search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
974 stars 199 forks source link

Unexpected Template Param #235

Closed SamueleD78 closed 1 year ago

SamueleD78 commented 1 year ago

In the classes dump, i have a template function as this one:

class System.Collections.Generic.List<T> : System.Object, System.Collections.Generic.IList<T>, System.Collections.Generic.ICollection<T>, System.Collections.Generic.IEnumerable<T>, System.Collections.IEnumerable, System.Collections.IList, System.Collections.ICollection, System.Collections.Generic.IReadOnlyList<T>, System.Collections.Generic.IReadOnlyCollection<T>
{
    static System.Int32 _defaultCapacity = 4;
    T[] _items; // 0x0
    System.Int32 _size; // 0x0
    System.Int32 _version; // 0x0
    System.Object _syncRoot; // 0x0
    static T[] _emptyArray; // 0x0
    System.Void .ctor();
    System.Void .ctor(System.Int32 capacity);
    System.Void .ctor(System.Collections.Generic.IEnumerable<T> collection);

    [...]

    System.Collections.Generic.List<TOutput> ConvertAll(System.Converter<T,TOutput> converter);

As you could see, the class expect 1 parameter to be passed to the "inflate" method (and it works flawlessly), but inside the class there is a second template param, "TOutput" (on the last method "ConvertAll"), which is unexpected and cannot be passed to the inflate cause it expects only 1 parameter.

Am i missing something?

vfsfitvnm commented 1 year ago

Can I see your code?

SamueleD78 commented 1 year ago

of course, nothing special:

// test.ts

import "frida-il2cpp-bridge";

function myExport(): void {
    Il2Cpp.perform(() => {
        const ns = Il2Cpp.Domain.assembly("mscorlib").image;
        const generic = ns.class("System.Collections.Generic.List`1");
        const systemstring = ns.class("System.String");
        const inflated = generic.inflate(systemstring);
        console.log(inflated);
    });
}

/* EXECUTION */

console.log("Script Loaded");
console.log(" - Spawning");
setTimeout(myExport.bind(this), 0);
vfsfitvnm commented 1 year ago

Where does it fail? Where's the piece of code where you try to inflate ConvertAll?

SamueleD78 commented 1 year ago

you see? i was missing something ^^ I didn't know i could inflate the methods too. Thank you.

Of course this open a problem for me.. i was trying to dump all (almost) the inflated classes/methods, referring to the inflated versions into the classes members (we already talked about this).

But of course with this kind of inflated methods, i cannot know if the code inflated them somewhere. Thank you so much