public AssemblyDebugParser(Stream?peStream, Stream pdbStream)
{
Stream inputStream;
if (!PdbConverter.IsPortable(pdbStream))
{
if (peStream == null)
{
throw new ArgumentNullException(nameof(peStream), "Full PDB's require the PE file to be next to the PDB");
}
if (!AppCompat.IsSupported(RuntimeFeature.DiaSymReader))
{
throw new PlatformNotSupportedException("Windows PDB cannot be processed on this platform.");
}
// Full PDB. convert to ppdb in memory
_pdbBytes = pdbStream.ReadAllBytes();
pdbStream.Position = 0;
_peBytes = peStream.ReadAllBytes();
peStream.Position = 0;
_temporaryPdbStream = new MemoryStream();
PdbConverter.Default.ConvertWindowsToPortable(peStream, pdbStream, _temporaryPdbStream);
_temporaryPdbStream.Position = 0;
peStream.Position = 0;
inputStream = _temporaryPdbStream;
_pdbType = PdbType.Full;
}
else
{
inputStream = pdbStream;
_pdbType = PdbType.Portable;
_pdbBytes = pdbStream.ReadAllBytes();
pdbStream.Position = 0;
}
_readerProvider = MetadataReaderProvider.FromPortablePdbStream(inputStream);
_reader = _readerProvider.GetMetadataReader();
if (peStream != null)
{
_peReader = new PEReader(peStream);
_ownPeReader = true;
}
}
public void AppCompatTestCreators()
{
var r = new AppCompat();
var reg = new RegistryHive(@"D:\SynologyDrive\Registry\SYSTEM_Creators");
reg.ParseHive();
var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache");
Check.That(r.Values.Count).IsEqualTo(0);
r.ProcessValues(key);
Check.That(r.Values.Count).IsEqualTo(506);
var ff = (ValuesOut)r.Values[0];
Check.That(ff.CacheEntryPosition).IsEqualTo(0);
Check.That(ff.ProgramName).Contains("nvstreg.exe");
}
public void AppCompatTestOneOff()
{
var r = new AppCompat();
var reg = new RegistryHive(@"C:\Users\eric\Desktop\SYSTEM");
reg.ParseHive();
var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache");
Check.That(r.Values.Count).IsEqualTo(0);
r.ProcessValues(key);
Check.That(r.Values.Count).IsEqualTo(325);
var ff = (ValuesOut)r.Values[0];
Check.That(ff.CacheEntryPosition).IsEqualTo(0);
Check.That(ff.ProgramName).Contains("Logon");
}
public void AppCompatTest()
{
var r = new AppCompat();
var reg = new RegistryHive(@"D:\Sync\RegistryHives\SYSTEM");
reg.ParseHive();
var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache");
Check.That(r.Values.Count).IsEqualTo(0);
r.ProcessValues(key);
Check.That(r.Values.Count).IsEqualTo(1024);
var ff = (ValuesOut)r.Values[0];
Check.That(ff.CacheEntryPosition).IsEqualTo(0);
Check.That(ff.ProgramName).Contains("java");
}
private void ShowFile(PackageFile file)
{
object?content = null;
var isBinary = false;
// find all plugins which can handle this file's extension
var contentViewers = FindContentViewer(file);
if (contentViewers != null)
{
try
{
// iterate over all plugins, looking for the first one that return non-null content
foreach (var viewer in contentViewers)
{
var files = file.GetAssociatedPackageFiles().ToList();
content = viewer.GetView(file, files);
if (content != null)
{
// found a plugin that can read this file, stop
break;
}
}
}
catch (Exception ex) when(!(ex is FileNotFoundException))
{
DiagnosticsClient.TrackException(ex, ViewModel.Package, ViewModel.PublishedOnNuGetOrg);
// don't let plugin crash the app
content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString();
}
isBinary = content is not string;
}
// if plugins fail to read this file, fall back to the default viewer
var truncated = false;
if (content == null)
{
isBinary = FileHelper.IsBinaryFile(file.Name);
if (isBinary)
{
content = Resources.UnsupportedFormatMessage;
}
else
{
content = ReadFileContent(file, out truncated);
}
}
long size = -1;
IReadOnlyList <AuthenticodeSignature> sigs;
SignatureCheckResult isValidSig;
{
// note: later, throught binding converter, SigningCertificate's CN value is extracted through native api
if (AppCompat.IsSupported(RuntimeFeature.Cryptography, RuntimeFeature.NativeMethods))
{
using var stream = file.GetStream();
using var tempFile = new TemporaryFile(stream, Path.GetExtension(file.Name));
var extractor = new FileInspector(tempFile.FileName);
sigs = extractor.GetSignatures().ToList();
isValidSig = extractor.Validate();
size = tempFile.Length;
}
else
{
using var stream = StreamUtility.MakeSeekable(file.GetStream(), disposeOriginal: true);
var peFile = new PeFile(stream);
var certificate = CryptoUtility.GetSigningCertificate(peFile);
if (certificate is not null)
{
sigs = new List <AuthenticodeSignature>(0);
isValidSig = SignatureCheckResult.UnknownProvider;
}
else
{
sigs = new List <AuthenticodeSignature>(0);
isValidSig = SignatureCheckResult.NoSignature;
}
size = peFile.FileSize;
}
}
var fileInfo = new FileContentInfo(
file,
file.Path,
content,
!isBinary,
size,
truncated,
sigs,
isValidSig);
ViewModel.ShowFile(fileInfo);
}
