static void Main(string[] args)
{
bool is_verbose = false;
bool show_help = false;
CLRPH_DEMANGLER demangler_name = CLRPH_DEMANGLER.Default;
OptionSet opts = new OptionSet()
{
{ "v|verbose", "redirect debug traces to console", v => is_verbose = v != null },
{ "h|help", "show this message and exit", v => show_help = v != null },
{ "d=|demangler=", "Choose demangler name", v => demangler_name = ParseDemanglerName(v) },
};
List <string> eps = opts.Parse(args);
if (show_help)
{
ShowHelp(opts);
return;
}
if (is_verbose)
{
// Redirect debug log to the console
Debug.Listeners.Add(new TextWriterTraceListener(Console.Out));
Debug.AutoFlush = true;
}
// always the first call to make
Phlib.InitializePhLib();
Demangler demangler;
switch (args.Length)
{
case 0:
demangler = new Demangler(CLRPH_DEMANGLER.Microsoft);
TestKnownInputs(demangler);
break;
default:
case 1:
demangler = new Demangler(demangler_name);
string Filepath = args[1];
if (NativeFile.Exists(Filepath))
{
TestFilepath(Filepath, demangler);
}
else
{
string undecoratedName = demangler.UndecorateName(args[1]).Item2;
Console.WriteLine(undecoratedName);
}
break;
}
// Force flushing out buffer
Console.Out.Flush();
}
public void InitializeView()
{
if (!NativeFile.Exists(this.Filename))
{
MessageBox.Show(
String.Format("{0:s} is not present on the disk", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.Pe = (Application.Current as App).LoadBinary(this.Filename);
if (this.Pe == null || !this.Pe.LoadSuccessful)
{
MessageBox.Show(
String.Format("{0:s} is not a valid PE-COFF file", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.SymPrv = new PhSymbolProvider();
this.RootFolder = Path.GetDirectoryName(this.Filename);
this.SxsEntriesCache = SxsManifest.GetSxsEntries(this.Pe);
this.ProcessedModulesCache = new ModulesCache();
this.ApiSetmapCache = Phlib.GetApiSetSchema();
this._SelectedModule = null;
this._DisplayWarning = false;
// TODO : Find a way to properly bind commands instead of using this hack
this.ModulesList.Items.Clear();
this.ModulesList.DoFindModuleInTreeCommand = DoFindModuleInTree;
this.ModulesList.ConfigureSearchOrderCommand = ConfigureSearchOrderCommand;
var RootFilename = Path.GetFileName(this.Filename);
var RootModule = new DisplayModuleInfo(RootFilename, this.Pe, ModuleSearchStrategy.ROOT);
this.ProcessedModulesCache.Add(new ModuleCacheKey(RootFilename, this.Filename), RootModule);
ModuleTreeViewItem treeNode = new ModuleTreeViewItem();
DependencyNodeContext childTreeInfoContext = new DependencyNodeContext()
{
ModuleInfo = new WeakReference(RootModule),
IsDummy = false
};
treeNode.DataContext = childTreeInfoContext;
treeNode.Header = treeNode.GetTreeNodeHeaderName(Dependencies.Properties.Settings.Default.FullPath);
treeNode.IsExpanded = true;
this.DllTreeView.Items.Clear();
this.DllTreeView.Items.Add(treeNode);
// Recursively construct tree of dll imports
ConstructDependencyTree(treeNode, this.Pe);
}
public PE GetBinary(string PePath)
{
Debug.WriteLine(String.Format("Attempt to load : {0:s}", PePath), "BinaryCache");
if (!NativeFile.Exists(PePath))
{
Debug.WriteLine(String.Format("File not present on the filesystem : {0:s} ", PePath), "BinaryCache");
return(null);
}
string Fullpath = Path.GetFullPath(PePath);
if (FilepathDatabase.ContainsKey(Fullpath))
{
// TODO : update LRU cache
PE sShadowBinary = FilepathDatabase[Fullpath];
sShadowBinary.Filepath = Fullpath;
return(sShadowBinary);
}
string PeHash = GetBinaryHash(PePath);
Debug.WriteLine(String.Format("File {0:s} hash : {1:s} ", PePath, PeHash), "BinaryCache");
// A sync lock is mandatory here in order not to load twice the
// same binary from two differents workers
lock (BinaryDatabaseLock)
{
bool hit = BinaryDatabase.ContainsKey(PeHash);
// Cache "miss"
if (!hit)
{
string DestFilePath = Path.Combine(BinaryCacheFolderPath, PeHash);
if (!File.Exists(DestFilePath) && (DestFilePath != PePath))
{
Debug.WriteLine(String.Format("FileCopy from {0:s} to {1:s}", PePath, DestFilePath), "BinaryCache");
NativeFile.Copy(PePath, DestFilePath);
}
PE NewShadowBinary = new PE(DestFilePath);
NewShadowBinary.Load();
LruCache.Add(PeHash);
BinaryDatabase.Add(PeHash, NewShadowBinary);
FilepathDatabase.Add(Fullpath, NewShadowBinary);
}
}
// Cache "Hit"
UpdateLru(PeHash);
PE ShadowBinary = BinaryDatabase[PeHash];
ShadowBinary.Filepath = Path.GetFullPath(PePath); // convert any paths to an absolute one.
