From 55d39e207ba44a0322bd28690decafd33cf8715b Mon Sep 17 00:00:00 2001
From: Byeongkeun Ahn <7p54ks3@naver.com>
Date: Wed, 25 Dec 2024 18:46:51 +0900
Subject: [PATCH] Packaging: use base91 instead of base85 everywhere

---
 scripts/static-pie-gen.py                     | 31 ++++++----------
 .../static-pie-template-amd64-fn-impl.cpp     | 31 ++++++++--------
 .../static-pie-template-amd64-short.c         | 35 +++++++++----------
 scripts/templates/static-pie-template-amd64.c | 35 +++++++++----------
 scripts/templates/static-pie-template-i686.c  | 35 +++++++++----------
 5 files changed, 76 insertions(+), 91 deletions(-)

diff --git a/scripts/static-pie-gen.py b/scripts/static-pie-gen.py
index 3a0679e9..1180c3b9 100644
--- a/scripts/static-pie-gen.py
+++ b/scripts/static-pie-gen.py
@@ -83,24 +83,21 @@
 
 code_b91 = base91.encode(code).decode('ascii')
 code_b91_len = len(code_b91)
-code_b91 = '"' + code_b91 + '"'
-
-code = bytearray(code)
-while len(code) % 4 != 0:
-    code.append(0)
-code_b85 = base64.b85encode(code, pad=False).decode('ascii') + ']'
+code_b91_quoted = '"' + code_b91 + '"'
 
 if lang_name == "C":
     L = 4095
     s = []
-    for i in range(0, len(code_b85), L):
-        x = code_b85[i:min(i+L,len(code_b85))]
-        x = x.replace("?", "\\?")
+    for i in range(0, len(code_b91), L):
+        x = code_b91[i:min(i+L,len(code_b91))]
+        # Escape '\' and '?'
+        x = x.replace('\\', '\\\\')
+        x = x.replace('?', '\\?')
         x = '"' + x + '",\n'
         s.append(x)
     r = "{\n" + "".join(s) + "}"
 else:
-    r = '"' + code_b85 + '"'
+    r = '"' + code_b91 + '"'
 
 # stub
 with open(stub_path, "rb") as f:
@@ -118,11 +115,6 @@
 while len(stub) % 4 != 0:
     stub.append(0)
 stub_raw = '"' + "".join("\\x{:02x}".format(x) for x in stub) + '"'
-stub_b85 = base64.b85encode(stub, pad=False).decode('ascii') + ']'
-stub_b85_len = len(stub_b85)
-if lang_name == "C":
-    stub_b85 = stub_b85.replace("?", "\\?")
-stub_b85 = '"' + stub_b85 + '"'
 
 # template
 template_candidates = [template_path]
@@ -146,18 +138,15 @@
     out_candidate = utils.multiple_replace(template, {
         "$$$$solution_src$$$$": sol,
         "$$$$stub_raw$$$$": stub_raw,
-        "$$$$stub_base85$$$$": stub_b85,
         "$$$$stub_len$$$$": str(len(stub)),
-        "$$$$stub_base85_len$$$$": str(stub_b85_len),
         "$$$$stub_base91$$$$": stub_b91,
         "$$$$stub_base91_len$$$$": str(stub_b91_len),
-        "$$$$binary_base85$$$$": r,
-        "$$$$binary_base85_len$$$$": str(len(code_b85)),
-        "$$$$binary_base91$$$$": code_b91,
+        "$$$$binary_base91$$$$": code_b91_quoted,
         "$$$$binary_base91_len$$$$": str(code_b91_len),
         "$$$$binary_raw_base91$$$$": code_raw_b91,
         "$$$$binary_raw_base91_len$$$$": str(code_raw_b91_len),
-        "$$$$min_len_4096$$$$": str(min(len(code_b85)+1, 4096)),
+        "$$$$binary_base91_chunked$$$$": r,
+        "$$$$min_len_4096$$$$": str(min(len(code_b91)+1, 4096)),
         "$$$$entrypoint_offset$$$$": str(loader_fdict['entrypoint_offset']),
         "$$$$exports_cpp$$$$": exports_cpp
     })
diff --git a/scripts/templates/static-pie-template-amd64-fn-impl.cpp b/scripts/templates/static-pie-template-amd64-fn-impl.cpp
index bc0f317d..91418f4c 100644
--- a/scripts/templates/static-pie-template-amd64-fn-impl.cpp
+++ b/scripts/templates/static-pie-template-amd64-fn-impl.cpp
@@ -53,22 +53,21 @@ typedef unsigned long long uint64_t;
 #define BASMCALL
 #endif
 
