public void Read(ReaderContext ctxt, BlobReader reader, bool isFat, Func<OpCode, Row, object> resolveRow)
{
if (isFat)
{
Flags = (CorILExceptionClause)reader.ReadUInt32();
TryOffset = (int)reader.ReadUInt32();
TryLength = (int)reader.ReadUInt32();
HandlerOffset = (int)reader.ReadUInt32();
HandlerLength = (int)reader.ReadUInt32();
}
else
{
Flags = (CorILExceptionClause)reader.ReadUInt16();
TryOffset = (int)reader.ReadUInt16();
TryLength = (int)reader.ReadByte();
HandlerOffset = (int)reader.ReadUInt16();
HandlerLength = (int)reader.ReadByte();
}
var rowRef = default(TokenRef);
rowRef.Read(ctxt, reader);
rowRef.ResolveIndexes(ctxt);
Class = rowRef.Value == null ? null : resolveRow(OpCode.Ldobj, rowRef.Value);
if (Flags == CorILExceptionClause.Filter)
FilterOffset = (int)reader.ReadUInt32();
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
if (reader.RemainingBytes < Size)
throw new PEException("missing DOSHeader");
var actualPrefix = reader.ReadBytes((uint)prefix.Length);
if (!EqualBytes(actualPrefix, prefix))
throw new PEException("invalid DOSHeader.Prefix");
LfaNew.Read(reader);
if (LfaNew.Offset < Size)
throw new PEException("invalid DOSHeader.LfaNew");
var actualSuffix = reader.ReadBytes((uint)suffix.Length);
if (!EqualBytes(actualSuffix, suffix))
throw new PEException("invalid DOSHeader.Suffix");
Final = reader.ReadUInt32();
if (ctxt.Tracer != null)
LfaNew.Append(ctxt, "DOSHeader.LfaNew");
}
//
// Phase 0: File headers
//
public ReaderContext(string fileName, Writer tracer)
{
Tracer = tracer;
FileName = fileName;
try
{
// Ideally next two lines would be atomic
LastWriteTime = File.GetLastWriteTimeUtc(fileName);
var data = File.ReadAllBytes(FileName);
fileReader = new BlobReader(data);
}
catch (IOException e)
{
throw new PEException("unable to load file: " + e.Message);
}
OffsetToStringCache = new Map<uint, string>();
StringToOffsetCache = new Map<string, uint>();
OffsetToUserStringCache = new Map<uint, string>();
UserStringToOffsetCache = new Map<string, uint>();
OffsetToSignatureCache = new Map<uint, Signature>();
SignatureToOffsetCache = new Map<Signature, uint>();
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
if (reader == null)
Fixups = new VtableFixup[0];
else
{
var initOffset = reader.Offset;
var n = 0;
while (!reader.AtEndOfBlob) {
VtableFixup.Skip(reader);
n++;
}
reader.Offset = initOffset;
Fixups = new VtableFixup[n];
for (var i = 0; i < n; i++)
Fixups[i].Read(ctxt, reader);
}
}
public static void Skip(BlobReader reader)
{
reader.Offset += StructSize;
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var initOffset = reader.Offset;
var n = 0;
while (!reader.AtEndOfBlob) {
FixupBlock.Skip(reader);
n++;
}
Blocks = new FixupBlock[n];
reader.Offset = initOffset;
for (var i = 0; i < n; i++)
Blocks[i].Read(ctxt, reader);
}
public static void Skip(BlobReader reader)
{
reader.Offset += 4;
var blockSize = reader.ReadUInt32();
reader.Offset += blockSize - 8;
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var actualHint = reader.ReadUInt16();
if (actualHint != hint)
throw new PEException("invalid HintNameTable.Hint");
Name = reader.ReadAsciiZeroTerminatedString(1);
if (!Name.Equals(ExeHintName, StringComparison.Ordinal) &&