Debug.WriteLine(String.Format("File {0:s} loaded from {1:s}", PePath, Path.Combine(BinaryCacheFolderPath, PeHash)), "BinaryCache");
return(ShadowBinary);
}
public void CheckFileExists()
{
var testFile = "test.txt";
File.Delete(testFile);
Assert.False(NativeFile.Exists(testFile));
File.WriteAllText(testFile, string.Empty);
Assert.True(NativeFile.Exists(testFile));
File.Delete(testFile);
}
private void OnTreeViewSelectedItemChanged(object sender, RoutedPropertyChangedEventArgs <object> e)
{
if (this.DllTreeView.SelectedItem == null)
{
UpdateImportExportLists(null, null);
return;
}
DependencyNodeContext childTreeContext = ((DependencyNodeContext)(this.DllTreeView.SelectedItem as ModuleTreeViewItem).DataContext);
DisplayModuleInfo SelectedModule = childTreeContext.ModuleInfo.Target as DisplayModuleInfo;
if (SelectedModule == null)
{
return;
}
// Selected Pe has not been found on disk : unvalidate current module
SelectedModule.HasErrors = !NativeFile.Exists(SelectedModule.Filepath);
if (SelectedModule.HasErrors)
{
// TODO : do a proper refresh instead of asking the user to do it
System.Windows.MessageBox.Show(String.Format("We could not find {0:s} file on the disk anymore, please fix this problem and refresh the window via F5", SelectedModule.Filepath));
}
// Root Item : no parent
ModuleTreeViewItem TreeRootItem = this.DllTreeView.Items[0] as ModuleTreeViewItem;
ModuleTreeViewItem SelectedItem = this.DllTreeView.SelectedItem as ModuleTreeViewItem;
if (SelectedItem == TreeRootItem)
{
// Selected Pe has not been found on disk : unvalidate current module
if (SelectedModule.HasErrors)
{
UpdateImportExportLists(null, null);
}
else
{
SelectedModule.HasErrors = false;
UpdateImportExportLists(SelectedModule, null);
}
return;
}
// Tree Item
DisplayModuleInfo parentModule = SelectedItem.ParentModule.ModuleInfo;
UpdateImportExportLists(SelectedModule, parentModule);
}
public Stream Open(IncludeType type, string fileName, Stream parentStream)
{
Debug.WriteLine(fileName);
// Include dynamic (:D) constants
if (fileName.ToLower().Equals("raymarchengine"))
{
return(GetShaderConstantsStream());
}
string currentDirectory = CurrentDirectory.Peek();
if (currentDirectory == null)
{
#if NETFX_CORE
currentDirectory = Windows.ApplicationModel.Package.Current.InstalledLocation.Path;
#else
currentDirectory = Environment.CurrentDirectory;
#endif
}
string filePath = fileName;
if (!Path.IsPathRooted(filePath))
{
var directoryToSearch = new List <string> {
currentDirectory
};
directoryToSearch.AddRange(IncludeDirectories);
foreach (string dirPath in directoryToSearch)
{
string selectedFile = Path.GetFullPath(Path.Combine(dirPath, fileName));
if (NativeFile.Exists(selectedFile))
{
filePath = selectedFile;
break;
}
}
}
if (filePath == null || !NativeFile.Exists(filePath))
{
throw new FileNotFoundException(String.Format("Unable to find file [{0}]", filePath ?? fileName));
}
NativeFileStream fs = new NativeFileStream(filePath, NativeFileMode.Open, NativeFileAccess.Read);
CurrentDirectory.Push(Path.GetDirectoryName(filePath));
return(fs);
}
public object Convert(object value, Type targetType, object parameter, System.Globalization.CultureInfo culture)
{
string Filepath = (string)value;
Icon icon = ShellIcon.GetSmallIcon(Filepath);
if (NativeFile.Exists(Filepath) && (icon != null))
{
return(System.Windows.Interop.Imaging.CreateBitmapSourceFromHIcon(
icon.Handle,
new Int32Rect(0, 0, icon.Width, icon.Height),
BitmapSizeOptions.FromEmptyOptions()));
}
return("Images/Question.png");
}
protected virtual void Initialize()
{
const string filePath = Global.DataPath + "System.yaml";
const string references = "EngineReferences";
if (!NativeFile.Exists(filePath))
{
throw new InvalidOperationException(string.Format("Odyssey System Data not found: check if {0} exists", filePath));
