js-confuser 1.5.8 → 1.6.0

package/src/transforms/es5/es5.ts

@@ -7,14 +7,10 @@ import {
   BlockStatement,
   ReturnStatement,
   CallExpression,
-  ObjectExpression,
-  ArrayExpression,
   ThisExpression,
-  Property,
 } from "../../util/gen";
-import { clone, getBlockBody, prepend } from "../../util/insert";
-import { isBlock, getBlock, walk } from "../../traverse";
-import Template from "../../templates/template";
+import { clone, prepend } from "../../util/insert";
+import { isBlock, walk } from "../../traverse";
 import { ObfuscateOrder } from "../../order";
 import { ok } from "assert";
 import { reservedKeywords } from "../../constants";
@@ -23,6 +19,7 @@ import AntiTemplate from "./antiTemplate";
 import AntiClass from "./antiClass";
 import AntiES6Object from "./antiES6Object";
 import AntiSpreadOperator from "./antiSpreadOperator";
+import { ES5Template } from "../../templates/es5";
 
 /**
  * `Const` and `Let` are not allowed in ES5.
@@ -96,24 +93,40 @@ export class AntiArrowFunction extends Transform {
   }
 }
 
-class FixedExpressions extends Transform {
+/**
+ * The ES5 options aims to convert ES6 and up features down to ES5-compatible code.
+ *
+ * The obfuscator regularly adds ES6 code (variable destructuring, spread element, etc.)
+ * This transformations goal is undo only these things.
+ */
+export default class ES5 extends Transform {
   constructor(o) {
-    super(o);
+    super(o, ObfuscateOrder.ES5);
+
+    this.before.push(new AntiClass(o));
+    this.before.push(new AntiTemplate(o));
+    this.before.push(new AntiSpreadOperator(o));
+    this.before.push(new AntiES6Object(o));
+    this.before.push(new AntiArrowFunction(o));
+    this.before.push(new AntiDestructuring(o));
+    this.before.push(new AntiConstLet(o));
   }
 
-  match(object, parents) {
-    return true;
+  apply(tree: Node) {
+    super.apply(tree);
+
+    var nodesToAdd = ES5Template.compile();
+    prepend(tree, ...nodesToAdd);
   }
 
-  transform(object, parents) {
-    return () => {
-      if (
-        object.type == "ForStatement" &&
-        object.init.type == "ExpressionStatement"
-      ) {
-        object.init = object.init.expression;
-      }
+  // FixedExpressions
+  match(object: Node, parents: Node[]) {
+    return !!object.type;
+  }
 
+  transform(object: Node, parents: Node[]) {
+    return () => {
+      // Object.keyword -> Object["keyword"]
       if (object.type == "MemberExpression") {
         if (!object.computed && object.property.type == "Identifier") {
           if (reservedKeywords.has(object.property.name)) {
@@ -123,6 +136,7 @@ class FixedExpressions extends Transform {
         }
       }
 
+      // { keyword: ... } -> { "keyword": ... }
       if (object.type == "Property") {
         if (!object.computed && object.key.type == "Identifier") {
           if (reservedKeywords.has(object.key.name)) {
@@ -133,62 +147,3 @@ class FixedExpressions extends Transform {
     };
   }
 }
-
-export default class ES5 extends Transform {
-  constructor(o) {
-    super(o, ObfuscateOrder.ES5);
-
-    this.before.push(new AntiClass(o));
-    this.before.push(new AntiTemplate(o));
-    this.before.push(new AntiSpreadOperator(o));
-    this.before.push(new AntiES6Object(o));
-    this.before.push(new AntiArrowFunction(o));
-    this.before.push(new AntiDestructuring(o));
-    this.before.push(new AntiConstLet(o));
-
-    this.concurrent.push(new FixedExpressions(o));
-  }
-
-  match(object: Node, parents: Node[]) {
-    return object.type == "Program";
-  }
-
-  transform(object: Node, parents: Node[]) {
-    var block = getBlock(object, parents);
-
-    getBlockBody(block).splice(
-      0,
-      0,
-      ...Template(`
-    !Array.prototype.forEach ? Array.prototype.forEach = function (callback, thisArg) {
-      thisArg = thisArg;
-      for (var i = 0; i < this.length; i++) {
-          callback.call(thisArg, this[i], i, this);
-      }
-    } : 0;
-  
-    !Array.prototype.map ? Array.prototype.map = function (callback, thisArg) {
-      thisArg = thisArg;
-      var array=[];
-      for (var i = 0; i < this.length; i++) {
-        array.push( callback.call(thisArg, this[i], i, this) );
-      }
-      return array;
-    } : 0;
-
-    !Array.prototype.reduce ? Array.prototype.reduce = function(fn, initial) {
-      var values = this;
-      if ( typeof initial === "undefined" ) {
-        initial = 0;
-      }
-
-      values.forEach(function(item, index){
-        initial = fn(initial, item, index, this);
-      });
-
-      return initial;
-    } : 0;
-  `).compile()
-    );
-  }
-}

package/src/transforms/eval.ts

@@ -28,6 +28,24 @@ export default class Eval extends Transform {
   }
 
   transform(object, parents) {
+    // Don't apply to getter/setters or class methods
+    if (parents[0]) {
+      if (
+        parents[0].type === "MethodDefinition" &&
+        parents[0].value === object
+      ) {
+        return;
+      }
+
+      if (
+        parents[0].type === "Property" &&
+        parents[0].value === object &&
+        (parents[0].kind !== "init" || parents[0].method)
+      ) {
+        return;
+      }
+    }
+
     if (
       !ComputeProbabilityMap(
         this.options.eval,

package/src/transforms/extraction/duplicateLiteralsRemoval.ts

@@ -28,7 +28,7 @@ import { ObfuscateOrder } from "../../order";
 import { isModuleSource } from "../string/stringConcealing";
 import { ComputeProbabilityMap } from "../../probability";
 import { ok } from "assert";
-import { choice, getRandomInteger } from "../../util/random";
+import { chance, choice, getRandomInteger } from "../../util/random";
 
