public DotNetStructureParsers(
byte[] buff,
IMAGE_COR20_HEADER imageCor20Header,
IMAGE_SECTION_HEADER[] sectionHeaders)
{
_buff = buff;
_sectionHeaders = sectionHeaders;
_imageCor20Header = imageCor20Header;
InitAllParsers();
}
public int GetMetadata(IntPtr self, string filename, uint imageTimestamp, uint imageSize, IntPtr mvid, uint mdRva, uint flags, uint bufferSize, byte[] buffer, IntPtr dataSize)
{
string filePath = _dataTarget.SymbolLocator.FindBinary(filename, imageTimestamp, imageSize, true);
if (filePath == null)
{
return(E_FAIL);
}
// We do not put a using statement here to prevent needing to load/unload the binary over and over.
PEFile file = _dataTarget.FileLoader.LoadPEFile(filePath);
if (file == null)
{
return(E_FAIL);
}
var comDescriptor = file.Header.ComDescriptorDirectory;
if (comDescriptor.VirtualAddress == 0)
{
return(E_FAIL);
}
PEBuffer peBuffer = file.AllocBuff();
if (mdRva == 0)
{
IntPtr hdr = file.SafeFetchRVA((int)comDescriptor.VirtualAddress, (int)comDescriptor.Size, peBuffer);
IMAGE_COR20_HEADER corhdr = (IMAGE_COR20_HEADER)Marshal.PtrToStructure(hdr, typeof(IMAGE_COR20_HEADER));
if (bufferSize < corhdr.MetaData.Size)
{
file.FreeBuff(peBuffer);
return(E_FAIL);
}
mdRva = corhdr.MetaData.VirtualAddress;
bufferSize = corhdr.MetaData.Size;
}
IntPtr ptr = file.SafeFetchRVA((int)mdRva, (int)bufferSize, peBuffer);
Marshal.Copy(ptr, buffer, 0, (int)bufferSize);
file.FreeBuff(peBuffer);
return(S_OK);
}
public int GetMetadata(string filename, uint imageTimestamp, uint imageSize, IntPtr mvid, uint mdRva, uint flags, uint bufferSize, byte[] buffer, IntPtr dataSize)
{
PEFile file = _dataTarget.SymbolLocator.LoadBinary(filename, imageTimestamp, imageSize, true);
if (file == null)
{
return(-1);
}
var comDescriptor = file.Header.ComDescriptorDirectory;
if (comDescriptor.VirtualAddress == 0)
{
return(-1);
}
PEBuffer peBuffer = file.AllocBuff();
if (mdRva == 0)
{
IntPtr hdr = file.SafeFetchRVA((int)comDescriptor.VirtualAddress, (int)comDescriptor.Size, peBuffer);
IMAGE_COR20_HEADER corhdr = (IMAGE_COR20_HEADER)Marshal.PtrToStructure(hdr, typeof(IMAGE_COR20_HEADER));
if (bufferSize < corhdr.MetaData.Size)
{
file.FreeBuff(peBuffer);
return(-1);
}
mdRva = corhdr.MetaData.VirtualAddress;
bufferSize = corhdr.MetaData.Size;
}
IntPtr ptr = file.SafeFetchRVA((int)mdRva, (int)bufferSize, peBuffer);
Marshal.Copy(ptr, buffer, 0, (int)bufferSize);
file.FreeBuff(peBuffer);
return(0);
}
public int GetMetadata(string filename, uint imageTimestamp, uint imageSize, IntPtr mvid, uint mdRva, uint flags, uint bufferSize, byte[] buffer, IntPtr dataSize)
{
filename = FindImage(filename, imageTimestamp, imageSize);
if (filename == null)
{
return(-1);
}
if (!File.Exists(filename))
{
return(-1);
}
try
{
using (FileStream file = File.OpenRead(filename))
{
using (SafeWin32Handle handle = NativeMethods.CreateFileMapping(file.SafeFileHandle, IntPtr.Zero, NativeMethods.PageProtection.Readonly, 0, 0, null))
{
if (handle.IsInvalid)
{
return(-1);
}
using (SafeMapViewHandle image = NativeMethods.MapViewOfFile(handle, NativeMethods.FILE_MAP_READ, 0, 0, IntPtr.Zero))
{
if (image.IsInvalid)
{
return(-1);
}
if (mdRva == 0)
{
uint size;
IntPtr header = NativeMethods.ImageDirectoryEntryToData(image.BaseAddress, false,
NativeMethods.IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR,
out size);
if (header == IntPtr.Zero)
{
return(-1);
}
IMAGE_COR20_HEADER corhdr = (IMAGE_COR20_HEADER)Marshal.PtrToStructure(header, typeof(IMAGE_COR20_HEADER));
if (bufferSize < corhdr.MetaData.Size)
{
return(-1);
}
mdRva = corhdr.MetaData.VirtualAddress;
bufferSize = corhdr.MetaData.Size;
}
IntPtr ntHeader = NativeMethods.ImageNtHeader(image.BaseAddress);
IntPtr addr = NativeMethods.ImageRvaToVa(ntHeader, image.BaseAddress, mdRva, IntPtr.Zero);
Marshal.Copy(addr, buffer, 0, (int)bufferSize);
return(0);
}
}
}
}
catch
{
Debug.Assert(false);
}
return(-1);
}
internal PeDotNetInformation(IMAGE_SECTION_HEADER header, Stream peStream, IPeHeadersInternal headers)
{
_clrHeader = peStream.Read <IMAGE_COR20_HEADER>();
long va = _clrHeader.MetaData.VirtualAddress;
if (!headers.TryGetSectionForVirtualAddress(va, out header))
{
throw new BadImageFormatException("CLR header does not point to any metadata.");
}
long streamBaseOffset = (va - header.VirtualAddress) + header.PointerToRawData;
peStream.Seek(streamBaseOffset, SeekOrigin.Begin);
var storageSignature = peStream.Read <STORAGESIGNATURE>();
_storageVersion = peStream.ReadUtf8(checked ((int)storageSignature.iVersionString));
var storageHeader = peStream.Read <STORAGEHEADER>();
STORAGESTREAM[] streams = GetStreams(peStream, storageHeader.iStreams);
foreach (var item in streams)
{
if (item.rcName == "#Strings")
{
if (MetadataStrings != null)
{
throw new BadImageFormatException("Duplicate CLR metadata stream found: " + item.rcName);
}
MetadataStrings = new ClrStringPool(peStream, item, streamBaseOffset);
}
else if (item.rcName == "#US")
{
if (StringLiterals != null)
{
throw new BadImageFormatException("Duplicate CLR metadata stream found: " + item.rcName);
}
StringLiterals = new ClrUserStringPool(peStream, item, streamBaseOffset);
}
else if (item.rcName == "#GUID")
{
if (Guids != null)
{
throw new BadImageFormatException("Duplicate CLR metadata stream found: " + item.rcName);
}
Guids = new ClrGuidPool(peStream, item, streamBaseOffset);
}
else if (item.rcName == "#Blob")
{
if (Blobs != null)
{
throw new BadImageFormatException("Duplicate CLR metadata stream found: " + item.rcName);
}
Blobs = new ClrBlobPool(peStream, item, streamBaseOffset);
}
else if (item.rcName == "#~")
{
if (Metadata != null)
{
throw new BadImageFormatException("Duplicate CLR metadata stream found: " + item.rcName);
}
Metadata = new ClrMetadataAccessor(this, peStream, item, streamBaseOffset);
}
}
}