}
contentManager.LoadAssetList(filePath);
var refData = contentManager.Load <EngineReferenceCollection>(references);
services.AddService(typeof(IReferenceService), refData);
SetupDeviceEvents();
}
public Stream Resolve(string assetName)
{
try
{
var assetPath = GetAssetPath(assetName);
if (!NativeFile.Exists(assetPath))
{
assetPath = GetAssetPath(assetName, true);
}
return(new NativeFileStream(assetPath, NativeFileMode.Open, NativeFileAccess.Read));
}
catch
{
return(null);
}
}
public PE GetBinary(string PePath)
{
if (!NativeFile.Exists(PePath))
{
return(null);
}
string PeHash = GetBinaryHash(PePath);
// A sync lock is mandatory here in order not to load twice the
// same binary from two differents workers
lock (BinaryDatabaseLock)
{
bool hit = BinaryDatabase.ContainsKey(PeHash);
// Cache "miss"
if (!hit)
{
string DestFilePath = Path.Combine(BinaryCacheFolderPath, PeHash);
if (!File.Exists(DestFilePath) && (DestFilePath != PePath))
{
NativeFile.Copy(PePath, DestFilePath);
}
PE NewShadowBinary = new PE(DestFilePath);
NewShadowBinary.Load();
LruCache.Add(PeHash);
BinaryDatabase.Add(PeHash, NewShadowBinary);
}
}
// Cache "Hit"
UpdateLru(PeHash);
PE ShadowBinary = BinaryDatabase[PeHash];
ShadowBinary.Filepath = Path.GetFullPath(PePath); // convert any paths to an absolute one.
return(ShadowBinary);
}
public Stream Open(IncludeType type, string fileName, Stream parentStream)
{
var currentDirectory = CurrentDirectory.Peek();
if (currentDirectory == null)
#if NETFX_CORE
{ currentDirectory = Windows.ApplicationModel.Package.Current.InstalledLocation.Path; }
#else
{ currentDirectory = Environment.CurrentDirectory; }
#endif
var filePath = fileName;
if (!Path.IsPathRooted(filePath))
{
var directoryToSearch = new List <string> {
currentDirectory
};
directoryToSearch.AddRange(IncludeDirectories);
foreach (var dirPath in directoryToSearch)
{
var selectedFile = Path.Combine(dirPath, fileName);
if (NativeFile.Exists(selectedFile))
{
filePath = selectedFile;
break;
}
}
}
if (filePath == null || !NativeFile.Exists(filePath))
{
throw new FileNotFoundException(String.Format("Unable to find file [{0}]", filePath ?? fileName));
}
NativeFileStream fs = new NativeFileStream(filePath, NativeFileMode.Open, NativeFileAccess.Read);
CurrentDirectory.Push(Path.GetDirectoryName(filePath));
return(fs);
}
static void Main(string[] args)
{
// always the first call to make
Phlib.InitializePhLib();
Demangler demangler;
switch (args.Length)
{
case 0:
demangler = new Demangler("Microsoft");
TestKnownInputs(demangler);
break;
case 1:
demangler = new Demangler();
TestFilepath(args[0], demangler);
break;
default:
case 2:
string demanglerName = args[0].TrimStart(new char[] { '-' });
string Filepath = args[1];
demangler = new Demangler(demanglerName);
if (NativeFile.Exists(Filepath))
{
TestFilepath(Filepath, demangler);
}
else
{
Console.WriteLine(demangler.UndecorateName(args[1]));
}
break;
}
}
public PE LoadBinary(string path)
{
StatusBarMessage = String.Format("Loading module {0:s} ...", path);
if (!NativeFile.Exists(path))
{
StatusBarMessage = String.Format("Loading PE file \"{0:s}\" failed : file not present on disk.", path);
return(null);
}
PE pe = BinaryCache.LoadPe(path);
if (pe == null || !pe.LoadSuccessful)
{
StatusBarMessage = String.Format("Loading module {0:s} failed.", path);
}
else
{
StatusBarMessage = String.Format("Loading PE file \"{0:s}\" successful.", pe.Filepath);
}
return(pe);
}
public bool Exists(string assetName)
{
return(NativeFile.Exists(GetAssetPath(assetName)));
}
public bool Exists(string assetName)
{
return(NativeFile.Exists(Path.Combine(RootDirectory, assetName)));
}
private void ConstructDependencyTree(ModuleTreeViewItem RootNode, PE CurrentPE, int RecursionLevel = 0)
{
// "Closured" variables (it 's a scope hack really).
