package sandmark.obfuscate.buggycode;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import org.apache.bcel.generic.BranchInstruction;
import org.apache.bcel.generic.CodeExceptionGen;
import org.apache.bcel.generic.GOTO;
import org.apache.bcel.generic.IADD;
import org.apache.bcel.generic.ICONST;
import org.apache.bcel.generic.IDIV;
import org.apache.bcel.generic.IFEQ;
import org.apache.bcel.generic.ILOAD;
import org.apache.bcel.generic.IMUL;
import org.apache.bcel.generic.ISTORE;
import org.apache.bcel.generic.ISUB;
import org.apache.bcel.generic.InstructionConstants;
import org.apache.bcel.generic.InstructionHandle;
import org.apache.bcel.generic.InstructionList;
import org.apache.bcel.generic.InstructionTargeter;
import org.apache.bcel.generic.NOP;
import org.apache.bcel.generic.RET;
import org.apache.bcel.generic.Type;
import org.apache.bcel.verifier.structurals.UninitializedObjectType;
import sandmark.analysis.controlflowgraph.BasicBlock;
import sandmark.analysis.controlflowgraph.FallthroughEdge;
import sandmark.analysis.controlflowgraph.MethodCFG;
import sandmark.analysis.defuse.DUWeb;
import sandmark.analysis.defuse.DefWrapper;
import sandmark.analysis.defuse.ReachingDefs;
import sandmark.analysis.liveness.Liveness;
import sandmark.analysis.stacksimulator.Context;
import sandmark.analysis.stacksimulator.StackSimulator;
import sandmark.config.ModificationProperty;
import sandmark.config.RequisiteProperty;
import sandmark.obfuscate.MethodObfuscator;
import sandmark.program.Application;
import sandmark.program.Class;
import sandmark.program.Method;
import sandmark.util.Random;
import sandmark.util.newgraph.Edge;
import sandmark.util.opaquepredicatelib.OpaqueManager;
import sandmark.util.opaquepredicatelib.OpaquePredicateGenerator;
import sandmark.util.opaquepredicatelib.PredicateFactory;

/* loaded from: input_file:sandmark/obfuscate/buggycode/BugCode.class */
public class BugCode extends MethodObfuscator {
    private static final boolean DEBUG = false;
    private static final boolean USE_OP_LIB = true;
    private static final ModificationProperty[] mutations = {ModificationProperty.I_ADD_METHOD_CODE, ModificationProperty.I_ADD_LOCAL_VARIABLES, ModificationProperty.PERFORMANCE_DEGRADE_LOW};
    private static final RequisiteProperty[] preprohib = {ModificationProperty.I_REORDER_INSTRUCTIONS};

