js-confuser 1.5.9 → 1.7.0

package/dist/transforms/rgf.js

@@ -15,9 +15,7 @@ var _order = require("../order");
 
 var _probability = require("../probability");
 
-var _template = _interopRequireDefault(require("../templates/template"));
-
-var _traverse = _interopRequireWildcard(require("../traverse"));
+var _traverse = require("../traverse");
 
 var _gen = require("../util/gen");
 
@@ -25,16 +23,12 @@ var _identifiers = require("../util/identifiers");
 
 var _insert = require("../util/insert");
 
-var _random = require("../util/random");
-
 var _transform = _interopRequireDefault(require("./transform"));
 
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
-
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 
+function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
+
 /**
  * Converts function to `new Function("..code..")` syntax as an alternative to `eval`. Eval is disabled in many environments.
  *
@@ -43,286 +37,184 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
  * Rigorous checks are in place to only include pure functions.
  *
  * `flatten` can attempt to make function reference-less. Recommended to have flatten enabled with RGF.
- *
- * | Mode | Description |
- * | --- | --- |
- * | `"all"` | Applies to all scopes |
- * | `true` | Applies to the top level only |
- * | `false` | Feature disabled |
  */
 class RGF extends _transform.default {
+  // Array of all the `new Function` calls
+  // The name of the array holding all the `new Function` expressions
   constructor(o) {
     super(o, _order.ObfuscateOrder.RGF);
+
+    _defineProperty(this, "arrayExpressionElements", void 0);
+
+    _defineProperty(this, "arrayExpressionName", void 0);
+
+    this.arrayExpressionName = this.getPlaceholder() + "_rgf";
+    this.arrayExpressionElements = [];
+  }
+
+  apply(tree) {
+    super.apply(tree); // Only add the array if there were converted functions
+
+    if (this.arrayExpressionElements.length > 0) {
+      (0, _insert.prepend)(tree, (0, _gen.VariableDeclaration)((0, _gen.VariableDeclarator)((0, _gen.Identifier)(this.arrayExpressionName), (0, _gen.ArrayExpression)(this.arrayExpressionElements))));
+    }
   }
 
   match(object, parents) {
-    return (0, _insert.isVarContext)(object) && object.type !== "ArrowFunctionExpression";
+    return (object.type === "FunctionDeclaration" || object.type === "FunctionExpression") && // Does not apply to Arrow functions
+    !object.async && // Does not apply to async/generator functions
+    !object.generator;
   }
 
-  transform(contextObject, contextParents) {
-    return () => {
-      var isGlobal = contextObject.type == "Program";
-      var value = (0, _probability.ComputeProbabilityMap)(this.options.rgf, x => x, isGlobal);
+  transform(object, parents) {
+    var _this$options$lock, _object$id;
 
-      if (value !== "all" && !isGlobal) {
+    // Discard getter/setter methods
+    if (parents[0].type === "Property" && parents[0].value === object) {
+      if (parents[0].method || parents[0].kind === "get" || parents[0].kind === "set") {
         return;
       }
+    } // Discard class methods
 
-      var collect = [];
-      var queue = [];
-      var names = new Map();
-      var referenceSignatures = {};
-      var definingNodes = new Map();
-      (0, _traverse.walk)(contextObject, contextParents, (object, parents) => {
-        if (object !== contextObject && (0, _insert.isFunction)(object) && !object.$requiresEval && !object.async && !object.generator && (0, _insert.getVarContext)(parents[0], parents.slice(1)) === contextObject) {
-          var _this$options$lock;
-
-          // Discard getter/setter methods
-          if (parents[0].type === "Property" && parents[0].value === object) {
-            if (parents[0].method || parents[0].kind === "get" || parents[0].kind === "set") {
-              return;
-            }
-          } // Discard class methods
 
+    if (parents[0].type === "MethodDefinition" && parents[0].value === object) {
+      return;
+    } // Avoid applying to the countermeasures function
 