Dictionary <string, ImportContext> NewTreeContexts = new Dictionary <string, ImportContext>();
BackgroundWorker bw = new BackgroundWorker();
bw.WorkerReportsProgress = true; // useless here for now
bw.DoWork += (sender, e) => {
ProcessPe(NewTreeContexts, CurrentPE);
};
bw.RunWorkerCompleted += (sender, e) =>
{
TreeBuildingBehaviour.DependencyTreeBehaviour SettingTreeBehaviour = Dependencies.TreeBuildingBehaviour.GetGlobalBehaviour();
List <ModuleTreeViewItem> PeWithDummyEntries = new List <ModuleTreeViewItem>();
List <BacklogImport> PEProcessingBacklog = new List <BacklogImport>();
// Important !
//
// This handler is executed in the STA (Single Thread Application)
// which is authorized to manipulate UI elements. The BackgroundWorker is not.
//
foreach (ImportContext NewTreeContext in NewTreeContexts.Values)
{
ModuleTreeViewItem childTreeNode = new ModuleTreeViewItem();
DependencyNodeContext childTreeNodeContext = new DependencyNodeContext();
childTreeNodeContext.IsDummy = false;
string ModuleName = NewTreeContext.ModuleName;
string ModuleFilePath = NewTreeContext.PeFilePath;
ModuleCacheKey ModuleKey = new ModuleCacheKey(ModuleName, ModuleFilePath);
// Newly seen modules
if (!this.ProcessedModulesCache.ContainsKey(ModuleKey))
{
// Missing module "found"
if ((NewTreeContext.PeFilePath == null) || !NativeFile.Exists(NewTreeContext.PeFilePath))
{
this.ProcessedModulesCache[ModuleKey] = new NotFoundModuleInfo(ModuleName);
}
else
{
if (NewTreeContext.IsApiSet)
{
var ApiSetContractModule = new DisplayModuleInfo(NewTreeContext.ApiSetModuleName, NewTreeContext.PeProperties, NewTreeContext.ModuleLocation, NewTreeContext.Flags);
var NewModule = new ApiSetModuleInfo(NewTreeContext.ModuleName, ref ApiSetContractModule);
this.ProcessedModulesCache[ModuleKey] = NewModule;
if (SettingTreeBehaviour == TreeBuildingBehaviour.DependencyTreeBehaviour.Recursive)
{
PEProcessingBacklog.Add(new BacklogImport(childTreeNode, ApiSetContractModule.ModuleName));
}
}
else
{
var NewModule = new DisplayModuleInfo(NewTreeContext.ModuleName, NewTreeContext.PeProperties, NewTreeContext.ModuleLocation, NewTreeContext.Flags);
this.ProcessedModulesCache[ModuleKey] = NewModule;
switch (SettingTreeBehaviour)
{
case TreeBuildingBehaviour.DependencyTreeBehaviour.RecursiveOnlyOnDirectImports:
if ((NewTreeContext.Flags & ModuleFlag.DelayLoad) == 0)
{
PEProcessingBacklog.Add(new BacklogImport(childTreeNode, NewModule.ModuleName));
}
break;
case TreeBuildingBehaviour.DependencyTreeBehaviour.Recursive:
PEProcessingBacklog.Add(new BacklogImport(childTreeNode, NewModule.ModuleName));
break;
}
}
}
// add it to the module list
this.ModulesList.AddModule(this.ProcessedModulesCache[ModuleKey]);
}
// Since we uniquely process PE, for thoses who have already been "seen",
// we set a dummy entry in order to set the "[+]" icon next to the node.