-// Base85 decoder. Code adapted from:
-//     https://github.com/rafagafe/base85/blob/master/base85.c
-const char *b85 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!#$%&()*+-;<=>\?@^_`{|}~";
-void b85tobin(void *dest, char const *src) {
-    uint32_t *p = (uint32_t *)dest;
-    uint8_t digittobin[256];
-    for (uint8_t i=0; i<85; i++) digittobin[(uint8_t)b85[i]] = i;
+void b91tobin(void *dest, char const *src) {
+    uint8_t *p = (uint8_t *)dest;
+    uint32_t eax = 0x1f;
     while (1) {
         while (*src == '\0') src++;
-        if (*src == ']') break;
-        uint32_t value = 0;
-        for (uint32_t i=0; i<5; i++) {
-            value *= 85;
-            value += digittobin[(uint8_t)*src++];
-        }
-        *p++ = (value >> 24) | ((value >> 8) & 0xff00) | ((value << 8) & 0xff0000) | (value << 24);
+        uint32_t x = (uint32_t) *src++;
+        if (x < 0x24) return;
+        while (*src == '\0') src++;
+        uint32_t y = (uint32_t) *src++;
+        eax <<= 13;
+        eax += (y - 0x24) * 91 + (x - 0x24);
+        do {
+            *p++ = (uint8_t) eax;
+            eax >>= 8;
+        } while (eax & (1 << 12));
     }
 }
 
@@ -148,7 +147,7 @@ stub_ptr get_stub() {
     return (stub_ptr) stub;
 }
 #endif
-char payload[][$$$$min_len_4096$$$$] = $$$$binary_base85$$$$;
+char payload[][$$$$min_len_4096$$$$] = $$$$binary_base91_chunked$$$$;
 
 static int g_loaded = 0;
 static PLATFORM_DATA g_pd;
@@ -181,7 +180,7 @@ size_t basm_load_module() {
         g_pd.ptr_write_stdio      = (void *) svc_write_stdio;
 #endif
         stub_ptr stub = get_stub();
-        b85tobin(payload, (char const *)payload);
+        b91tobin(payload, (char const *)payload);
         stub(&g_pd, payload);
         g_loaded = 1;
         basm_on_loaded();
diff --git a/scripts/templates/static-pie-template-amd64-short.c b/scripts/templates/static-pie-template-amd64-short.c
index 13c7bf77..163bff37 100644
--- a/scripts/templates/static-pie-template-amd64-short.c
+++ b/scripts/templates/static-pie-template-amd64-short.c
@@ -8,22 +8,21 @@ typedef unsigned char u8;
 typedef unsigned int u32;
 typedef unsigned long long u64;
 #define BASMCALL __attribute__((ms_abi))
-// Base85 decoder. Code adapted from:
-//     https://github.com/rafagafe/base85/blob/master/base85.c
-const char *b85 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!#$%&()*+-;<=>\?@^_`{|}~";
-void b85tobin(void *dest, char const *src) {
-    u32 *p = (u32 *)dest;
-    u8 digittobin[256];
-    for (u8 i=0; i<85; i++) digittobin[(u8)b85[i]] = i;
+void b91tobin(void *dest, char const *src) {
+    uint8_t *p = (uint8_t *)dest;
+    uint32_t eax = 0x1f;
     while (1) {
         while (*src == '\0') src++;
-        if (*src == ']') break;
-        u32 value = 0;
-        for (u32 i=0; i<5; i++) {
-            value *= 85;
-            value += digittobin[(u8)*src++];
-        }
-        *p++ = (value >> 24) | ((value >> 8) & 0xff00) | ((value << 8) & 0xff0000) | (value << 24);
+        uint32_t x = (uint32_t) *src++;
+        if (x < 0x24) return;
+        while (*src == '\0') src++;
+        uint32_t y = (uint32_t) *src++;
+        eax <<= 13;
+        eax += (y - 0x24) * 91 + (x - 0x24);
+        do {
+            *p++ = (uint8_t) eax;
+            eax >>= 8;
+        } while (eax & (1 << 12));
     }
 }
 #pragma pack(push, 1)
@@ -35,7 +34,7 @@ typedef struct {
 } PLATFORM_DATA;
 #pragma pack(pop)
 typedef int (BASMCALL *stub_ptr)(void *, void *);
-char payload[][$$$$min_len_4096$$$$] = $$$$binary_base85$$$$;
+char payload[][$$$$min_len_4096$$$$] = $$$$binary_base91_chunked$$$$;
 int main() {}
 #ifdef __cplusplus
 extern "C"
@@ -52,8 +51,8 @@ int __libc_start_main(
     pd.env_id = 2;
     pd.env_flags = 1;
     u8 stubbuf[68 + $$$$stub_len$$$$];
-    b85tobin(stubbuf, "QMd~L002n8@6D@;XGJ3cz5oya01pLO>naZmS5~+Q0000n|450>x(5IN07=KfA^-pYO)<bp|Hw@-$qxlyU&9Xz]");
-    b85tobin(stubbuf + 68, $$$$stub_base85$$$$);
+    b91tobin(stubbuf, "H;|DR:$$$|7x6E69i$6',&%Q$$?@GjeBmVodz$C?$$c7h{.>j<g9%Q$$Q80&F$$$f5U$5L@=aT8S92:|1&.C!");
+    b91tobin(stubbuf + 68, $$$$stub_base91$$$$);
     size_t base = ((size_t)main) & 0xFFFFFFFFFFFFF000ULL;
     *(u64 *)(stubbuf + 0x08) = (u64) base;
     *(u32 *)(stubbuf + 0x11) = (u32) 4096;
@@ -62,6 +61,6 @@ int __libc_start_main(
     len = ((len + 0xFFF) >> 12) << 12;
     syscall(10, base, len, 0x7);
     pd.fn_table[0] = (void *) (stubbuf + 0x1c);
-    b85tobin(payload, (char const *)payload);
+    b91tobin(payload, (char const *)payload);
     return ((stub_ptr) stubbuf)(&pd, payload);
 }
\ No newline at end of file
diff --git a/scripts/templates/static-pie-template-amd64.c b/scripts/templates/static-pie-template-amd64.c
index 0b8dc6b9..99536ae8 100644
--- a/scripts/templates/static-pie-template-amd64.c
+++ b/scripts/templates/static-pie-template-amd64.c
@@ -44,22 +44,21 @@ typedef unsigned long long uint64_t;
 #define BASMCALL
 #endif
 
