search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
946 stars 194 forks source link

what is the value of handle in this context? #381

Closed catlowlevel closed 11 months ago

catlowlevel commented 11 months ago

inside the method class, there's this line inside invokeRaw method

if (this.isInflated) {
    allocatedParameters.push(this.handle);
}

what is handle in here? Is it the MethodInfo*

I am attempting to invoke a method in C++, and it's resulting in crashes. I suspect I need this handle as the method I'm trying to invoke is inflated. Here's how I currently invoke it:

template<typename T, typename... Args>
T MethodInfo::invoke(Il2CppObject *instance, Args &&... args) {
    using Invoker = T(*)(Il2CppObject *, Args...);
    auto invoker = reinterpret_cast<Invoker>(this->methodPointer);
    return invoker(instance, std::forward<Args>(args)...);
}
vfsfitvnm commented 11 months ago

what is handle in here? Is it the MethodInfo*

Yes.

The following C# code

class Class : Interface
{
    static Class()
    {

    }
}

is transpiled to the following C++ code

// System.Void Class::.cctor()
extern "C" IL2CPP_METHOD_ATTR void Class__cctor_m8C31123D4284696F79E3E30569AF75657805F8B7 (const RuntimeMethod* method)
{
    {
        return;
    }
}

More in general, it looks like the method instance is always passed as the last parameter.

However, the compiler eventually removes that parameter if it's unused - but inflated methods actually needs the method instance (for whatever reason I didn't investigate, but it's easy to guess)

catlowlevel commented 11 months ago

I've actually tried passing the MethodInfo* as the last parameter and yet the game is still crashing 🤔

catlowlevel commented 11 months ago

For more context, it is the method get_Item from Dictionary class

vfsfitvnm commented 11 months ago

Does it occur with every method?

catlowlevel commented 11 months ago

Does it occur with every method?

No, it doesn't Only this method so far

vfsfitvnm commented 11 months ago

Well, I don't really know, then. The method you invoke might be throwing an exception for whatever business logic it implemented as well...

catlowlevel commented 11 months ago

The method you invoke might be throwing an exception for whatever business logic it implemented as well...

But this module invoked the method just fine, so it couldn't be it

vfsfitvnm commented 11 months ago

I think you passing the parameters incorrectly, then... I don't know C++ so I can't help you

catlowlevel commented 11 months ago

I think you passing the parameters incorrectly, then... I don't know C++ so I can't help you

alright, that's okay. thanks for your time

catlowlevel commented 11 months ago

okay, i was testing stuff and i forgot to change the method name

    auto m = dict->klass->getMethod("get_Item");
    LOGD("is Inflated %d", m->isInflated());
//    int i = 0;
    auto item = dict->invoke_method<Il2CppObject *>("get_Keys", 0, m); //should've been get_Item

now i pass the m directly instead of string literal and now it works