ"] = 1879040001] = "DT_RELRSZ";
+    DyntabTag[DyntabTag["DT_RELRENT"] = 1879040003] = "DT_RELRENT";
+    DyntabTag[DyntabTag["DT_RELRCOUNT"] = 1879040005] = "DT_RELRCOUNT";
+})(DyntabTag || (DyntabTag = {}));

package/dist/elf/tools.d.ts

@@ -0,0 +1,6 @@
+import { ElfModuleX } from "./module.js";
+export declare class ElfTools {
+    static findModuleByName(name: string, tryFix?: boolean): ElfModuleX | null;
+    static getModuleByName(name: string, tryFix?: boolean): ElfModuleX;
+    static loadFromModule(mod: Module, tryFix?: boolean): ElfModuleX;
+}

package/dist/elf/tools.js

@@ -0,0 +1,25 @@
+import { setGlobalProperties } from "../config.js";
+import { ElfFileFixer, ElfModuleX } from "./module.js";
+export class ElfTools {
+    static findModuleByName(name, tryFix = false) {
+        const mod = Process.findModuleByName(name);
+        if (mod === null) {
+            return null;
+        }
+        return this.loadFromModule(mod, tryFix);
+    }
+    static getModuleByName(name, tryFix = false) {
+        const modx = this.findModuleByName(name, tryFix);
+        if (modx === null) {
+            throw new Error(`[getModuleByName] ${name} module not found.`);
+        }
+        return modx;
+    }
+    static loadFromModule(mod, tryFix = false) {
+        const fixers = tryFix ? [new ElfFileFixer(mod.path)] : undefined;
+        return new ElfModuleX(mod, fixers);
+    }
+}
+setGlobalProperties({
+    ElfTools,
+});

package/dist/elf/verifier.d.ts

@@ -0,0 +1,11 @@
+import { InstructionSequence } from "./insn.js";
+type ScoreResult = {
+    instructions: Arm64Instruction[];
+    eoi?: Arm64Instruction;
+    score: number;
+};
+export declare class Subroutine extends InstructionSequence {
+    constructor(entry: Arm64Instruction);
+    scoreThunk(): ScoreResult;
+}
+export {};

package/dist/elf/verifier.js

@@ -0,0 +1,57 @@
+import { setGlobalProperties } from "../config.js";
+import { InstructionSequence } from "./insn.js";
+export class Subroutine extends InstructionSequence {
+    constructor(entry) {
+        super(entry);
+    }
+    scoreThunk() {
+        const MAX_INSTR = 20;
+        let score = 0;
+        let i = 0;
+        const insns = [];
+        loop: for (const insn of this) {
+            insns.push(insn);
+            const ops = insn.operands;
+            switch (insn.mnemonic) {
+                case 'br':
+                case 'b':
+                    this.eoi = insn;
+                    score += 100;
+                    break loop;
+                case 'stp':
+                case 'ldp':
+                    if (ops[2].type === 'mem' && ops[2].value.base === 'sp') {
+                        score -= 20;
+                        break;
+                    }
+                case 'ret':
+                    score = 0;
+                    this.eoi = insn;
+                    break;
+                case 'sub':
+                case 'add':
+                    if (ops[0].value === 'sp') {
+                        score -= 20;
+                        break;
+                    }
+                    break;
+            }
+            if (i >= 5) {
+                // 指令越多分数越低
+                score -= 5;
+            }
+            i++;
+            if (i >= MAX_INSTR) {
+                break;
+            }
+        }
+        return {
+            instructions: insns,
+            eoi: this.eoi,
+            score: score,
+        };
+    }
+}
+setGlobalProperties({
+    Subroutine,
+});

package/dist/elf/xref.d.ts

@@ -0,0 +1,32 @@
+import { InstructionSequence } from "./insn.js";
+export declare class AdrlXref {
+    static readonly ADRP_FIXED28_24_BITSET_MASK: NativePointer;
+    target: NativePointer;
+    constructor(target: NativePointer);
+    get targetPage(): NativePointer;
+    get targetPageOffset(): NativePointer;
+    scanAdrl(scanRange: {
+        base: NativePointer;
+        size: number;
+    }, maxGapToAdd?: number): Adrl[];
+    scanAdrlSlow(scanRange: {
+        base: NativePointer;
+        size: number;
+    }, maxGapToAdd?: number): Adrl[];
+    verify(p: NativePointer, maxGapToAdd?: number): Adrl | null;
+    scanAdr(): Adrl[];
+}
+type JumpScanRes = {
+    src: InstructionSequence;
+    insn: Arm64Instruction;
+    next: NativePointer;
+};
+export declare class Adrl extends InstructionSequence {
+    readonly adrpInsn: Arm64Instruction;
+    private addInsn?;
+    constructor(adrp: Arm64Instruction, add?: Arm64Instruction);
+    get instruction(): Arm64Instruction;
+    scanBL(base?: NativePointer, maxGap?: number): JumpScanRes | null;
+    getTarget(mustFoundAdd?: boolean, maxGapToAdd?: number): NativePointer | null;
+}
+export {};