Binary patching of Java classes for fun and profit - Jfokus 2011

3,331 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,331
On SlideShare
0
From Embeds
0
Number of Embeds
516
Actions
Shares
0
Downloads
30
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • The what/why/how of runtime binary patching of JAVA applications, frameworks and application servers to provide custom integration. We will follow the JRebel integration story from dirty bytecode insertions to readable Java code patches. The session is intended for advanced Java developers interested in patching or integrating with binary java applications. We will look at the different problems that arise when doing runtime binary patching of different Java applications and frameworks. * What and why is a binary patching? * Tools, methods and tips. * Sample use-cases of binary patching different systems * Pros/cons
  • Agent implementation: any class with premain, Agent-Class in manifest
  • Agent implementation: any class with premain, Agent-Class in manifest
  • Agent implementation: any class with premain, Agent-Class in manifest
  • Add smiley face
  • Add smiley face
  • Binary patching of Java classes for fun and profit - Jfokus 2011

    1. 1.
    2. 2. Binary patching of Java classes for funand profit<br />Jfokus 2011, Stockholm<br />
    3. 3. whoami<br />Anton Arhipov<br />ZeroTurnaround<br />JRebel<br />http://arhipov.blogspot.com<br />@antonarhipov<br />@javarebel<br />
    4. 4. What’s Binary Patching?<br />Ninja.class’<br />Ninja.class<br />1010101010111000101010101010100010001000111011011101011<br />1010101010111100001010101010100010001000111011011101110<br />
    5. 5. Why Binary Patching?<br />ClassLoader<br />MyClass.class<br />JRebel<br />agent<br />New code:<br />10010100100100101011001010<br />MyObject<br />
    6. 6. Why Binary Patching?<br />ClassLoader<br />MyClass.class<br />Framework<br />JRebel<br />agent<br />New code:<br />10010100100100101011001010<br />MyObject<br />
    7. 7. Why Binary Patching?<br />ClassLoader<br />MyClass.class<br />Framework<br />JRebel<br />agent<br />New code:<br />10010100100100101011001010<br />MyObject<br />Configuration<br />(XML, annotations)<br />
    8. 8. How?<br />Using –javaagentto hook into class loading process<br />Using bytecode manipulation libraries (e.g. Javassist)<br />
    9. 9. java.lang.instrument<br />importjava.lang.instrument.ClassFileTransformer;<br />import java.lang.instrument.Instrumentation;<br />public class Agent {<br />public static void premain(String args, Instrumentationinst)<br />throws Exception {<br />inst.addTransformer(new ClassFileTransformer { … });<br /> }<br />}<br />
    10. 10. java.lang.instrument<br />importjava.lang.instrument.ClassFileTransformer;<br />import java.lang.instrument.Instrumentation;<br />public class Agent {<br />public static void premain(String args, Instrumentationinst)<br />throws Exception {<br />inst.addTransformer(new ClassFileTransformer { … });<br /> }<br />}<br />META-INF/MANIFEST.MF<br />Agent-Class: Agent<br />
    11. 11. java.lang.instrument<br />importjava.lang.instrument.ClassFileTransformer;<br />import java.lang.instrument.Instrumentation;<br />public class Agent {<br />public static void premain(String args, Instrumentationinst)<br />throws Exception {<br />inst.addTransformer(new ClassFileTransformer { … });<br /> }<br />}<br />META-INF/MANIFEST.MF<br />Agent-Class: Agent<br />java –javaagent:agent.jar …<br />
    12. 12. java.lang.instrument + Javassist<br />newClassFileTransformer() {<br />public byte[] transform(ClassLoaderloader, String className,<br />Class<?>classBeingRedefined,<br />ProtectionDomainprotectionDomain, byte[] classfileBuffer){<br /> }<br />}<br />
    13. 13. java.lang.instrument + Javassist<br />newClassFileTransformer() {<br />public byte[] transform(ClassLoaderloader, String className,<br />Class<?>classBeingRedefined,<br />ProtectionDomainprotectionDomain, byte[] classfileBuffer){<br />ClassPoolcp= ClassPool.getDefault();<br />CtClassct= pool.makeClass(new<br />ByteArrayInputStream(classfileBuffer));<br /> }<br />}<br />
    14. 14. java.lang.instrument + Javassist<br />newClassFileTransformer() {<br />public byte[] transform(ClassLoaderloader, String className,<br />Class<?>classBeingRedefined,<br />ProtectionDomainprotectionDomain, byte[] classfileBuffer){<br />ClassPoolcp= ClassPool.getDefault();<br />CtClassct= pool.makeClass(new<br />ByteArrayInputStream(classfileBuffer));<br />transformClass(ct, cp);<br /> }<br />}<br />
    15. 15. java.lang.instrument + Javassist<br />newClassFileTransformer() {<br />public byte[] transform(ClassLoaderloader, String className,<br />Class<?>classBeingRedefined,<br />ProtectionDomainprotectionDomain, byte[] classfileBuffer){<br />ClassPoolcp= ClassPool.getDefault();<br />CtClassct = pool.makeClass(new<br />ByteArrayInputStream(classfileBuffer));<br />transformClass(ct, cp); <br />returnct.toBytecode();<br /> }<br />}<br />
    16. 16. JRebel SDK<br />
    17. 17. Javassist + JRebel<br />cp.importPackage("org.zeroturnaround.javarebel");<br />
    18. 18. Javassist + JRebel<br />cp.importPackage("org.zeroturnaround.javarebel");<br />ct.addInterface(<br />cp.get(ClassEventListener.class.getName()));<br />
    19. 19. Javassist + JRebel<br />cp.importPackage("org.zeroturnaround.javarebel");<br />ct.addInterface(<br />cp.get(ClassEventListener.class.getName()));<br />ct.addMethod(CtNewMethod.make(<br />"public void onClassEvent(inteventType, Class clazz) {"+<br /> "cache.evict();" +<br />"}", ct));<br />
    20. 20. Javassist + JRebel<br />CtClassct = …<br />CtConstructor[] cs = ct.getConstructors();<br />
    21. 21. Javassist + JRebel<br />CtClassct = …<br />CtConstructor[] cs = ct.getConstructors();<br />for (CtConstructor c : cs) {<br /> if(c.callsSuper()) {<br />c.insertAfter("ReloaderFactory.getInstance()<br /> .addClassReloadListener($0);");<br /> }<br />}<br />
    22. 22. Javassist + JRebel<br />CtClassct = …<br />ct.getDeclaredMethod("service")<br />.insertBefore(<br />"ReloaderFactory.getInstance()<br /> .checkAndReload(Application.class);");<br />
    23. 23. Integration Highlights<br />Implement ClassEventListener<br />Register listener instance to JRebel<br />Trigger the re-load event<br />ReloaderFactory#addClassReloadListener(…);<br />ReloaderFactory#checkAndReload(…);<br />
    24. 24. Pros/Cons<br />
    25. 25. Pros/Cons<br />
    26. 26. Pros/Cons<br />
    27. 27. Thx!<br />Want JRebel free? <br />Come to our booth!<br />

    ×