-          if (parents[0].type === "MethodDefinition" && parents[0].value === object) {
-            return;
-          } // Avoid applying to the countermeasures function
 
+    if (typeof ((_this$options$lock = this.options.lock) === null || _this$options$lock === void 0 ? void 0 : _this$options$lock.countermeasures) === "string") {
+      // function countermeasures(){...}
+      if (object.type === "FunctionDeclaration" && object.id.type === "Identifier" && object.id.name === this.options.lock.countermeasures) {
+        return;
+      } // var countermeasures = function(){...}
 
-          if (typeof ((_this$options$lock = this.options.lock) === null || _this$options$lock === void 0 ? void 0 : _this$options$lock.countermeasures) === "string") {
-            // function countermeasures(){...}
-            if (object.type === "FunctionDeclaration" && object.id.type === "Identifier" && object.id.name === this.options.lock.countermeasures) {
-              return;
-            } // var countermeasures = function(){...}
 
+      if (parents[0].type === "VariableDeclarator" && parents[0].init === object && parents[0].id.type === "Identifier" && parents[0].id.name === this.options.lock.countermeasures) {
+        return;
+      }
+    } // Check user option
 
-            if (parents[0].type === "VariableDeclarator" && parents[0].init === object && parents[0].id.type === "Identifier" && parents[0].id.name === this.options.lock.countermeasures) {
-              return;
-            }
+
+    if (!(0, _probability.ComputeProbabilityMap)(this.options.rgf, x => x, object === null || object === void 0 ? void 0 : (_object$id = object.id) === null || _object$id === void 0 ? void 0 : _object$id.name)) return; // Discard functions that use 'eval' function
+
+    if (object.$requiresEval) return; // Check for 'this', 'arguments' (not allowed!)
+
+    var isIllegal = false;
+    (0, _traverse.walk)(object, parents, (o, p) => {
+      if (o.type === "ThisExpression" || o.type === "Super" || o.type === "Identifier" && o.name === "arguments") {
+        isIllegal = true;
+        return "EXIT";
+      }
+    });
+    if (isIllegal) return;
+    return () => {
+      // Make sure function is 'reference-less'
+      var definedMap = new Map();
+      var isReferenceLess = true;
+      var identifierPreventingTransformation;
+      (0, _traverse.walk)(object, parents, (o, p) => {
+        if (o.type === "Identifier" && !_constants.reservedIdentifiers.has(o.name) && !this.options.globalVariables.has(o.name)) {
+          var info = (0, _identifiers.getIdentifierInfo)(o, p);
+
+          if (!info.spec.isReferenced) {
+            return;
           }
 
-          var defined = new Set(),
-              referenced = new Set();
-          var isBound = false;
-          /**
-           * The fnTraverses serves two important purposes
-           *
-           * - Identify all the variables referenced and defined here
-           * - Identify is the 'this' keyword is used anywhere
-           *
-           * @param o
-           * @param p
-           * @returns
-           */
-
-          const fnTraverser = (o, p) => {
-            if (o.type == "Identifier" && !_constants.reservedIdentifiers.has(o.name) && !this.options.globalVariables.has(o.name)) {
-              var info = (0, _identifiers.getIdentifierInfo)(o, p);
-
-              if (!info.spec.isReferenced) {
-                return;
-              }
+          if (info.spec.isDefined) {
+            // Add to defined map
+            var definingContext = (0, _insert.getDefiningContext)(o, p);
 
-              if (info.spec.isDefined && (0, _insert.getDefiningContext)(o, p) === object) {
-                defined.add(o.name);
-              } else {
-                referenced.add(o.name);
+            if (!definedMap.has(definingContext)) {
+              definedMap.set(definingContext, new Set([o.name]));
+            } else {
+              definedMap.get(definingContext).add(o.name);
+            }
+          } else {
+            // This approach is dirty and does not account for hoisted FunctionDeclarations
+            var isDefinedAbove = false;
+
+            for (var pNode of p) {
+              if (definedMap.has(pNode)) {
+                if (definedMap.get(pNode).has(o.name)) {
+                  isDefinedAbove = true;
+                  break;
+                }
               }
             }
 