// The dll dependencies are actually resolved on user double-click action
// We can't do the resolution in the same time as the tree construction since
// it's asynchronous (we would have to wait for all the background to finish and
// use another Async worker to resolve).
if ((NewTreeContext.PeProperties != null) && (NewTreeContext.PeProperties.GetImports().Count > 0))
{
ModuleTreeViewItem DummyEntry = new ModuleTreeViewItem();
DependencyNodeContext DummyContext = new DependencyNodeContext()
{
ModuleInfo = new WeakReference(new NotFoundModuleInfo("Dummy")),
IsDummy = true
};
DummyEntry.DataContext = DummyContext;
DummyEntry.Header = "@Dummy : if you see this header, it's a bug.";
DummyEntry.IsExpanded = false;
childTreeNode.Items.Add(DummyEntry);
childTreeNode.Expanded += ResolveDummyEntries;
}
// Add to tree view
childTreeNodeContext.ModuleInfo = new WeakReference(this.ProcessedModulesCache[ModuleKey]);
childTreeNode.DataContext = childTreeNodeContext;
childTreeNode.Header = childTreeNode.GetTreeNodeHeaderName(Dependencies.Properties.Settings.Default.FullPath);
RootNode.Items.Add(childTreeNode);
}
// Process next batch of dll imports
if (SettingTreeBehaviour != TreeBuildingBehaviour.DependencyTreeBehaviour.ChildOnly)
{
foreach (var ImportNode in PEProcessingBacklog)
{
ConstructDependencyTree(ImportNode.Item1, ImportNode.Item2, RecursionLevel + 1); // warning : recursive call
}
}
};
bw.RunWorkerAsync();
}
public static SxsEntries ExtractDependenciesFromSxsElement(XElement SxsAssembly, string Folder, string ExecutableName = "", string ProcessorArch = "")
{
// Private assembly search sequence : https://msdn.microsoft.com/en-us/library/windows/desktop/aa374224(v=vs.85).aspx
//
// * In the application's folder. Typically, this is the folder containing the application's executable file.
// * In a subfolder in the application's folder. The subfolder must have the same name as the assembly.
// * In a language-specific subfolder in the application's folder.
// -> The name of the subfolder is a string of DHTML language codes indicating a language-culture or language.
// * In a subfolder of a language-specific subfolder in the application's folder.
// -> The name of the higher subfolder is a string of DHTML language codes indicating a language-culture or language. The deeper subfolder has the same name as the assembly.
//
//
// 0. Side-by-side searches the WinSxS folder.
// 1. \\<appdir>\<assemblyname>.DLL
// 2. \\<appdir>\<assemblyname>.manifest
// 3. \\<appdir>\<assemblyname>\<assemblyname>.DLL
// 4. \\<appdir>\<assemblyname>\<assemblyname>.manifest
string TargetSxsManifestPath;
string SxsManifestName = SxsAssembly.Attribute("name").Value.ToString();
string SxsManifestDir = Path.Combine(Folder, SxsManifestName);
// 0. find publisher manifest in %WINDIR%/WinSxs/Manifest
if (SxsAssembly.Attribute("publicKeyToken") != null)
{
string WinSxsDir = Path.Combine(
Environment.GetFolderPath(Environment.SpecialFolder.Windows),
"WinSxs"
);
string WinSxsManifestDir = Path.Combine(WinSxsDir, "Manifests");
var RegisteredManifests = Directory.EnumerateFiles(
WinSxsManifestDir,
"*.manifest"
);
string PublicKeyToken = SxsAssembly.Attribute("publicKeyToken").Value;
string Name = SxsAssembly.Attribute("name").Value.ToLower();
string ProcessArch = SxsAssembly.Attribute("processorArchitecture") != null?SxsAssembly.Attribute("processorArchitecture").Value : "*";
string Version = SxsAssembly.Attribute("version").Value;
string Langage = SxsAssembly.Attribute("langage") != null?SxsAssembly.Attribute("langage").Value : "none"; // TODO : support localized sxs redirection
switch (ProcessArch.ToLower())
{
case "$(build.arch)":
case "*":
ProcessArch = ProcessorArch;
break;
case "amd64":
case "x86":
case "wow64":
case "msil":
case "arm":
case "arm64":
break; // nothing to do
default:
ProcessArch = ".*";
break;
}
Regex VersionRegex = new Regex(@"([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)", RegexOptions.IgnoreCase);
