Coder Social home page Coder Social logo

Comments (3)

McMartin avatar McMartin commented on August 24, 2024

Hi @jackfruit2,

Thanks for using FRUT!

Could you please give me some examples of strings and/or function names that you found in the binary, though you didn't expect them there? I'll also try to reproduce on my side, but it will be easier for me if I know what I should be looking for.

from frut.

jackfruit2 avatar jackfruit2 commented on August 24, 2024

Hi @McMartin,

Thanks for your timely reply.

Please find the replication instructions to reproduce the issue that im facing:
Note: Im using macOS Montery

Instructions

  1. Create a HelloWorld VST3 plugin using JUCE 7.0.1
  2. Follow the readme instructions to create a vanilla FRUT project (found here: https://github.com/McMartin/FRUT)
  3. Configure the CMakeLists.txt to include the following juce_export_target_configuration:

jucer_export_target_configuration(
"Xcode (MacOSX)"
NAME "Release"
DEBUG_MODE OFF
BINARY_NAME "Helloworld"
STRIP_LOCAL_SYMBOLS ON
LINK_TIME_OPTIMISATION ON
OPTIMISATION "-O3 (fastest with safe optimisations)"
)

  1. Build the project using cmake --build . --config Release
  2. Change directory to the built artifact (the VST3) ~/Library/Audio/Plug-Ins/VST3/Helloworld.vst3/Contents/MacOS
  3. Execute strip just to make sure the debug symbols are removed strip -x -S Helloworld -o Helloworld.stripped
  4. Execute strings Helloworld.stripped > ~/Desktop/Helloworld2.txt to output the strings found in the binary to a file.
  5. Observe the file containing mangled function names and reference to cpp files including its origin in the txt file.

Sample Extract Mangled Functions

Please find below a sample of JUCE mangle functions in the binaries :

NSt3__110__function6__baseIFffffEEE
ZZN4juce17AudioParameterIntC1ERKNS_11ParameterIDERKNS_6StringEiiiRKNS_27AudioParameterIntAttributesEENK4$19clEvEUlfffE
NSt3__110__function6__funcIZZN4juce17AudioParameterIntC1ERKNS2_11ParameterIDERKNS2_6StringEiiiRKNS2_27AudioParameterIntAttributesEENK4$_19clEvEUlfffE0_NS_9allocatorISE_EEFffffEEE
ZZN4juce17AudioParameterIntC1ERKNS_11ParameterIDERKNS_6StringEiiiRKNS_27AudioParameterIntAttributesEENK4$19clEvEUlfffE0
NSt3__110__function6__funcIZZN4juce17AudioParameterIntC1ERKNS2_11ParameterIDERKNS2_6StringEiiiRKNS2_27AudioParameterIntAttributesEENK4$_19clEvEUlfffE1_NS_9allocatorISE_EEFffffEEE
ZZN4juce17AudioParameterIntC1ERKNS_11ParameterIDERKNS_6StringEiiiRKNS_27AudioParameterIntAttributesEENK4$19clEvEUlfffE1
NSt3__110__function6__funcIZZN4juce20AudioParameterChoiceC1ERKNS2_11ParameterIDERKNS2_6StringERKNS2_11StringArrayEiRKNS2_30AudioParameterChoiceAttributesEENK4$_24clEvEUlfffE_NS_9allocatorISH_EEFffffEEE
ZZN4juce20AudioParameterChoiceC1ERKNS_11ParameterIDERKNS_6StringERKNS_11StringArrayEiRKNS_30AudioParameterChoiceAttributesEENK4$24clEvEUlfffE
NSt3__110__function6__funcIZZN4juce20AudioParameterChoiceC1ERKNS2_11ParameterIDERKNS2_6StringERKNS2_11StringArrayEiRKNS2_30AudioParameterChoiceAttributesEENK4$_24clEvEUlfffE0_NS_9allocatorISH_EEFffffEEE
ZZN4juce20AudioParameterChoiceC1ERKNS_11ParameterIDERKNS_6StringERKNS_11StringArrayEiRKNS_30AudioParameterChoiceAttributesEENK4$24clEvEUlfffE0
NSt3__110__function6__funcIZZN4juce20AudioParameterChoiceC1ERKNS2_11ParameterIDERKNS2_6StringERKNS2_11StringArrayEiRKNS2_30AudioParameterChoiceAttributesEENK4$24clEvEUlfffE1_NS_9allocatorISH

Sample of Exposed Home directory

Component Controller Class
%02X
/Users/jackfruit2/SDKs/JUCE/modules/juce_audio_plugin_client/VST3/juce_VST3_Wrapper.cpp
allocator::allocate(size_t n) 'n' exceeds maximum supported size
/Users/jackfruit2/SDKs/JUCE/modules/juce_audio_plugin_client/utility/juce_CreatePluginFilter.h
*** Leaked objects detected:
instance(s) of class
/Users/jackfruit2/SDKs/JUCE/modules/juce_core/memory/juce_LeakedObjectDetector.h

Attached Artefact

Attached is my output with examples of my home directory being exposed :
Helloworld2.txt

from frut.

jackfruit2 avatar jackfruit2 commented on August 24, 2024

Hi @McMartin,

I finally figured this one out. JUCE uses RTTI so user classes potentially leak the both mangled class and function names in the binary. I used the COMPILER_FLAGS_FOR_ compiler scheme to declare the -fno-rtti flag for compilation units that don't use dynamic_casts, typeid or throw exceptions.

I was wondering if this strategy is safe to do in FRUT/JUCE?

from frut.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.