-            if (o.type == "ThisExpression" || o.type == "Super") {
-              isBound = true;
+            if (!isDefinedAbove) {
+              isReferenceLess = false;
+              identifierPreventingTransformation = o.name;
+              return "EXIT";
             }
-          };
-
-          (0, _traverse.walk)(object.params, [object, ...parents], fnTraverser);
-          (0, _traverse.walk)(object.body, [object, ...parents], fnTraverser);
-
-          if (!isBound) {
-            var _object$id;
-
-            defined.forEach(identifier => {
-              referenced.delete(identifier);
-            });
-            object.params.forEach(param => {
-              referenced.delete(param.name);
-            });
-            collect.push({
-              location: [object, parents],
-              references: referenced,
-              name: (_object$id = object.id) === null || _object$id === void 0 ? void 0 : _object$id.name
-            });
           }
         }
-      });
+      }); // This function is not 'reference-less', cannot be RGF'd
+
+      if (!isReferenceLess) {
+        if (object.id) {
+          var _object$id2;
+
+          this.log("".concat(object === null || object === void 0 ? void 0 : (_object$id2 = object.id) === null || _object$id2 === void 0 ? void 0 : _object$id2.name, "() cannot be transformed because of ").concat(identifierPreventingTransformation));
+        }
 
-      if (!collect.length) {
         return;
-      }
+      } // Since `new Function` is completely isolated, create an entire new obfuscator and run remaining transformations.
+      // RGF runs early and needs completed code before converting to a string.
+      // (^ the variables haven't been renamed yet)
 
-      var miss = 0;
-      var start = collect.length * 2;
-
-      while (true) {
-        var hit = false;
-        collect.forEach(_ref => {
-          let {
-            name,
-            references: references1,
-            location: location1
-          } = _ref;
-
-          if (!references1.size && name) {
-            collect.forEach(o => {
-              if (o.location[0] !== location1[0] && o.references.size && o.references.delete(name)) {
-                // console.log(collect);
-                hit = true;
-              }
-            });
-          }
-        });
 
-        if (hit) {
-          miss = 0;
-        } else {
-          miss++;
-        }
+      var obfuscator = new _obfuscator.default({ ...this.options,
+        stringEncoding: false,
+        compact: true
+      });
 
-        if (miss > start) {
-          break;
-        }
+      if (obfuscator.options.lock) {
+        delete obfuscator.options.lock.countermeasures;
       }
 
-      queue = [];
-      collect.forEach(o => {
-        if (!o.references.size) {
-          var [object, parents] = o.location;
-          queue.push([object, parents]);
-
-          if (object.type == "FunctionDeclaration" && typeof object.id.name === "string") {
-            var index = names.size;
-            names.set(object.id.name, index);
-            referenceSignatures[index] = (0, _random.getRandomString)(10);
-            definingNodes.set(object.id.name, object.id);
-          }
-        }
+      var transforms = obfuscator.array.filter(x => x.priority > this.priority);
+      var embeddedFunctionName = this.getPlaceholder();
+      var embeddedFunction = {
+        type: "FunctionDeclaration",
+        id: (0, _gen.Identifier)(embeddedFunctionName),
+        body: (0, _gen.BlockStatement)([...object.body.body]),
+        params: object.params,
+        async: false,
+        generator: false
+      };
+      var tree = {
+        type: "Program",
+        body: [embeddedFunction, (0, _gen.ReturnStatement)((0, _gen.CallExpression)((0, _gen.MemberExpression)((0, _gen.Identifier)(embeddedFunctionName), (0, _gen.Literal)("apply"), true), [(0, _gen.ThisExpression)(), (0, _gen.Identifier)("arguments")]))]
+      };
+      transforms.forEach(transform => {
+        transform.apply(tree);
       });
+      var toString = (0, _compiler.compileJsSync)(tree, obfuscator.options); // new Function(code)
 