Match VersionMatch = VersionRegex.Match(Version);
if (VersionMatch.Success)
{
string Major = VersionMatch.Groups[1].Value;
string Minor = VersionMatch.Groups[2].Value;
string Build = (VersionMatch.Groups[3].Value == "0") ? ".*" : VersionMatch.Groups[3].Value;
string Patch = (VersionMatch.Groups[4].Value == "0") ? ".*" : VersionMatch.Groups[4].Value;
// Manifest filename : {ProcArch}_{Name}_{PublicKeyToken}_{FuzzyVersion}_{Langage}_{some_hash}.manifest
Regex ManifestFileNameRegex = new Regex(
String.Format(@"({0:s}_{1:s}_{2:s}_{3:s}\.{4:s}\.({5:s})\.({6:s})_none_([a-fA-F0-9]+))\.manifest",
ProcessArch,
Name,
PublicKeyToken,
Major,
Minor,
Build,
Patch
//Langage,
// some hash
),
RegexOptions.IgnoreCase
);
bool FoundMatch = false;
int HighestBuild = 0;
int HighestPatch = 0;
string MatchSxsManifestDir = "";
string MatchSxsManifestPath = "";
foreach (var FileName in RegisteredManifests)
{
Match MatchingSxsFile = ManifestFileNameRegex.Match(FileName);
if (MatchingSxsFile.Success)
{
int MatchingBuild = Int32.Parse(MatchingSxsFile.Groups[2].Value);
int MatchingPatch = Int32.Parse(MatchingSxsFile.Groups[3].Value);
if ((MatchingBuild > HighestBuild) || ((MatchingBuild == HighestBuild) && (MatchingPatch > HighestPatch)))
{
string TestMatchSxsManifestDir = MatchingSxsFile.Groups[1].Value;
// Check the directory exists before confirming there is a match
string FullPathMatchSxsManifestDir = Path.Combine(WinSxsDir, TestMatchSxsManifestDir);
Console.WriteLine("FullPathMatchSxsManifestDir : Checking {0:s}", FullPathMatchSxsManifestDir);
if (NativeFile.Exists(FullPathMatchSxsManifestDir, true))
{
Console.WriteLine("FullPathMatchSxsManifestDir : Checking {0:s} TRUE", FullPathMatchSxsManifestDir);
FoundMatch = true;
HighestBuild = MatchingBuild;
HighestPatch = MatchingPatch;
MatchSxsManifestDir = TestMatchSxsManifestDir;
MatchSxsManifestPath = Path.Combine(WinSxsManifestDir, FileName);
}
}
}
}
if (FoundMatch)
{
string FullPathMatchSxsManifestDir = Path.Combine(WinSxsDir, MatchSxsManifestDir);
// "{name}.local" local sxs directory hijack ( really used for UAC bypasses )
if (ExecutableName != "")
{
string LocalSxsDir = Path.Combine(Folder, String.Format("{0:s}.local", ExecutableName));
string MatchingLocalSxsDir = Path.Combine(LocalSxsDir, MatchSxsManifestDir);
if (Directory.Exists(LocalSxsDir) && Directory.Exists(MatchingLocalSxsDir))
{
FullPathMatchSxsManifestDir = MatchingLocalSxsDir;
}
}
return(ExtractDependenciesFromSxsManifestFile(MatchSxsManifestPath, FullPathMatchSxsManifestDir, ExecutableName, ProcessorArch));
}
}
}
// 1. \\<appdir>\<assemblyname>.DLL
// find dll with same assembly name in same directory
SxsEntries EntriesFromMatchingDll = SxsFindTargetDll(SxsManifestName, Folder);
if (EntriesFromMatchingDll.Count > 0)
{
return(EntriesFromMatchingDll);
}
// 2. \\<appdir>\<assemblyname>.manifest
// find manifest with same assembly name in same directory
TargetSxsManifestPath = Path.Combine(Folder, String.Format("{0:s}.manifest", SxsManifestName));
if (File.Exists(TargetSxsManifestPath))
{
return(ExtractDependenciesFromSxsManifestFile(TargetSxsManifestPath, Folder, ExecutableName, ProcessorArch));
}
// 3. \\<appdir>\<assemblyname>\<assemblyname>.DLL
// find matching dll in sub directory
SxsEntries EntriesFromMatchingDllSub = SxsFindTargetDll(SxsManifestName, SxsManifestDir);
if (EntriesFromMatchingDllSub.Count > 0)
{
return(EntriesFromMatchingDllSub);
}
// 4. \<appdir>\<assemblyname>\<assemblyname>.manifest
// find manifest in sub directory
TargetSxsManifestPath = Path.Combine(SxsManifestDir, String.Format("{0:s}.manifest", SxsManifestName));
if (Directory.Exists(SxsManifestDir) && File.Exists(TargetSxsManifestPath))
{
return(ExtractDependenciesFromSxsManifestFile(TargetSxsManifestPath, SxsManifestDir, ExecutableName, ProcessorArch));
}
// TODO : do the same thing for localization
//
// 0. Side-by-side searches the WinSxS folder.