-// Base85 decoder. Code adapted from:
-//     https://github.com/rafagafe/base85/blob/master/base85.c
-const char *b85 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!#$%&()*+-;<=>\?@^_`{|}~";
-void b85tobin(void *dest, char const *src) {
-    uint32_t *p = (uint32_t *)dest;
-    uint8_t digittobin[256];
-    for (uint8_t i=0; i<85; i++) digittobin[(uint8_t)b85[i]] = i;
+void b91tobin(void *dest, char const *src) {
+    uint8_t *p = (uint8_t *)dest;
+    uint32_t eax = 0x1f;
     while (1) {
         while (*src == '\0') src++;
-        if (*src == ']') break;
-        uint32_t value = 0;
-        for (uint32_t i=0; i<5; i++) {
-            value *= 85;
-            value += digittobin[(uint8_t)*src++];
-        }
-        *p++ = (value >> 24) | ((value >> 8) & 0xff00) | ((value << 8) & 0xff0000) | (value << 24);
+        uint32_t x = (uint32_t) *src++;
+        if (x < 0x24) return;
+        while (*src == '\0') src++;
+        uint32_t y = (uint32_t) *src++;
+        eax <<= 13;
+        eax += (y - 0x24) * 91 + (x - 0x24);
+        do {
+            *p++ = (uint8_t) eax;
+            eax >>= 8;
+        } while (eax & (1 << 12));
     }
 }
 
@@ -139,7 +138,7 @@ stub_ptr get_stub() {
     return (stub_ptr) stub;
 }
 #endif
-char payload[][$$$$min_len_4096$$$$] = $$$$binary_base85$$$$;
+char payload[][$$$$min_len_4096$$$$] = $$$$binary_base91_chunked$$$$;
 
