js-confuser-vm 0.0.4 → 0.0.5

package/dist/transforms/runtime/specializedOpcodes.js

@@ -0,0 +1,102 @@
+import * as t from "@babel/types";
+import traverseImport from "@babel/traverse";
+import { ok } from "assert";
+const traverse = traverseImport.default || traverseImport;
+
+// Extract the real statement list from a SwitchCase consequent (identical to the
+// helper used by applyMacroOpcodes so the two files stay in sync).
+function extractCaseBody(switchCase) {
+  let stmts;
+  if (switchCase.consequent.length === 1 && t.isBlockStatement(switchCase.consequent[0])) {
+    stmts = switchCase.consequent[0].body;
+  } else {
+    stmts = switchCase.consequent;
+  }
+  return stmts.filter(s => !t.isBreakStatement(s) && !t.isEmptyStatement(s));
+}
+
+// Inline a fixed numeric operand in place of every `this._operand()` call.
+// Because specialized opcodes are only created for instructions that have
+// *exactly one* numeric operand, every `_operand()` call inside the original
+// handler is replaced by the constant value that was baked into the opcode.
+function inlineFixedOperand(bodyStmts, resolvedValue) {
+  // Wrap the statements in a temporary BlockStatement so traverse has a root.
+  // The replacement mutates the original statement objects in place.
+  traverse(t.blockStatement(bodyStmts), {
+    noScope: true,
+    CallExpression(path) {
+      const callee = path.node.callee;
+      if (t.isMemberExpression(callee) && t.isThisExpression(callee.object) && t.isIdentifier(callee.property, {
+        name: "_operand"
+      }) && path.node.arguments.length === 0) {
+        path.replaceWith(t.numericLiteral(resolvedValue));
+      }
+    }
+  });
+}
+
+// Append a generated switch case for every entry in compiler.SPECIALIZED_OPS.
+// Each case is a clone of the original opcode’s handler with `this._operand()`
+// replaced by the constant integer that was captured at compile time.
+// Must be called AFTER applyMacroOpcodes (so the original cases exist) but
+// BEFORE applyShuffleOpcodes so the new specialized cases also get shuffled.
+export function applySpecializedOpcodes(ast, bytecode, compiler) {
+  let switchStatement = null;
+  traverse(ast, {
+    SwitchStatement(path) {
+      if (path.node.leadingComments?.some(c => c.value.includes("@SWITCH"))) {
+        switchStatement = path.node;
+        path.stop();
+      }
+    }
+  });
+  ok(switchStatement, "Could not find @SWITCH statement for specialized opcodes");
+
+  // Build a map  opName → SwitchCase  from the existing OP.xxx case tests.
+  const nameToCaseMap = new Map();
+  for (const sc of switchStatement.cases) {
+    const test = sc.test;
+    if (test && t.isMemberExpression(test) && t.isIdentifier(test.object, {
+      name: "OP"
+    }) && t.isIdentifier(test.property)) {
+      nameToCaseMap.set(test.property.name, sc);
+    }
+  }
+  if (!compiler.SPECIALIZED_OPS) return;
+  for (const [specialOpStr, info] of Object.entries(compiler.SPECIALIZED_OPS)) {
+    const specialOpCode = Number(specialOpStr);
+    const {
+      originalOp,
+      operand
+    } = info;
+    const newName = compiler.OP_NAME[specialOpCode];
+    const originalName = compiler.OP_NAME[originalOp];
+    if (!originalName) continue;
+    const originalCase = nameToCaseMap.get(originalName);
+    if (!originalCase) continue;
+
+    // Clone the original handler body
+    const bodyStmts = extractCaseBody(originalCase).map(s => t.cloneNode(s, true));
+    const placedOperand = info.resolvedOperand || {
+      resolvedValue: 1337
+    };
+    ok(placedOperand !== undefined, `Could not find operand for original opcode ${newName}`);
+    const resolvedValue = placedOperand?.resolvedValue ?? placedOperand;
+    if (typeof resolvedValue !== "number") {
+      console.error(resolvedValue);
+    }
+    ok(typeof resolvedValue === "number", "Expected a numeric operand value");
+
+    // Replace this._operand() with the baked-in constant
+    inlineFixedOperand(bodyStmts, resolvedValue);
+
+    // Add a leading comment so the generated source stays readable
+    if (bodyStmts.length > 0) {
+      t.addComment(bodyStmts[0], "leading", ` ${compiler.OP_NAME[specialOpCode]} (specialized)`, true);
+    }
+    bodyStmts.push(t.breakStatement());
+
+    // Insert the new specialized case into the big switch
+    switchStatement.cases.push(t.switchCase(t.numericLiteral(specialOpCode), [t.blockStatement(bodyStmts)]));
+  }
+}

