From 50949434538892de2d529a6f96d36799091d3afc Mon Sep 17 00:00:00 2001
From: Adam <Adam@anope.org>
Date: Fri, 23 Oct 2015 15:46:03 -0400
Subject: [PATCH] This works. Except for final fields, which I can evaluate
 later.

---
 .../deobfuscators/arithmetic/ModArith.java    | 156 +++++++++---------
 1 file changed, 74 insertions(+), 82 deletions(-)

diff --git a/src/main/java/net/runelite/deob/deobfuscators/arithmetic/ModArith.java b/src/main/java/net/runelite/deob/deobfuscators/arithmetic/ModArith.java
index bc265e7710..b6beb8186d 100644
--- a/src/main/java/net/runelite/deob/deobfuscators/arithmetic/ModArith.java
+++ b/src/main/java/net/runelite/deob/deobfuscators/arithmetic/ModArith.java
@@ -2,11 +2,9 @@ package net.runelite.deob.deobfuscators.arithmetic;
 
 import java.util.ArrayList;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.HashSet;
-import java.util.LinkedList;
+import java.util.Iterator;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 import net.runelite.deob.ClassFile;
@@ -28,7 +26,6 @@ import net.runelite.deob.execution.Execution;
 import net.runelite.deob.execution.Frame;
 import net.runelite.deob.execution.InstructionContext;
 import net.runelite.deob.execution.StackContext;
-import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.map.MultiValueMap;
 
 public class ModArith implements Deobfuscator
@@ -131,16 +128,16 @@ public class ModArith implements Deobfuscator
 				Instruction one = ctx.getPops().get(0).getPushed().getInstruction();
 				Instruction two = ctx.getPops().get(1).getPushed().getInstruction();
 				
-				PushConstantInstruction pc = null;
+				LDC_W pc = null;
 				GetFieldInstruction other = null;
-				if (one instanceof PushConstantInstruction && two instanceof GetFieldInstruction)
+				if (one instanceof LDC_W && two instanceof GetFieldInstruction)
 				{
-					pc = (PushConstantInstruction) one;
+					pc = (LDC_W) one;
 					other = (GetFieldInstruction) two;
 				}
-				else if (two instanceof PushConstantInstruction && one instanceof GetFieldInstruction)
+				else if (two instanceof LDC_W && one instanceof GetFieldInstruction)
 				{
-					pc = (PushConstantInstruction) two;
+					pc = (LDC_W) two;
 					other = (GetFieldInstruction) one;
 				}
 
@@ -153,6 +150,13 @@ public class ModArith implements Deobfuscator
 					continue;
 					//return false;
 				
+				if (!(pc.getConstant().getObject() instanceof Integer))
+					continue;
+				
+				int ivalue = pc.getConstantAsInt();
+				if (!DMath.isBig(ivalue))
+					continue;
+				
 				try
 				{
 					MultiplicationExpression expr = MultiplicationDeobfuscator.parseExpression(e, ctx);
@@ -164,81 +168,26 @@ public class ModArith implements Deobfuscator
 					continue;
 				}
 				
+				InstructionContext popped = ctx.getPushes().get(0).getPopped().get(0);
+				if (popped.getInstruction() instanceof SetFieldInstruction)
+				{
+					SetFieldInstruction sfi = (SetFieldInstruction) popped.getInstruction();
+					
+					if (sfi.getMyField() != null && sfi.getMyField() != field)
+						continue;
+				}
+				
 				return true;
 			}
 		}
 		