-      if (!queue.length) {
-        return;
-      } // An array containing all the function declarations
-
-
-      var referenceArray = "_" + (0, _random.getRandomString)(10);
-      (0, _traverse.walk)(contextObject, contextParents, (o, p) => {
-        if (o.type == "Identifier" && !_constants.reservedIdentifiers.has(o.name)) {
-          var index = names.get(o.name);
-
-          if (typeof index === "number") {
-            var info = (0, _identifiers.getIdentifierInfo)(o, p);
-
-            if (info.spec.isReferenced && !info.spec.isDefined) {
-              var location = (0, _identifiers.getDefiningIdentifier)(o, p);
-
-              if (location) {
-                var pointingTo = location[0];
-                var shouldBe = definingNodes.get(o.name); // console.log(pointingTo, shouldBe);
-
-                if (pointingTo == shouldBe) {
-                  this.log(o.name, "->", "".concat(referenceArray, "[").concat(index, "]"));
-                  var memberExpression = (0, _gen.MemberExpression)((0, _gen.Identifier)(referenceArray), (0, _gen.Literal)(index), true); // Allow re-assignment to the RGF function
-
-                  if (p[0] && p[0].type === "AssignmentExpression" && p[0].left === o) {
-                    // fn = ...
-                    this.replace(o, memberExpression);
-                  } else {
-                    // fn()
-                    // fn
-                    // In most cases the identifier is being used like this (call expression, or referenced to be called later)
-                    // Replace it with a simple wrapper function that will pass on the reference array
-                    var conditionalExpression = (0, _gen.ConditionalExpression)((0, _template.default)("typeof ".concat(referenceArray, "[").concat(index, "] === \"function\" && ").concat(referenceArray, "[").concat(index, "][\"").concat(referenceSignatures[index] || "_", "\"]")).single().expression, (0, _gen.FunctionExpression)([], [(0, _gen.ReturnStatement)( // clone() is required!
-                    (0, _gen.CallExpression)((0, _insert.clone)(memberExpression), [(0, _gen.Identifier)(referenceArray), (0, _gen.SpreadElement)((0, _gen.Identifier)("arguments"))]))]), memberExpression);
-                    this.replace(o, conditionalExpression);
-                  }
-                }
-              }
-            }
-          }
-        }
-      });
-      var arrayExpression = (0, _gen.ArrayExpression)([]);
-      var variableDeclaration = (0, _gen.VariableDeclaration)([(0, _gen.VariableDeclarator)((0, _gen.Identifier)(referenceArray), arrayExpression)]);
-      (0, _insert.prepend)(contextObject, variableDeclaration);
-      queue.forEach(_ref2 => {
-        var _object$id2;
-
-        let [object, parents] = _ref2;
-        var name = object === null || object === void 0 ? void 0 : (_object$id2 = object.id) === null || _object$id2 === void 0 ? void 0 : _object$id2.name;
-        var signature = referenceSignatures[names.get(name)];
-        var embeddedName = name || this.getPlaceholder(); // Since `new Function` is completely isolated, create an entire new obfuscator and run remaining transformations.
-        // RGF runs early and needs completed code before converting to a string.
-        // (^ the variables haven't been renamed yet)
-
-        var obfuscator = new _obfuscator.default({ ...this.options,
-          rgf: false,
-          globalVariables: new Set([...this.options.globalVariables, referenceArray]),
-          lock: {
-            integrity: false
-          },
-          eval: false,
-          hideInitializingCode: false,
-          stringEncoding: false
-        });
-        var transforms = Object.values(obfuscator.transforms).filter(x => x.priority > this.priority);
-        var embeddedFunction = { ...object,
-          type: "FunctionDeclaration",
-          id: (0, _gen.Identifier)(embeddedName)
-        };
-        var tree = {
-          type: "Program",
-          body: [embeddedFunction, (0, _gen.ReturnStatement)((0, _gen.CallExpression)((0, _gen.MemberExpression)((0, _gen.Identifier)(embeddedName), (0, _gen.Literal)("call"), true), [(0, _gen.Identifier)("undefined"), (0, _gen.SpreadElement)((0, _template.default)("Array.prototype.slice.call(arguments, 1)").single().expression)]))]
-        };
-        tree.__hiddenDeclarations = (0, _gen.VariableDeclaration)((0, _gen.VariableDeclarator)(referenceArray));
-        tree.__hiddenDeclarations.hidden = true;
-        tree.__hiddenDeclarations.declarations[0].id.hidden = true;
-        transforms.forEach(transform => {
-          transform.apply(tree);
-        }); // Find eval callbacks
-
-        (0, _traverse.default)(tree, (o, p) => {
-          if (o.$eval) {
-            return () => {
-              o.$eval(o, p);
-            };
-          }
-        });
-        var toString = (0, _compiler.compileJsSync)(tree, this.options);
-        var newFunction = (0, _gen.NewExpression)((0, _gen.Identifier)("Function"), [(0, _gen.Literal)(referenceArray), (0, _gen.Literal)(toString)]);
+      var newFunctionExpression = (0, _gen.NewExpression)((0, _gen.Identifier)("Function"), [(0, _gen.Literal)(toString)]); // The index where this function is placed in the array
 