!Name.Equals(DllHintName, StringComparison.Ordinal))
throw new PEException("invalid HintNameTable.Name");
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
ImportLookupTable.Read(reader);
var actualDateTimeStamp = reader.ReadUInt32();
if (actualDateTimeStamp != dateTimeStamp)
throw new PEException("invalid ImportTable.DateTimeStamp");
var actualForwarderChain = reader.ReadUInt32();
if (actualForwarderChain != forwarderChain)
throw new PEException("invalid ImportTable.ForwarderChain");
Name.Read(reader);
ImportAddressTable.Read(reader);
reader.Pad(paddingBytes);
}
public void Read(ReaderContext ctxt, BlobReader reader, uint beginOffset, Func<OpCode, Row, object> resolveRow)
{
Offset = (int)(reader.Offset - beginOffset);
OpCode = (OpCode)reader.ReadByte();
if (OpCode == OpCode.Prefix1)
OpCode = (OpCode)((ushort)OpCode << 8 | reader.ReadByte());
Value = default(object);
switch (OpCode)
{
case OpCode.Nop:
case OpCode.Break:
case OpCode.Ldarg_0:
case OpCode.Ldarg_1:
case OpCode.Ldarg_2:
case OpCode.Ldarg_3:
case OpCode.Ldloc_0:
case OpCode.Ldloc_1:
case OpCode.Ldloc_2:
case OpCode.Ldloc_3:
case OpCode.Stloc_0:
case OpCode.Stloc_1:
case OpCode.Stloc_2:
case OpCode.Stloc_3:
case OpCode.Ldnull:
case OpCode.Ldc_i4_m1:
case OpCode.Ldc_i4_0:
case OpCode.Ldc_i4_1:
case OpCode.Ldc_i4_2:
case OpCode.Ldc_i4_3:
case OpCode.Ldc_i4_4:
case OpCode.Ldc_i4_5:
case OpCode.Ldc_i4_6:
case OpCode.Ldc_i4_7:
case OpCode.Ldc_i4_8:
case OpCode.Dup:
case OpCode.Pop:
case OpCode.Ret:
case OpCode.Ldind_i1:
case OpCode.Ldind_u1:
case OpCode.Ldind_i2:
case OpCode.Ldind_u2:
case OpCode.Ldind_i4:
case OpCode.Ldind_u4:
case OpCode.Ldind_i8:
case OpCode.Ldind_i:
case OpCode.Ldind_r4:
case OpCode.Ldind_r8:
case OpCode.Ldind_ref:
case OpCode.Stind_ref:
case OpCode.Stind_i1:
case OpCode.Stind_i2:
case OpCode.Stind_i4:
case OpCode.Stind_i8:
case OpCode.Stind_r4:
case OpCode.Stind_r8:
case OpCode.Add:
case OpCode.Sub:
case OpCode.Mul:
case OpCode.Div:
case OpCode.Div_un:
case OpCode.Rem:
case OpCode.Rem_un:
case OpCode.And:
case OpCode.Or:
case OpCode.Xor:
case OpCode.Shl:
case OpCode.Shr:
case OpCode.Shr_un:
case OpCode.Neg:
case OpCode.Not:
case OpCode.Conv_i1:
case OpCode.Conv_i2:
case OpCode.Conv_i4:
case OpCode.Conv_i8:
case OpCode.Conv_r4:
case OpCode.Conv_r8:
case OpCode.Conv_u4:
case OpCode.Conv_u8:
case OpCode.Conv_r_un:
case OpCode.Throw:
case OpCode.Conv_ovf_i1_un:
case OpCode.Conv_ovf_i2_un:
case OpCode.Conv_ovf_i4_un:
case OpCode.Conv_ovf_i8_un:
case OpCode.Conv_ovf_u1_un:
case OpCode.Conv_ovf_u2_un:
case OpCode.Conv_ovf_u4_un:
case OpCode.Conv_ovf_u8_un:
case OpCode.Conv_ovf_i_un:
case OpCode.Conv_ovf_u_un:
case OpCode.Ldlen:
case OpCode.Ldelem_i1:
case OpCode.Ldelem_u1:
case OpCode.Ldelem_i2:
case OpCode.Ldelem_u2:
case OpCode.Ldelem_i4:
case OpCode.Ldelem_u4:
case OpCode.Ldelem_i8:
case OpCode.Ldelem_i:
case OpCode.Ldelem_r4:
case OpCode.Ldelem_r8:
case OpCode.Ldelem_ref:
case OpCode.Stelem_i:
case OpCode.Stelem_i1:
case OpCode.Stelem_i2:
case OpCode.Stelem_i4:
case OpCode.Stelem_i8:
case OpCode.Stelem_r4:
case OpCode.Stelem_r8:
case OpCode.Stelem_ref:
case OpCode.Conv_ovf_i1:
case OpCode.Conv_ovf_u1:
case OpCode.Conv_ovf_i2:
case OpCode.Conv_ovf_u2:
case OpCode.Conv_ovf_i4:
case OpCode.Conv_ovf_u4:
case OpCode.Conv_ovf_i8:
case OpCode.Conv_ovf_u8:
case OpCode.Ckfinite:
case OpCode.Conv_u2:
case OpCode.Conv_u1:
case OpCode.Conv_i:
case OpCode.Conv_ovf_i:
case OpCode.Conv_ovf_u:
case OpCode.Add_ovf:
case OpCode.Add_ovf_un:
case OpCode.Mul_ovf:
case OpCode.Mul_ovf_un:
case OpCode.Sub_ovf:
case OpCode.Sub_ovf_un:
case OpCode.Endfinally:
case OpCode.Stind_i:
case OpCode.Conv_u:
case OpCode.Prefix7:
case OpCode.Prefix6:
case OpCode.Prefix5:
case OpCode.Prefix4:
case OpCode.Prefix3:
case OpCode.Prefix2:
case OpCode.Prefix1:
case OpCode.Prefixref:
case OpCode.Arglist:
case OpCode.Ceq:
case OpCode.Cgt:
case OpCode.Cgt_un:
case OpCode.Clt:
case OpCode.Clt_un:
case OpCode.Localloc:
case OpCode.Endfilter:
case OpCode.Volatile:
case OpCode.Tailcall:
case OpCode.Cpblk:
case OpCode.Initblk:
case OpCode.Rethrow:
case OpCode.Refanytype:
case OpCode.Readonly:
break;
case OpCode.Br:
case OpCode.Brfalse:
case OpCode.Brtrue:
case OpCode.Beq:
case OpCode.Bge:
case OpCode.Bgt:
case OpCode.Ble:
case OpCode.Blt:
case OpCode.Bne_un:
case OpCode.Bge_un:
case OpCode.Bgt_un:
case OpCode.Ble_un:
case OpCode.Blt_un:
case OpCode.Leave:
{
// NOTE: Delta is w.r.t. start of next instruction
var delta = reader.ReadInt32();
Value = (int)(reader.Offset - beginOffset) + delta;
}
break;
case OpCode.Br_s:
case OpCode.Brfalse_s:
case OpCode.Brtrue_s:
case OpCode.Beq_s:
case OpCode.Bge_s:
case OpCode.Bgt_s:
case OpCode.Ble_s:
case OpCode.Blt_s:
case OpCode.Bne_un_s:
case OpCode.Bge_un_s:
case OpCode.Bgt_un_s:
case OpCode.Ble_un_s:
case OpCode.Blt_un_s:
case OpCode.Leave_s:
{
var delta = reader.ReadSByte();
Value = (int)(reader.Offset - beginOffset) + delta;
}
break;
case OpCode.Ldc_i4_s:
Value = (int)reader.ReadSByte();
break;
case OpCode.Unaligned:
case OpCode.Ldarg_s:
case OpCode.Ldarga_s:
case OpCode.Starg_s:
case OpCode.Ldloc_s:
case OpCode.Ldloca_s:
case OpCode.Stloc_s:
Value = (int)reader.ReadByte();
break;
case OpCode.Ldc_i4:
Value = reader.ReadInt32();
break;
case OpCode.Ldarg:
case OpCode.Ldarga:
case OpCode.Starg:
case OpCode.Ldloc:
case OpCode.Ldloca:
case OpCode.Stloc:
Value = (int)reader.ReadUInt32();
break;
case OpCode.Ldc_i8:
Value = reader.ReadInt64();
break;
case OpCode.Ldc_r4:
Value = reader.ReadSingle();
break;
case OpCode.Ldc_r8:
Value = reader.ReadDouble();
break;
case OpCode.Ldstr:
Value = ReadUserString(ctxt, reader);
break;
case OpCode.Switch:
{
var numTargets = (int)reader.ReadUInt32();
var targets = new Seq<int>(numTargets);
// Read as offsets from end of switch, then fixup to offsets from start of instructions
for (var i = 0; i < numTargets; i++)
targets.Add(reader.ReadInt32());
for (var i = 0; i < numTargets; i++)
targets[i] = (int)(reader.Offset - beginOffset) + targets[i];
Value = targets;
}
break;
case OpCode.Calli:
case OpCode.Ldfld:
case OpCode.Ldflda:
case OpCode.Stfld:
case OpCode.Ldsfld:
case OpCode.Ldsflda:
case OpCode.Stsfld:
case OpCode.Jmp:
case OpCode.Call:
case OpCode.Callvirt:
case OpCode.Newobj:
case OpCode.Ldftn:
case OpCode.Ldvirtftn:
case OpCode.Ldtoken:
case OpCode.Cpobj:
case OpCode.Ldobj:
case OpCode.Castclass:
case OpCode.Isinst:
case OpCode.Unbox:
case OpCode.Stobj:
case OpCode.Box:
case OpCode.Newarr:
case OpCode.Ldelema:
case OpCode.Ldelem:
case OpCode.Stelem:
case OpCode.Unbox_any:
case OpCode.Refanyval:
case OpCode.Mkrefany:
case OpCode.Initobj:
case OpCode.Constrained:
case OpCode.Sizeof:
Value = resolveRow(OpCode, ReadToken(ctxt, reader));
break;
default:
throw new PEException("unrecognised opcode");
}
}
private static string ReadUserString(ReaderContext ctxt, BlobReader reader)
{
var strref = default(UserStringRef);
strref.Read(ctxt, reader);
strref.ResolveIndexes(ctxt);
return strref.Value;
}
private static Row ReadToken(ReaderContext ctxt, BlobReader reader)
{
var rowRef = default(TokenRef);
rowRef.Read(ctxt, reader);
rowRef.ResolveIndexes(ctxt);
return rowRef.Value;
}
private bool ReadMethodDataSection(ReaderContext ctxt, BlobReader reader, Func<OpCode, Row, object> resolveRow)
{
reader.Align(4);
var flags = (CorILMethodSect)reader.ReadByte();
if ((flags & CorILMethodSect.EHTable) == 0)
throw new PEException("unrecognised method data section");
var isFat = (flags & CorILMethodSect.FatFormat) != 0;
var count = default(uint);
if (isFat)
{
var size = reader.ReadUInt24();
if (size < 4 || (size - 4) % 24 != 0)
throw new InvalidOperationException("invalid method data section");
count = (size - 4) / 24;
}
else
{
var size = (uint)reader.ReadByte();
// NOTE: Looks live VB emits size without including the 4 byte header...
if (size < 4 || (size - 4) % 12 != 0)
throw new InvalidOperationException("invalid method data section");
var padding = reader.ReadUInt16();
if (padding != 0)
throw new PEException("unexpected data");
count = (size - 4) / 12;
}
for (var i = 0; i < count; i++)
{
var c = new ExceptionHandlingClause();
c.Read(ctxt, reader, isFat, resolveRow);
ExceptionHandlingClauses.Add(c);
}
return (flags & CorILMethodSect.MoreSects) != 0;
}
public void Read(ReaderContext ctxt, BlobReader reader, Func<OpCode, Row, object> resolveRow)
{
ExceptionHandlingClauses = new Seq<ExceptionHandlingClause>();
var firstByte = reader.ReadByte();
var formatKind = (CorILMethod)(firstByte & 0x3);
var bodySize = default(uint);
var more = default(bool);
switch (formatKind)
{
case CorILMethod.TinyFormat:
{
MaxStack = 8;
bodySize = (uint)(firstByte >> 2);
break;
}
case CorILMethod.FatFormat:
{
var secondByte = reader.ReadByte();
var flags = (CorILMethod)(((ushort)(secondByte & 0x7) << 8) | (ushort)firstByte);
IsInitLocals = (flags & CorILMethod.InitLocals) != 0;
var headerSize = (secondByte >> 4) & 0x7;
if (headerSize != 3)
throw new PEException("unexpected method body header size");
MaxStack = (int)reader.ReadUInt16();
bodySize = reader.ReadUInt32();
LocalVarRef.Read(ctxt, reader);
LocalVarRef.ResolveIndexes(ctxt);
more = (flags & CorILMethod.MoreSects) != 0;
break;
}
default:
throw new InvalidOperationException("invalid method body format");
}
if (bodySize > 0)
{
var beginOffset = reader.Offset;
var endOffset = reader.Offset + bodySize;
var n = 0;
while (reader.Offset < endOffset)
{
n++;
Instruction.Skip(reader);
}
reader.Offset = beginOffset;
Instructions = new Instruction[n];
for (var i = 0; i < n; i++)
Instructions[i].Read(ctxt, reader, beginOffset, resolveRow);
}
while (more)
more = ReadMethodDataSection(ctxt, reader, resolveRow);
}
public BlobReader(BlobReader outer, uint offset)
: this(outer.data, outer.baseOffset + offset, outer.dataLimit, outer.readLimit)