    private boolean containsException(BasicBlock basicBlock) {
        for (int i = 0; i < basicBlock.getInstList().size(); i++) {
            InstructionTargeter[] targeters = ((InstructionHandle) basicBlock.getInstList().get(i)).getTargeters();
            for (int i2 = 0; targeters != null && i2 < targeters.length; i2++) {
                if (targeters[i2] instanceof CodeExceptionGen) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // sandmark.obfuscate.MethodObfuscator
    public void apply(Method method) throws Exception {
        if (method.getInstructionList() == null || method.getInstructionList().size() == 0) {
            return;
        }
        InstructionList instructionList = method.getInstructionList();
        MethodCFG cfg = method.getCFG();
        BasicBlock chooseBB = chooseBB(method, cfg);
        if (chooseBB == null) {
            return;
        }
        Liveness liveness = new Liveness(method);
        int i = -1;
        DUWeb[] defUseWebs = new ReachingDefs(method).defUseWebs();
        int i2 = 0;
        while (true) {
            if (i2 >= defUseWebs.length) {
                break;
            }
            if (liveness.liveAt(defUseWebs[i2], chooseBB.getIH())) {
                boolean z = true;
                Iterator it = defUseWebs[i2].defs().iterator();
                while (it.hasNext()) {
                    if (!((DefWrapper) it.next()).getType().equals(Type.INT)) {
                        z = false;
                    }
                }
                if (z) {
                    i = defUseWebs[i2].getIndex();
                    break;
                }
            }
            i2++;
        }
        BasicBlock basicBlock = new BasicBlock(cfg);
        cfg.addNode(basicBlock);
        InstructionHandle append = instructionList.append(new NOP());
        InstructionHandle append2 = instructionList.append(new IFEQ(chooseBB.getIH()));
        basicBlock.addInst(append);
        InstructionHandle append3 = instructionList.append(InstructionConstants.ICONST_0);
        basicBlock.addInst(append3);
        basicBlock.addInst(append2);
        InstructionTargeter[] targeters = chooseBB.getIH().getTargeters();
        for (int i3 = 0; targeters != null && i3 < targeters.length; i3++) {
            targeters[i3].updateTarget(chooseBB.getIH(), append);
        }
        ((IFEQ) append2.getInstruction()).setTarget(chooseBB.getIH());
        if (i == -1) {
            i = initializeNextLocal(method, basicBlock);
        }
        BasicBlock makeCopiedBlock = makeCopiedBlock(method, cfg, chooseBB, basicBlock);
        InstructionHandle ih = makeCopiedBlock.getIH();
        for (int size = makeCopiedBlock.getInstList().size() - 1; size >= 0; size--) {
            InstructionHandle[] randomBug = getRandomBug(instructionList, i);
            for (int length = randomBug.length - 1; length >= 0; length--) {
                makeCopiedBlock.getInstList().add(size, randomBug[length]);
            }
        }
        InstructionTargeter[] targeters2 = ih.getTargeters();
        for (int i4 = 0; targeters2 != null && i4 < targeters2.length; i4++) {
            targeters2[i4].updateTarget(ih, makeCopiedBlock.getIH());
        }
        cfg.rewriteInstructionList();
        instructionList.setPositions(true);
        method.mark();
        method.removeLocalVariables();
        method.removeLineNumbers();
        PredicateFactory[] predicatesByValue = OpaqueManager.getPredicatesByValue(2);
        HashSet hashSet = new HashSet();
        OpaquePredicateGenerator opaquePredicateGenerator = null;
        while (opaquePredicateGenerator == null && hashSet.size() != predicatesByValue.length) {
            int nextInt = Random.getRandom().nextInt() % predicatesByValue.length;
            if (nextInt < 0) {
                nextInt += predicatesByValue.length;
            }
            opaquePredicateGenerator = predicatesByValue[nextInt].createInstance();
            if (!opaquePredicateGenerator.canInsertPredicate(method, append3, 2)) {
                hashSet.add(predicatesByValue[nextInt]);
                opaquePredicateGenerator = null;
            }
        }
        opaquePredicateGenerator.insertPredicate(method, append3, 2);
        append3.setInstruction(new NOP());
    }

    private InstructionHandle[] getRandomBug(InstructionList instructionList, int i) {
        Random random = Random.getRandom();
        switch (((random.nextInt() % 4) + 4) % 4) {
            case 0:
                return new InstructionHandle[]{instructionList.append(new ILOAD(i)), instructionList.append(new ICONST((((random.nextInt() % 7) + 7) % 7) - 1)), instructionList.append(new IMUL()), instructionList.append(new ISTORE(i))};
            case 1:
                return new InstructionHandle[]{instructionList.append(new ILOAD(i)), instructionList.append(new ICONST((((random.nextInt() % 7) + 7) % 7) - 1)), instructionList.append(new IADD()), instructionList.append(new ISTORE(i))};
            case 2:
                return new InstructionHandle[]{instructionList.append(new ILOAD(i)), instructionList.append(new ICONST((((random.nextInt() % 7) + 7) % 7) - 1)), instructionList.append(new ISUB()), instructionList.append(new ISTORE(i))};
            case 3:
                return new InstructionHandle[]{instructionList.append(new ILOAD(i)), instructionList.append(new ICONST((((random.nextInt() % 7) + 7) % 7) - 1)), instructionList.append(new IDIV()), instructionList.append(new ISTORE(i))};
            default:
                return null;
        }
    }

