search

CoddityTeam / movaicode

Concours mensuel du Pire Développeur de France
123 stars 10 forks source link

C - suprafast jit ficelle #20

Closed pinaraf closed 2 years ago

pinaraf commented 4 years ago

usage: ./movai "kayak"

Works with GCC on x86, amd64. Other platforms untested

#include <stdio.h>
#include <stdint.h>
#include <string.h>
#include <stdlib.h>
#include <sys/mman.h>

#define s(c) __stop_ ## c - __start_ ## c

#if UINTPTR_MAX == 0xffffffff
__attribute__ ((noinline, section("c01"), optimize("-Os"))) void f01() {
    int8_t *v = (int8_t*) 0xBADF00D;
    v[0xBEEF] = v[0xF00BAA] ^ v[0xBABEB1];
}
#define addr + (void *) 0
#elif UINTPTR_MAX == 0xffffffffffffffff
__attribute__ ((noinline, section("c01"), optimize("-Os"))) void f01() {
    int8_t *v = (int8_t*) 0xFFFFFBADF00D;
    *(v + 0xBEEF) = *(v + 0xF00BAA) ^ *(v + 0xBABEB1);
}
#define addr + (void *) 0xFFFFF0000000
#else
#error "Unimplemented"
#endif

__attribute__ ((noinline, section("c02"), optimize("-Os"))) void f02() {}

void memrle(void *buffer, int sz, void *dst, void *org) {
    for (int i = 0 ; i < sz - sizeof(dst) ; i++) {
        if (memcmp(buffer+i, &dst, sizeof(dst)) == 0) {
            memcpy(buffer+i, &org, sizeof(org));
            i += sizeof(org);
        }
    }
}

int main (int argc, void **argv) {
    if (argc != 2)
        return -1;
    int l = strlen(argv[1]);
    extern unsigned char __stop_c01[], __start_c01[], __stop_c02[], __start_c02[];
    int xsz = s(c01);
    int vsz = s(c02);

    char *tgtc = mmap(0, xsz * 3 * (l >> 1), 3, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
    char *buffer = malloc(xsz);

    for (int i = 0 ; i < l >> 1 ; i++) {
        for (int j = 0 ; j < 3 ; j++) {
            memcpy(buffer, (char *)f01, xsz);
            memrle(buffer, xsz, 195997436 addr, j%2 ? *(argv + 1) + i : *(argv + 1) + l - 1 - i);
            memrle(buffer, xsz, 211680183 addr, *(argv + 1) + i);
            memrle(buffer, xsz, 208187070 addr, *(argv + 1) + l - 1 - i);
            memcpy(tgtc + (i * 3 + j) * (xsz-vsz), buffer, xsz-vsz);
        }
    }
    memcpy(tgtc + ((l >> 1) * 3) * (xsz-vsz), (char *)f02, vsz);
    mprotect(tgtc, xsz * 3 * (l >> 1), 6);
    ((void (*)()) tgtc)();
    printf("%s\n", (char*) *(argv + 1));
    return 0;
}
louismarslen commented 2 years ago

Je fais un peu de ménage dans les issues -> d'ailleurs go participer à l'édition 5