{
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
if (reader.RemainingBytes < Size)
throw new PEException("missig PEOptionalHeader");
StandardFields.Read(ctxt, reader);
NTSpecificFields.Read(ctxt, reader);
DataDirectories.Read(ctxt, reader);
}
public static void Skip(BlobReader reader)
{
var opCode = (OpCode)reader.ReadByte();
if (opCode == OpCode.Prefix1)
opCode = (OpCode)((ushort)opCode << 8 | reader.ReadByte());
switch (opCode)
{
case OpCode.Nop:
case OpCode.Break:
case OpCode.Ldarg_0:
case OpCode.Ldarg_1:
case OpCode.Ldarg_2:
case OpCode.Ldarg_3:
case OpCode.Ldloc_0:
case OpCode.Ldloc_1:
case OpCode.Ldloc_2:
case OpCode.Ldloc_3:
case OpCode.Stloc_0:
case OpCode.Stloc_1:
case OpCode.Stloc_2:
case OpCode.Stloc_3:
case OpCode.Ldnull:
case OpCode.Ldc_i4_m1:
case OpCode.Ldc_i4_0:
case OpCode.Ldc_i4_1:
case OpCode.Ldc_i4_2:
case OpCode.Ldc_i4_3:
case OpCode.Ldc_i4_4:
case OpCode.Ldc_i4_5:
case OpCode.Ldc_i4_6:
case OpCode.Ldc_i4_7:
case OpCode.Ldc_i4_8:
case OpCode.Dup:
case OpCode.Pop:
case OpCode.Ret:
case OpCode.Ldind_i1:
case OpCode.Ldind_u1:
case OpCode.Ldind_i2:
case OpCode.Ldind_u2:
case OpCode.Ldind_i4:
case OpCode.Ldind_u4:
case OpCode.Ldind_i8:
case OpCode.Ldind_i:
case OpCode.Ldind_r4:
case OpCode.Ldind_r8:
case OpCode.Ldind_ref:
case OpCode.Stind_ref:
case OpCode.Stind_i1:
case OpCode.Stind_i2:
case OpCode.Stind_i4:
case OpCode.Stind_i8:
case OpCode.Stind_r4:
case OpCode.Stind_r8:
case OpCode.Add:
case OpCode.Sub:
case OpCode.Mul:
case OpCode.Div:
case OpCode.Div_un:
case OpCode.Rem:
case OpCode.Rem_un:
case OpCode.And:
case OpCode.Or:
case OpCode.Xor:
case OpCode.Shl:
case OpCode.Shr:
case OpCode.Shr_un:
case OpCode.Neg:
case OpCode.Not:
case OpCode.Conv_i1:
case OpCode.Conv_i2:
case OpCode.Conv_i4:
case OpCode.Conv_i8:
case OpCode.Conv_r4:
case OpCode.Conv_r8:
case OpCode.Conv_u4:
case OpCode.Conv_u8:
case OpCode.Conv_r_un:
case OpCode.Throw:
case OpCode.Conv_ovf_i1_un:
case OpCode.Conv_ovf_i2_un:
case OpCode.Conv_ovf_i4_un:
case OpCode.Conv_ovf_i8_un:
case OpCode.Conv_ovf_u1_un:
case OpCode.Conv_ovf_u2_un:
case OpCode.Conv_ovf_u4_un:
case OpCode.Conv_ovf_u8_un:
case OpCode.Conv_ovf_i_un:
case OpCode.Conv_ovf_u_un:
case OpCode.Ldlen:
case OpCode.Ldelem_i1:
case OpCode.Ldelem_u1:
case OpCode.Ldelem_i2:
case OpCode.Ldelem_u2:
case OpCode.Ldelem_i4:
case OpCode.Ldelem_u4:
case OpCode.Ldelem_i8:
case OpCode.Ldelem_i:
case OpCode.Ldelem_r4:
case OpCode.Ldelem_r8:
case OpCode.Ldelem_ref:
case OpCode.Stelem_i:
case OpCode.Stelem_i1:
case OpCode.Stelem_i2:
case OpCode.Stelem_i4:
case OpCode.Stelem_i8:
case OpCode.Stelem_r4:
case OpCode.Stelem_r8:
case OpCode.Stelem_ref:
case OpCode.Conv_ovf_i1:
case OpCode.Conv_ovf_u1:
case OpCode.Conv_ovf_i2:
case OpCode.Conv_ovf_u2:
case OpCode.Conv_ovf_i4:
case OpCode.Conv_ovf_u4:
case OpCode.Conv_ovf_i8:
case OpCode.Conv_ovf_u8:
case OpCode.Ckfinite:
case OpCode.Conv_u2:
case OpCode.Conv_u1:
case OpCode.Conv_i:
case OpCode.Conv_ovf_i:
case OpCode.Conv_ovf_u:
case OpCode.Add_ovf:
case OpCode.Add_ovf_un:
case OpCode.Mul_ovf:
case OpCode.Mul_ovf_un:
case OpCode.Sub_ovf:
case OpCode.Sub_ovf_un:
case OpCode.Endfinally:
case OpCode.Stind_i:
case OpCode.Conv_u:
case OpCode.Prefix7:
case OpCode.Prefix6:
case OpCode.Prefix5:
case OpCode.Prefix4:
case OpCode.Prefix3:
case OpCode.Prefix2:
case OpCode.Prefix1:
case OpCode.Prefixref:
case OpCode.Arglist:
case OpCode.Ceq:
case OpCode.Cgt:
case OpCode.Cgt_un:
case OpCode.Clt:
case OpCode.Clt_un:
case OpCode.Localloc:
case OpCode.Endfilter:
case OpCode.Volatile:
case OpCode.Tailcall:
case OpCode.Cpblk:
case OpCode.Initblk:
case OpCode.Rethrow:
case OpCode.Refanytype:
case OpCode.Readonly:
break;
case OpCode.Br_s:
case OpCode.Brfalse_s:
case OpCode.Brtrue_s:
case OpCode.Beq_s:
case OpCode.Bge_s:
case OpCode.Bgt_s:
case OpCode.Ble_s:
case OpCode.Blt_s:
case OpCode.Bne_un_s:
case OpCode.Bge_un_s:
case OpCode.Bgt_un_s:
case OpCode.Ble_un_s:
case OpCode.Blt_un_s:
case OpCode.Leave_s:
case OpCode.Ldc_i4_s:
reader.ReadSByte();
break;
case OpCode.Unaligned:
case OpCode.Ldarg_s:
case OpCode.Ldarga_s:
case OpCode.Starg_s:
case OpCode.Ldloc_s:
case OpCode.Ldloca_s:
case OpCode.Stloc_s:
reader.ReadByte();
break;
case OpCode.Br:
case OpCode.Brfalse:
case OpCode.Brtrue:
case OpCode.Beq:
case OpCode.Bge:
case OpCode.Bgt:
case OpCode.Ble:
case OpCode.Blt:
case OpCode.Bne_un:
case OpCode.Bge_un:
case OpCode.Bgt_un:
case OpCode.Ble_un:
case OpCode.Blt_un:
case OpCode.Leave:
case OpCode.Ldc_i4:
reader.ReadInt32();
break;
case OpCode.Ldfld:
case OpCode.Ldflda:
case OpCode.Stfld:
case OpCode.Ldsfld:
case OpCode.Ldsflda:
case OpCode.Stsfld:
case OpCode.Calli:
case OpCode.Ldstr:
case OpCode.Ldtoken:
case OpCode.Cpobj:
case OpCode.Ldobj:
case OpCode.Castclass:
case OpCode.Isinst:
case OpCode.Unbox:
case OpCode.Stobj:
case OpCode.Box:
case OpCode.Newarr:
case OpCode.Ldelema:
case OpCode.Ldelem:
case OpCode.Stelem:
case OpCode.Unbox_any:
case OpCode.Refanyval:
case OpCode.Mkrefany:
case OpCode.Initobj:
case OpCode.Constrained:
case OpCode.Sizeof:
case OpCode.Ldarg:
case OpCode.Ldarga:
case OpCode.Starg:
case OpCode.Ldloc:
case OpCode.Ldloca:
case OpCode.Stloc:
case OpCode.Jmp:
case OpCode.Call:
case OpCode.Callvirt:
case OpCode.Newobj:
case OpCode.Ldftn:
case OpCode.Ldvirtftn:
reader.ReadUInt32();
break;
case OpCode.Ldc_i8:
reader.ReadInt64();
break;
case OpCode.Ldc_r4:
reader.ReadSingle();
break;
case OpCode.Ldc_r8:
reader.ReadDouble();
break;
case OpCode.Switch:
{
var numTargets = (int)reader.ReadUInt32();
for (var i = 0; i < numTargets; i++)
reader.ReadInt32();
break;
}
default:
throw new PEException("unrecognised opcode");
}
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var name = reader.ReadAsciiZeroPaddedString(8);
if (string.IsNullOrEmpty(name))
throw new PEException("invalid SectionHeader.Name");
if (name.Equals(".text", StringComparison.Ordinal))
Section = Section.Text;
else if (name.Equals(".rsrc", StringComparison.Ordinal))
Section = Section.Rsrc;
else if (name.Equals(".reloc", StringComparison.Ordinal))
Section = Section.Reloc;
else
throw new PEException("invalid SectionHeader.Name");
VirtualSize = reader.ReadUInt32();
VirtualAddress = reader.ReadUInt32();
SizeOfRawData = reader.ReadUInt32();
// NOTE: Virtual size may be less than raw data size
if (VirtualSize > SizeOfRawData)
// Need to support readers with implicit zero padding at end
throw new NotImplementedException();
PointerToRawData.Read(reader);
PointerToRelocations = reader.ReadUInt32();