    private BasicBlock chooseBB(Method method, MethodCFG methodCFG) {
        ArrayList arrayList = new ArrayList();
        Iterator basicBlockIterator = methodCFG.basicBlockIterator();
        while (basicBlockIterator.hasNext()) {
            arrayList.add(basicBlockIterator.next());
        }
        StackSimulator stackSimulator = new StackSimulator(method);
        BasicBlock basicBlock = null;
        while (basicBlock == null && arrayList.size() > 0) {
            int randomValue = getRandomValue(arrayList.size());
            basicBlock = (BasicBlock) arrayList.get(randomValue);
            if (basicBlock.getLastInstruction().getInstruction() instanceof RET) {
                basicBlock = null;
                arrayList.remove(randomValue);
            } else if (containsException(basicBlock)) {
                basicBlock = null;
                arrayList.remove(randomValue);
            } else {
                Context instructionContext = stackSimulator.getInstructionContext(basicBlock.getLastInstruction(), false);
                int i = 0;
                while (true) {
                    if (i >= instructionContext.getStackSize()) {
                        break;
                    }
                    if (instructionContext.getStackAt(i)[0].getType() instanceof UninitializedObjectType) {
                        basicBlock = null;
                        arrayList.remove(randomValue);
                        break;
                    }
                    i++;
                }
            }
        }
        return basicBlock;
    }

    private BasicBlock makeCopiedBlock(Method method, MethodCFG methodCFG, BasicBlock basicBlock, BasicBlock basicBlock2) {
        InstructionList instructionList = method.getInstructionList();
        BasicBlock basicBlock3 = new BasicBlock(methodCFG);
        methodCFG.addNode(basicBlock3);
        ArrayList instList = basicBlock.getInstList();
        for (int i = 0; i < instList.size(); i++) {
            InstructionHandle instructionHandle = (InstructionHandle) instList.get(i);
            if (instructionHandle.getInstruction() instanceof BranchInstruction) {
                BranchInstruction branchInstruction = (BranchInstruction) instructionHandle.getInstruction();
                BranchInstruction branchInstruction2 = (BranchInstruction) branchInstruction.copy();
                branchInstruction2.setTarget(branchInstruction.getTarget());
                basicBlock3.addInst(instructionList.append(branchInstruction2));
            } else {
                basicBlock3.addInst(instructionList.append(instructionHandle.getInstruction().copy()));
            }
        }
        InstructionHandle next = basicBlock.getLastInstruction().getNext();
        if (next != null && !methodCFG.edgeIsFallthrough(basicBlock, methodCFG.getBlock(next))) {
            next = null;
        }
        BasicBlock basicBlock4 = null;
        if (next != null) {
            basicBlock4 = new BasicBlock(methodCFG);
            basicBlock4.addInst(instructionList.append((BranchInstruction) new GOTO(next)));
        }
        if (basicBlock.fallthroughFrom() != null) {
            basicBlock.fallthroughFrom().setFallthrough(basicBlock2);
        }
        basicBlock2.setFallthrough(basicBlock3);
        if (basicBlock4 == null) {
            basicBlock3.setFallthrough(basicBlock);
        } else {
            basicBlock3.setFallthrough(basicBlock4);
            basicBlock4.setFallthrough(basicBlock);
        }
        Iterator preds = methodCFG.preds(basicBlock);
        while (preds.hasNext()) {
            BasicBlock basicBlock5 = (BasicBlock) preds.next();
            methodCFG.removeEdge(basicBlock5, basicBlock);
            if (basicBlock5.fallthrough() == basicBlock2) {
                methodCFG.addEdge(new FallthroughEdge(basicBlock5, basicBlock2));
            } else {
                methodCFG.addEdge(basicBlock5, basicBlock2);
            }
        }
        methodCFG.addEdge(basicBlock2, basicBlock);
        methodCFG.addEdge(new FallthroughEdge(basicBlock2, basicBlock3));
        if (basicBlock4 != null) {
            methodCFG.addEdge(new FallthroughEdge(basicBlock3, basicBlock4));
            methodCFG.addEdge(basicBlock4, methodCFG.getBlock(next));
        }
        Iterator outEdges = methodCFG.outEdges(basicBlock);
        while (outEdges.hasNext()) {
            Edge edge = (Edge) outEdges.next();
            if (!(edge instanceof FallthroughEdge)) {
                methodCFG.addEdge(basicBlock3, edge.sinkNode());
            }
        }
        return basicBlock3;
    }