package/dist/transforms/utils/op-utils.js

@@ -0,0 +1,25 @@
+import { getRandomInt } from "./random-utils.js";
+export const U16_MAX = 0xffff; // bytecode operands are u16
+
+/** Returns the next free opcode slot, or -1 when the space is exhausted. */
+export function nextFreeSlot(usedOpcodes) {
+  if (usedOpcodes.size > U16_MAX) return -1;
+  let attempts = 0;
+  while (attempts++ < 512) {
+    const candidate = getRandomInt(0, U16_MAX);
+    if (!usedOpcodes.has(candidate)) {
+      usedOpcodes.add(candidate);
+      return candidate;
+    }
+  }
+  // Fallback: linear scan from a random start
+  const start = getRandomInt(0, U16_MAX);
+  for (let i = 0; i <= U16_MAX; i++) {
+    const v = start + i & U16_MAX;
+    if (!usedOpcodes.has(v)) {
+      usedOpcodes.add(v);
+      return v;
+    }
+  }
+  return -1;
+}

package/dist/transforms/utils/random-utils.js

@@ -0,0 +1,27 @@
+import { ok } from "assert";
+export function getPlaceholder() {
+  return Math.random().toString(36).substring(2, 15);
+}
+export function choice(elements) {
+  ok(elements.length > 0, "choice() called on empty sequence");
+  return elements[Math.floor(Math.random() * elements.length)];
+}
+export function getRandom() {
+  return Math.random();
+}
+export function getRandomInt(min, max) {
+  ok(min <= max, "min must be <= max");
+  return Math.floor(Math.random() * (max - min + 1)) + min;
+}
+
+/**
+ * Shuffles an array in-place using the Fisher-Yates algorithm.
+ * @param array - The array to shuffle (mutated)
+ */
+export function shuffle(array) {
+  for (let i = array.length - 1; i > 0; i--) {
+    const j = Math.floor(Math.random() * (i + 1));
+    [array[i], array[j]] = [array[j], array[i]];
+  }
+  return array;
+}

package/dist/types.js

@@ -0,0 +1,15 @@
+// Bytecode supports both real instructions and IR pseudo-instructions
+// Real instruction: [OP.ADD, 5]  or multi-operand: [OP.MAKE_CLOSURE, labelRef, 2, 3, 0]
+// IR instruction: [null, { type: "defineLabel", label: "FN_ENTRY_1" }]
+
+// IR instructions are used to hold symbolic information during compilation
+// All "null" instructions are dropped before assembly time.
+// Instructions may carry any number of operands; the flat output serializes
+// each operand as a separate u16 slot in the bytecode array.
+
+export function constantOperand(value) {
+  return {
+    type: "constant",
+    value: value
+  };
+}

package/dist/utilts.js

@@ -0,0 +1,3 @@
+export function escapeRegex(s) {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}

package/package.json

@@ -1,15 +1,14 @@
 {
   "name": "js-confuser-vm",
-  "version": "0.0.4",
+  "version": "0.0.5",
   "main": "dist/index.js",
   "scripts": {
-    "build": "babel src --out-dir dist --extensions '.ts,.js'",
+    "build": "babel src --out-dir dist --extensions \".ts,.js\"",
     "index": "cross-env NODE_OPTIONS=\"--disable-warning=ExperimentalWarning\" node index.ts",
     "test": "cross-env NODE_OPTIONS=\"--experimental-vm-modules --experimental-strip-types --disable-warning=ExperimentalWarning\" jest --coverage --coverageReporters=html --selectProjects default",
     "test-all": "cross-env NODE_OPTIONS=\"--experimental-vm-modules --experimental-strip-types --disable-warning=ExperimentalWarning\" jest --coverage --coverageReporters=html",
     "test262": "cross-env NODE_OPTIONS=\"--experimental-vm-modules --experimental-strip-types --disable-warning=ExperimentalWarning\" node test262-scripts/run-test262.ts",
-    "prepublishOnly": "npm run build && npm run test",
-    "set-env": ""
+    "prepublishOnly": "npm run build && npm run test"
   },
   "type": "module",
   "keywords": [