 		return false;
 	}
-//	private boolean isFieldObfuscated(Execution e, Field field)
-//	{
-//		// field isn't obfuscated if there are no usages with big constants and no other fields
-//		
-//		for (Frame f : .processedFrames)
-//			outer:
-//			for (InstructionContext ctx : f.getInstructions())
-//			{
-//				if (!(ctx.getInstruction() instanceof FieldInstruction))
-//					continue;
-//				
-//				FieldInstruction fi = (FieldInstruction) ctx.getInstruction();
-//				
-//				if (fi.getMyField() != field)
-//					continue;
-//				
-//				List<InstructionContext> ins = getInsInExpr(ctx, new HashSet());
-//				
-//				// continue if expr contains another ins
-//				for (InstructionContext i : ins)
-//				{
-//					if (i.getInstruction() instanceof FieldInstruction)
-//					{
-//						FieldInstruction ifi = (FieldInstruction) i.getInstruction();
-//						
-//						if (ifi.getMyField() != field)
-//							continue outer; 
-//					}
-//				}
-//				
-//				// find big constant
-//				boolean big = false;
-//				for (InstructionContext i : ins)
-//				{
-//					if (i.getInstruction() instanceof LDC_W)
-//					{
-//						LDC_W ldc = (LDC_W) i.getInstruction();
-//						if (ldc.getConstant().getObject() instanceof Integer)
-//						{
-//							int value = ldc.getConstantAsInt();
-//
-//							if (DMath.isBig(value))
-//								big = true;
-//						}
-//					}
-//				}
-//				
-////				for (InstructionContext i : ins)
-////				{
-////					if (i.getInstruction() instanceof InvokeInstruction)
-////					{
-////						if (!big)
-////						{
-////							// if no ob is detected and its passed to an invoke, it must be deobbed
-////							return false;
-////						}
-////					}
-////				}
-//				
-//				if (big)
-//					return true;
-//			}
-//		
-//		return false;
-//	}
 	
 	static class numgs {
 		int value;
-		boolean getter;
+		//boolean getter;
+		boolean other;
 	}
 	private MultiValueMap<Field, numgs> values2 = new MultiValueMap();
 	
@@ -261,6 +210,22 @@ public class ModArith implements Deobfuscator
 					//if (!fi.getMyField().getName().equals("field2865")) continue;
 					
 					List<InstructionContext> l = this.getInsInExpr(ctx, new HashSet());
+					boolean other = false;
+					for (InstructionContext i : l)
+					{
+						if (i.getInstruction() instanceof InvokeInstruction)
+							continue;
+						
+						if (i.getInstruction() instanceof FieldInstruction)
+						{
+							FieldInstruction fi2 = (FieldInstruction) i.getInstruction();
+							Field myField = fi2.getMyField();
+							
+							if (myField != null && myField != fi.getMyField())
+								other = true;
+						}
+					}
+					
 					for (InstructionContext i : l)
 					{
 						if (i.getInstruction() instanceof LDC_W)
@@ -271,6 +236,7 @@ public class ModArith implements Deobfuscator
 								//boolean getter = fi instanceof GetFieldInstruction;
 								numgs n = new numgs();
 								n.value = w.getConstantAsInt();
+								n.other = other;
 								//n.getter = getter;
 								values2.put(fi.getMyField(), n);
 							}
@@ -532,6 +498,23 @@ public class ModArith implements Deobfuscator
 		
 		return false;
 	}
+	
+	private void removeDupes(Collection<Integer> in)
+	{
+		Set set = new HashSet();
+		for (Iterator<Integer> it = in.iterator(); it.hasNext();)
+		{
+			int i = it.next();
+
+			if (set.contains(i))
+			{
+				it.remove();
+				continue;
+			}
+
+			set.add(i);
+		}
+	}
 
 	private void reduce2()
 	{
@@ -544,19 +527,28 @@ public class ModArith implements Deobfuscator
 				
 				//getter -442113225
 				//setter -2129182073
-				if (f.getName().equals("field2130"))
-				{
-					//Collection<Integer> col3 = col.stream().map(i -> i.value).collect(Collectors.toSet());
-					
+				//if (f.getName().equals("field564"))
+				{	
 					Collection<numgs> col2 = col.stream().filter(i -> DMath.isBig(i.value)).collect(Collectors.toList());
+					
+					Collection<Integer> noOther = col2.stream().filter(i -> !i.other).map(i -> i.value).collect(Collectors.toList());
+					Collection<Integer> other = col2.stream().filter(i -> i.other).map(i -> i.value).collect(Collectors.toList());
+					other.addAll(noOther);
+//					sorted.addAll(
+//						col2.stream().filter(i -> i.other).map(i -> i.value).collect(Collectors.toList())
+//					);
 				
-					Set set = col2.stream().map(i -> i.value).collect(Collectors.toSet());
-				//
+					//Set set = col2.stream().map(i -> i.value).collect(Collectors.toSet());
+					removeDupes(noOther);
+					removeDupes(other);
 					
 					if (!isFieldObfuscated(execution, f))
 						continue;
 				
-					Pair p = this.guess2(f, col2, set);
+					Pair p = this.guess2(f, null, noOther);
+					if (p == null)
+						p = this.guess2(f, null, other);
+					
 					if (p != null)
 					{
 						//if (this.deobfuscatedFields.contains(f))