    private int getRandomValue(int i) {
        if (i == 0) {
            return 0;
        }
        int nextInt = Random.getRandom().nextInt() % i;
        if (nextInt < 0) {
            nextInt += i;
        }
        return nextInt;
    }

    private int initializeNextLocal(Method method, BasicBlock basicBlock) {
        method.setMaxLocals();
        int maxLocals = method.getMaxLocals();
        InstructionHandle ih = basicBlock.getIH();
        basicBlock.getInstList().add(0, method.getInstructionList().append(new ICONST(getRandomValue(6) - 1)));
        basicBlock.getInstList().add(1, method.getInstructionList().append(new ISTORE(maxLocals)));
        InstructionTargeter[] targeters = ih.getTargeters();
        for (int i = 0; targeters != null && i < targeters.length; i++) {
            targeters[i].updateTarget(ih, basicBlock.getIH());
        }
        return maxLocals;
    }

    @Override // sandmark.Algorithm
    public String getShortName() {
        return "Buggy Code";
    }

    @Override // sandmark.Algorithm
    public String getLongName() {
        return "Insert a buggy code in the control flow graph";
    }

    @Override // sandmark.Algorithm
    public String getAlgHTML() {
        return "<HTML><BODY>BuggyCode is an obfuscation algorithm which makes a copy of a basic block and introduces a bug in it. This code is never executed as it is jumped over by an opaque predicate.\n<TABLE><TR><TD>Author: <a href =\"mailto:tapas@cs.arizona.edu\">Tapas Sahoo</a>\n</TD></TR></TABLE></BODY></HTML>";
    }

    @Override // sandmark.Algorithm
    public String getAlgURL() {
        return "sandmark/obfuscate/buggycode/doc/help.html";
    }

    @Override // sandmark.Algorithm
    public String getAuthor() {
        return "Tapas Sahoo";
    }

    @Override // sandmark.Algorithm
    public String getAuthorEmail() {
        return "tapas@cs.arizona.edu";
    }

    @Override // sandmark.Algorithm
    public String getDescription() {
        return "This algorithm makes a copy of abasic block of code and introduces a bug in it. The buggy code is present to confuse the attacker, but is never executed but jumped over by means of an opaque predicate.";
    }

    @Override // sandmark.Algorithm
    public ModificationProperty[] getMutations() {
        return mutations;
    }

    @Override // sandmark.Algorithm
    public RequisiteProperty[] getPreprohibited() {
        return preprohib;
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length < 1) {
            System.out.println("Usage: BuggyCode <JAR FILE>.jar");
            System.exit(1);
        }
        Application application = new Application(strArr[0]);
        BugCode bugCode = new BugCode();
        Iterator classes = application.classes();
        while (classes.hasNext()) {
            Iterator methods = ((Class) classes.next()).methods();
            while (methods.hasNext()) {
                bugCode.apply((Method) methods.next());
            }
        }
        application.save(new StringBuffer().append(strArr[0].substring(0, strArr[0].indexOf(".jar"))).append("_obf.jar").toString());
    }
}