 #if defined(__linux__) && (defined(BOJ) || defined(BASM_CI))
 int main() {}
@@ -189,8 +188,8 @@ int main(int argc, char *argv[]) {
 
     stub_ptr stub = get_stub();
 #if defined(__linux__)
-    uint8_t stubbuf[68 + $$$$stub_len$$$$] = "QMd~L002n8@6D@;XGJ3cz5oya01pLO>naZmS5~+Q0000n|450>x(5IN07=KfA^-pYO)<bp|Hw@-$qxlyU&9Xz]";
-    b85tobin(stubbuf, (char const *)stubbuf);
+    uint8_t stubbuf[68 + $$$$stub_len$$$$] = "H;|DR:$$$|7x6E69i$6',&%Q$$?@GjeBmVodz$C?$$c7h{.>j<g9%Q$$Q80&F$$$f5U$5L@=aT8S92:|1&.C!";
+    b91tobin(stubbuf, (char const *)stubbuf);
     /* prepend thunk and relocate stub onto stack */
     for (size_t i = 0; i < $$$$stub_len$$$$; i++) stubbuf[68 + i] = (uint8_t)stub_raw[i];
     size_t base = ((size_t)stub_raw) & 0xFFFFFFFFFFFFF000ULL; // page-aligned pointer to munmap in thunk
@@ -205,7 +204,7 @@ int main(int argc, char *argv[]) {
     pd.ptr_alloc_rwx = (void *) (stubbuf + 0x1c); // thunk implements its own svc_alloc_rwx
     stub = (stub_ptr) stubbuf;
 #endif
-    b85tobin(payload, (char const *)payload);
+    b91tobin(payload, (char const *)payload);
     return stub(&pd, payload);
 }
 // LOADER END
\ No newline at end of file
diff --git a/scripts/templates/static-pie-template-i686.c b/scripts/templates/static-pie-template-i686.c
index 6c4d984b..9cd1cae6 100644
--- a/scripts/templates/static-pie-template-i686.c
+++ b/scripts/templates/static-pie-template-i686.c
@@ -20,22 +20,21 @@
 #endif
 #endif
 
-// Base85 decoder. Code adapted from:
-//     https://github.com/rafagafe/base85/blob/master/base85.c
-const char *b85 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!#$%&()*+-;<=>\?@^_`{|}~";
-void b85tobin(void *dest, char const *src) {
-    uint32_t *p = (uint32_t *)dest;
-    uint8_t digittobin[256];
-    for (uint8_t i=0; i<85; i++) digittobin[(uint8_t)b85[i]] = i;
+void b91tobin(void *dest, char const *src) {
+    uint8_t *p = (uint8_t *)dest;
+    uint32_t eax = 0x1f;
     while (1) {
         while (*src == '\0') src++;
-        if (*src == ']') break;
-        uint32_t value = 0;
-        for (uint32_t i=0; i<5; i++) {
-            value *= 85;
-            value += digittobin[(uint8_t)*src++];
-        }
-        *p++ = (value >> 24) | ((value >> 8) & 0xff00) | ((value << 8) & 0xff0000) | (value << 24);
+        uint32_t x = (uint32_t) *src++;
+        if (x < 0x24) return;
+        while (*src == '\0') src++;
+        uint32_t y = (uint32_t) *src++;
+        eax <<= 13;
+        eax += (y - 0x24) * 91 + (x - 0x24);
+        do {
+            *p++ = (uint8_t) eax;
+            eax >>= 8;
+        } while (eax & (1 << 12));
     }
 }
 
@@ -99,8 +98,8 @@ void *svc_alloc_rwx(size_t size) {
 
 typedef int (*stub_ptr)(void *, void *);
 
-const char *stub_base85 = $$$$stub_base85$$$$;
-char payload[][$$$$min_len_4096$$$$] = $$$$binary_base85$$$$;
+const char *stub_base91 = $$$$stub_base91$$$$;
+char payload[][$$$$min_len_4096$$$$] = $$$$binary_base91_chunked$$$$;
 
 int main(int argc, char *argv[]) {
     PLATFORM_DATA pd;
@@ -128,8 +127,8 @@ int main(int argc, char *argv[]) {
     pd.ptr_write_stdio      = (void *) svc_write_stdio;
 
     stub_ptr stub = (stub_ptr) svc_alloc_rwx(4096);
-    b85tobin((void *) stub, stub_base85);
-    b85tobin(payload, (char const *)payload);
+    b91tobin((void *) stub, stub_base91);
+    b91tobin(payload, (char const *)payload);
     return stub(&pd, payload);
 }
 // LOADER END
\ No newline at end of file