feat: 增加对流式解析的支持

phith0n · Jan 19, 2024 · 6701283 · 6701283
1 parent dc93d09
commit 6701283
Show file tree

Hide file tree

Showing 4 changed files with 120 additions and 4 deletions.
diff --git a/commons/stream.go b/commons/stream.go
@@ -5,11 +5,63 @@ import (
 	"io"
 )
 
+type CommonStream interface {
+	io.ReadSeeker
+	ReadN(n int) (bs []byte, err error)
+	PeekN(n int) (bs []byte, err error)
+	EOF() bool
+	CurrentIndex() int64
+}
+
+type ReadSeekerStream struct {
+	io.ReadSeeker
+	offset int64
+	err    error
+}
+
+func (s *ReadSeekerStream) Read(b []byte) (n int, err error) {
+	if _, err = s.Seek(s.offset, io.SeekStart); err != nil {
+		s.err = err
+		return
+	}
+	n, err = s.ReadSeeker.Read(b)
+	s.offset += int64(n)
+	return
+}
+
+func (s *ReadSeekerStream) ReadN(n int) (bs []byte, err error) {
+	bs = make([]byte, n)
+	_, err = io.ReadFull(s, bs)
+	return
+}
+
+func (s *ReadSeekerStream) PeekN(n int) (bs []byte, err error) {
+	oldOffset := s.offset
+	bs, err = s.ReadN(n)
+	s.offset = oldOffset
+	return
+}
+
+func (s *ReadSeekerStream) EOF() bool {
+	return s.err != nil
+}
+
+func (s *ReadSeekerStream) CurrentIndex() int64 {
+	return s.offset
+}
+
 type Stream struct {
 	bs      []byte
 	current int64
 }
 
+func NewStreamFromReadSeeker(rs io.ReadSeeker) *ReadSeekerStream {
+	return &ReadSeekerStream{
+		ReadSeeker: rs,
+		offset:     0,
+	}
+}
+
 func NewStream(bs []byte) *Stream {
 	return &Stream{
 		bs:      bs,

diff --git a/serz/buffer.go b/serz/buffer.go
@@ -2,19 +2,28 @@ package serz
 
 import (
 	"github.com/phith0n/zkar/commons"
+	"io"
 )
 
 type ObjectStream struct {
-	*commons.Stream
+	commons.CommonStream
 	handler    uint32
 	references map[uint32]Object
 }
 
 func NewObjectStream(bs []byte) *ObjectStream {
 	return &ObjectStream{
-		Stream:     commons.NewStream(bs),
-		handler:    JAVA_BASE_WRITE_HANDLE,
-		references: make(map[uint32]Object),
+		CommonStream: commons.NewStream(bs),
+		handler:      JAVA_BASE_WRITE_HANDLE,
+		references:   make(map[uint32]Object),
+	}
+}
+
+func NewObjectStreamFromReadSeeker(r io.ReadSeeker) *ObjectStream {
+	return &ObjectStream{
+		CommonStream: commons.NewStreamFromReadSeeker(r),
+		handler:      JAVA_BASE_WRITE_HANDLE,
+		references:   make(map[uint32]Object),
 	}
 }
 

diff --git a/serz/parser.go b/serz/parser.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"fmt"
 	"github.com/phith0n/zkar/commons"
+	"io"
 	"os"
 )
 
@@ -19,6 +20,37 @@ type Serialization struct {
 	Contents      []*TCContent
 }
 
+func FromReadSeeker(r io.ReadSeeker, len int) (*Serialization, error) {
+	var stream = NewObjectStreamFromReadSeeker(r)
+	var ser = new(Serialization)
+
+	// read magic number 0xACED
+	bs, err := stream.ReadN(2)
+	if err != nil || !bytes.Equal(bs, JAVA_STREAM_MAGIC) {
+		return nil, fmt.Errorf("invalid magic number")
+	}
+	ser.MagicNumber = JAVA_STREAM_MAGIC
+
+	// read stream version
+	bs, err = stream.ReadN(2)
+	if err != nil || !bytes.Equal(bs, JAVA_STREAM_VERSION) {
+		fmt.Fprintf(os.Stderr, "[warn] invalid stream version %v", bs)
+	}
+	ser.StreamVersion = bs
+
+	for i := 0; i < len; i++ {
+		var content *TCContent
+		content, err = readTCContent(stream)
+		if err != nil {
+			return nil, err
+		}
+
+		ser.Contents = append(ser.Contents, content)
+	}
+
+	return ser, nil
+}
+
 func FromBytes(data []byte) (*Serialization, error) {
 	var bs []byte
 	var err error
@@ -62,6 +94,16 @@ func FromJDK8u20Bytes(data []byte) (*Serialization, error) {
 	return FromBytes(data)
 }
 
+func FromJDK8u20ReadSeeker(data []byte) (*Serialization, error) {
+	data = bytes.Replace(
+		data,
+		[]byte{0x00, 0x7e, 0x00, 0x09},
+		[]byte{0x00, 0x7e, 0x00, 0x09, JAVA_TC_ENDBLOCKDATA},
+		1,
+	)
+	return FromReadSeeker(bytes.NewReader(data), 1)
+}
+
 func (ois *Serialization) ToString() string {
 	var b = commons.NewPrinter()
 	b.Printf("@Magic - %s", commons.Hexify(ois.MagicNumber))

diff --git a/serz/parser_test.go b/serz/parser_test.go
@@ -27,6 +27,19 @@ func extractPackage(name string) string {
 	return name
 }
 
+func TestJDK8u20FromReadSeeker(t *testing.T) {
+	var filename = "../testcases/pwntester/JDK8u20.ser"
+	data, err := ioutil.ReadFile(filename)
+	require.Nil(t, err)
+
+	ser, err := FromJDK8u20ReadSeeker(data)
+	require.Nilf(t, err, "an error is occurred in file %v", filename)
+	serFromBytes, err := FromJDK8u20Bytes(data)
+	require.Equal(t, ser, serFromBytes)
+	require.Nilf(t, err, "an error is occurred in file %v", filename)
+	require.Truef(t, bytes.Equal(data, ser.ToJDK8u20Bytes()), "original data is different from generation data in file %v", filename)
+}
+
 func TestYsoserial(t *testing.T) {
 	walkAndTest("../testcases/ysoserial/*.ser", t, func(filename string, data []byte, ser *Serialization) {
 		require.Truef(