-        function applySignature(fn) {
-          if (!signature) {
-            return fn;
-          } // This code marks the function object with a unique property
+      var newFunctionExpressionIndex = this.arrayExpressionElements.length; // Add it to the array
 
+      this.arrayExpressionElements.push(newFunctionExpression); // The member expression to retrieve this function
 
-          return (0, _gen.CallExpression)((0, _gen.FunctionExpression)([], [(0, _gen.VariableDeclaration)((0, _gen.VariableDeclarator)("fn", fn)), (0, _gen.ExpressionStatement)((0, _gen.AssignmentExpression)("=", (0, _gen.MemberExpression)((0, _gen.Identifier)("fn"), (0, _gen.Literal)(signature), true), (0, _gen.Literal)(true))), (0, _gen.ReturnStatement)((0, _gen.Identifier)("fn"))]), []);
-        }
+      var memberExpression = (0, _gen.MemberExpression)((0, _gen.Identifier)(this.arrayExpressionName), (0, _gen.Literal)(newFunctionExpressionIndex), true); // Replace based on type
+      // (1) Function Declaration:
+      // - Replace body with call to new function
 
-        if (object.type === "FunctionDeclaration") {
-          arrayExpression.elements[names.get(name)] = applySignature(newFunction);
+      if (object.type === "FunctionDeclaration") {
+        object.body = (0, _gen.BlockStatement)([(0, _gen.ReturnStatement)((0, _gen.CallExpression)((0, _gen.MemberExpression)(memberExpression, (0, _gen.Literal)("apply"), true), [(0, _gen.ThisExpression)(), (0, _gen.Identifier)("arguments")]))]); // The parameters are no longer needed ('arguments' is used to capture them)
 
-          if (Array.isArray(parents[0])) {
-            parents[0].splice(parents[0].indexOf(object), 1);
-          } else {
-            this.error(new Error("Error deleting function declaration: " + parents.map(x => x.type).join(",")));
-          }
-        } else {
-          // The wrapper function passes the reference array around
-          var wrapperFunction = (0, _gen.FunctionExpression)([], [(0, _gen.ReturnStatement)((0, _gen.CallExpression)((0, _gen.MemberExpression)(newFunction, (0, _gen.Literal)("call"), true), [(0, _gen.Identifier)("undefined"), (0, _gen.Identifier)(referenceArray), (0, _gen.SpreadElement)((0, _gen.Identifier)("arguments"))]))]);
-          this.replace(object, applySignature(wrapperFunction));
-        }
-      });
+        object.params = [];
+        return;
+      } // (2) Function Expression:
+      // - Replace expression with member expression pointing to new function
+
+
+      if (object.type === "FunctionExpression") {
+        this.replace(object, memberExpression);
+        return;
+      }
     };
   }