var actualPointerToLinenumbers = reader.ReadUInt32();
if (actualPointerToLinenumbers != pointerToLinenumbers)
throw new PEException("invalid SectionHeader.PointerToLinenumbers");
NumberOfRelocations = reader.ReadUInt16();
var actualNumberOfLinenumbers = reader.ReadUInt16();
if (actualNumberOfLinenumbers != numberOfLinenumbers)
throw new PEException("invalid SectionHeader.NumberOfLinenumbers");
Characteristics = (ImageSectionCharacteristics)reader.ReadUInt32();
if (ctxt.Tracer != null)
{
ctxt.Tracer.AppendLine("SectionHeader {");
ctxt.Tracer.Indent();
ctxt.Tracer.AppendLine(String.Format("Name: {0}", Section.ToString()));
ctxt.Tracer.AppendLine(String.Format("VirtualSize: {0:x8}", VirtualSize));
ctxt.Tracer.AppendLine(String.Format("VirtualAddress: {0:x8}", VirtualAddress));
ctxt.Tracer.AppendLine(String.Format("SizeOfRawData: {0:x8}", SizeOfRawData));
PointerToRawData.Append(ctxt, "PointerToRawData");
ctxt.Tracer.Outdent();
ctxt.Tracer.AppendLine("}");
}
}
public BlobReader(BlobReader outer, uint offset, uint dataLimit, uint readLimit)
: this(outer.data, outer.baseOffset + offset, outer.baseOffset + dataLimit, outer.baseOffset + readLimit)
{
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
HintNameTable.Read(reader);
if (HintNameTable.Address >> 31 != 0)
throw new PEException("invalid ImportLookupTable/ImportAddressTable.HintNameTable");
var actualPadding = reader.ReadUInt32();
if (actualPadding != padding)
throw new PEException("invalid ImportLookupTable/ImportAddressTable.Padding");
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
Offset.Read(reader);
Size = reader.ReadUInt32();
Name = reader.ReadAsciiZeroTerminatedString(4);
if (string.IsNullOrEmpty(Name))
throw new PEException("invalid StreamHeader.Name");
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var word = reader.ReadUInt16();
Type = (ImageRelocation)(word >> 12);
Offset = (ushort)(word & 0xFFF);
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var actualSignature = reader.ReadUInt32();
if (actualSignature != signature)
throw new PEException("invalid MetadataHeader.Signature");
MajorVersion = reader.ReadUInt16();
MinorVersion = reader.ReadUInt16();
var actualReserved = reader.ReadUInt32();
if (actualReserved != reserved)
throw new PEException("invalid MetadataHeader.Reserved");
Version = reader.ReadUTF8SizedZeroPaddedString(4);
var actualFlags = reader.ReadUInt16();
if (actualFlags != flags)
throw new PEException("invalid MetadataHeader.Flags");
var numStreams = reader.ReadUInt16();
StreamHeaders = new StreamHeader[numStreams];
for (var i = 0; i < numStreams; i++)
StreamHeaders[i].Read(ctxt, reader);
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
Page = reader.ReadUInt32();
if ((Page & 0xfff) != 0)
throw new PEException("invalid FixupBlock.Page");
var blockSize = reader.ReadUInt32();
var numFixupEntries = (blockSize - 8)/ FixupEntry.Size;
Entries = new FixupEntry[(int)numFixupEntries];
for (var i = 0; i < numFixupEntries; i++)
Entries[i].Read(ctxt, reader);
reader.Align(4);
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
if (reader.RemainingBytes < Size)
throw new PEException("missing PEFileHeader");
var actualPrefix = reader.ReadUInt32();
if (actualPrefix != prefix)