// 1. \\<appdir>\<language-culture>\<assemblyname>.DLL
// 2. \\<appdir>\<language-culture>\<assemblyname>.manifest
// 3. \\<appdir>\<language-culture>\<assemblyname>\<assemblyname>.DLL
// 4. \\<appdir>\<language-culture>\<assemblyname>\<assemblyname>.manifest
// TODO : also take into account Multilanguage User Interface (MUI) when
// scanning manifests and WinSxs dll. God this is horrendously complicated.
// Could not find the dependency
{
SxsEntries EntriesFromElement = new SxsEntries();
EntriesFromElement.Add(new SxsEntry(SxsManifestName, "file ???"));
return(EntriesFromElement);
}
}
static void Main(string[] args)
{
// always the first call to make
Phlib.InitializePhLib();
int recursion_depth = 0;
bool early_exit = false;
bool show_help = false;
bool export_as_json = false;
DumpCommand command = null;
OptionSet opts = new OptionSet()
{
{ "h|help", "show this message and exit", v => show_help = v != null },
{ "json", "Export results in json format", v => export_as_json = v != null },
{ "d|depth=", "limit recursion depth when analysing loaded modules or dependency chain. Default value is infinite", (int v) => recursion_depth = v },
{ "knowndll", "List all known dlls", v => { DumpKnownDlls(GetObjectPrinter(export_as_json)); early_exit = true; } },
{ "apisets", "List apisets redirections", v => { DumpApiSets(GetObjectPrinter(export_as_json)); early_exit = true; } },
{ "apisetsdll", "List apisets redirections from apisetschema <FILE>", v => command = DumpApiSets },
{ "manifest", "show manifest information embedded in <FILE>", v => command = DumpManifest },
{ "sxsentries", "dump all of <FILE>'s sxs dependencies", v => command = DumpSxsEntries },
{ "imports", "dump <FILE> imports", v => command = DumpImports },
{ "exports", "dump <FILE> exports", v => command = DumpExports },
{ "chain", "dump <FILE> whole dependency chain", v => command = DumpDependencyChain },
{ "modules", "dump <FILE> resolved modules", v => command = DumpModules },
};
List <string> eps = opts.Parse(args);
if (early_exit)
{
return;
}
if ((show_help) || (args.Length == 0) || (command == null))
{
DumpUsage();
return;
}
if (eps.Count == 0)
{
Console.Error.WriteLine("[x] Command {0:s} needs to have a PE <FILE> argument", command.Method.Name);
Console.Error.WriteLine("");
DumpUsage();
return;
}
String FileName = eps[0];
if (!NativeFile.Exists(FileName))
{
Console.Error.WriteLine("[x] Could not find file {0:s} on disk", FileName);
return;
}
Debug.WriteLine("[-] Loading file {0:s} ", FileName);
PE Pe = new PE(FileName);
if (!Pe.Load())
{
Console.Error.WriteLine("[x] Could not load file {0:s} as a PE", FileName);
return;
}
command(Pe, GetObjectPrinter(export_as_json), recursion_depth);
}
public bool Exists(string resourceName)
{
return(NativeFile.Exists(Path.Combine(RootDirectory, resourceName)));
}