 /**
  * [Duplicate Literals Removal](https://docs.jscrambler.com/code-integrity/documentation/transformations/duplicate-literals-removal) replaces duplicate literals with a variable name.
@@ -159,7 +159,7 @@ export default class DuplicateLiteralsRemoval extends Transform {
       var body = [];
       var thisShift = getRandomInteger(-250, 250);
       // the name of the getter
-      getterName = this.getPlaceholder();
+      getterName = this.getPlaceholder() + "_dLR_" + this.fnGetters.size;
 
       if (basedOn) {
         var shift = this.fnShifts.get(basedOn);
@@ -233,6 +233,9 @@ export default class DuplicateLiteralsRemoval extends Transform {
         return;
       }
 
+      // HARD CODED LIMIT of 10,000 (after 1,000 elements)
+      if (this.map.size > 1000 && !chance(this.map.size / 100)) return;
+
       if (
         this.arrayName &&
         parents[0].object &&
@@ -268,20 +271,20 @@ export default class DuplicateLiteralsRemoval extends Transform {
           this.arrayExpression = ArrayExpression([]);
         }
 
-        var first = this.first.get(value);
-        if (first) {
+        var firstLocation = this.first.get(value);
+        if (firstLocation) {
           this.first.set(value, null);
           var index = this.map.size;
 
           ok(!this.map.has(value));
           this.map.set(value, index);
 
-          this.toCaller(first[0], first[1], index);
-
           var pushing = clone(object);
           this.arrayExpression.elements.push(pushing);
 
           ok(this.arrayExpression.elements[index] === pushing);
+
+          this.toCaller(firstLocation[0], firstLocation[1], index);
         }
 
         var index = this.map.get(value);

package/src/transforms/extraction/objectExtraction.ts

@@ -100,11 +100,18 @@ export default class ObjectExtraction extends Transform {
               );
 
               if (nonInitOrComputed) {
-                this.log(
-                  name +
-                    " has non-init/computed property: " +
-                    nonInitOrComputed.key.name || nonInitOrComputed.key.value
-                );
+                if (nonInitOrComputed.key) {
+                  this.log(
+                    name +
+                      " has non-init/computed property: " +
+                      nonInitOrComputed.key.name || nonInitOrComputed.key.value
+                  );
+                } else {
+                  this.log(
+                    name + " has spread-element or other type of property"
+                  );
+                }
+
                 illegal.add(name);
                 return;
               } else {

package/src/transforms/finalizer.ts

@@ -0,0 +1,75 @@
+import { ObfuscateOrder } from "../order";
+import { ExitCallback } from "../traverse";
+import { Identifier, Node } from "../util/gen";
+import StringEncoding from "./string/stringEncoding";
+import Transform from "./transform";
+
+/**
+ * The Finalizer is the last transformation before the code is ready to be generated.
+ *
+ * Hexadecimal numbers:
+ * - Convert integer literals into `Identifier` nodes with the name being a hexadecimal number
+ *
+ * BigInt support:
+ * - Convert BigInt literals into `Identifier` nodes with the name being the raw BigInt string value + "n"
+ *
+ * String Encoding:
+ * - Convert String literals into `Identifier` nodes with the name being a unicode escaped string
+ */
+export default class Finalizer extends Transform {
+  stringEncoding: StringEncoding;
+
+  constructor(o) {
+    super(o, ObfuscateOrder.Finalizer);
+
+    this.stringEncoding = new StringEncoding(o);
+  }
+
+  isNumberLiteral(object: Node) {
+    return (
+      object.type === "Literal" &&
+      typeof object.value === "number" &&
+      Math.floor(object.value) === object.value
+    );
+  }
+
+  isBigIntLiteral(object: Node) {
+    return object.type === "Literal" && typeof object.value === "bigint";
+  }
+
+  match(object, parents) {
+    return object.type === "Literal";
+  }
+
+  transform(object: Node, parents: Node[]): void | ExitCallback {
+    // Hexadecimal Numbers
+    if (this.options.hexadecimalNumbers && this.isNumberLiteral(object)) {
+      return () => {
+        // Technically, a Literal will never be negative because it's supposed to be inside a UnaryExpression with a "-" operator.
+        // This code handles it regardless
+        var isNegative = object.value < 0;
+        var hex = Math.abs(object.value).toString(16);
+
+        var newStr = (isNegative ? "-" : "") + "0x" + hex;
+
+        this.replace(object, Identifier(newStr));
+      };
+    }
+
+    // BigInt support
+    if (this.isBigIntLiteral(object)) {
+      // https://github.com/MichaelXF/js-confuser/issues/79
+      return () => {
+        // Use an Identifier with the raw string
+        this.replace(object, Identifier(object.raw));
+      };
+    }
+
+    if (
+      this.options.stringEncoding &&
+      this.stringEncoding.match(object, parents)
+    ) {
+      return this.stringEncoding.transform(object, parents);
+    }
+  }
+}