throw new PEException("invalid PEFileHeader.Prefix");
var actualMachine = reader.ReadUInt16();
if (actualMachine != machine)
throw new PEException("invalid PEFileHeader.Machine");
var actualNumberOfSections = reader.ReadUInt16();
if (actualNumberOfSections != NumberOfSections)
throw new PEException("invalid PEFileHeader.NumberOfSections");
var seconds = reader.ReadUInt32();
DateTimeStamp = nineteenSeventy.AddSeconds((double)seconds);
var actualPointerToSymbolTable = reader.ReadUInt32();
if (actualPointerToSymbolTable != pointerToSymbolTable)
throw new PEException("invalid PEFileHeader.PointerToSymbolTable");
var actualNumberOfSymbols = reader.ReadUInt32();
if (actualNumberOfSymbols != numberOfSymbols)
throw new PEException("invalid PEFileHeader.NumberOfSymbols");
var actualOptionalHeaderSize = reader.ReadUInt16();
if (actualOptionalHeaderSize != PEOptionalHeader.Size)
throw new PEException("invalid PEFileHeader.OptionalHeaderSize");
Flags = (ImageFileFlags)reader.ReadUInt16();
var check = Flags & ~ImageFileFlags.DLL;
if ((check & setFlags) != setFlags)
throw new PEException("invalid PEFileHeader.Flags");
if ((check & clearFlags) != 0)
throw new PEException("invalid PEFileHeader.Flags");
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var actualCb = reader.ReadUInt32();
if (actualCb != cb)
throw new PEException("invalid CLIHeader.ActualCb");
MajorRuntimeVersion = reader.ReadUInt16();
MinorRuntimeVersion = reader.ReadUInt16();
MetaData.Read(reader);
Flags = (RuntimeFlags)reader.ReadUInt32();
EntryPointToken = reader.ReadUInt32();
Resources.Read(reader);
StrongNameSignature.Read(reader);
var actualCodeManagerTable = reader.ReadUInt64();
if (actualCodeManagerTable != codeManagerTable)
throw new PEException("invalid CLIHeader.CodeManagerTable");
VtableFixups.Read(reader);
var actualExportAddressTableJumps = reader.ReadUInt64();
if (actualExportAddressTableJumps != exportAddressTableJumps)
throw new PEException("invalid CLIHeader.ExportAddressTableJumps");
var actualManagedNativeHeader = reader.ReadUInt64();
if (actualManagedNativeHeader != managedNativeHeader)
throw new PEException("invalid CLIHeader.ManagedNativeHeader");
}
public RVA BaseOfData; // == start of .reloc or .rsrc section, whichever is lower
public void Read(ReaderContext ctxt, BlobReader reader)
{
var actualMagic = reader.ReadUInt16();
if (actualMagic != magic)
throw new PEException("invalid PEHeaderStandardFields.Magic");
LMajor = reader.ReadByte();
if (LMajor < lMajorLow || LMajor > lMajorHigh)
throw new PEException("invalid PEHeaderStandardFields.LMajor");
var actualLMinor = reader.ReadByte();
if (actualLMinor != lMinor)
throw new PEException("invalid PEHeaderStandardFields.LMinor");
CodeSize = reader.ReadUInt32();
InitializedDataSize = reader.ReadUInt32();
var actualUninitializedDataSize = reader.ReadUInt32();
if (actualUninitializedDataSize != uninitializedDataSize)
throw new PEException("invalid PEHeaderStandardFields.UninitializedDataSize");
EntryPoint.Read(reader);
BaseOfCode.Read(reader);
BaseOfData.Read(reader);
if (ctxt.Tracer != null)
{
ctxt.Tracer.AppendLine(String.Format("PEHeaderStandardFields.CodeSize: {0:x8}", CodeSize));
ctxt.Tracer.AppendLine
(String.Format("PEHeaderStandardFields.InitializedDataSize: {0:x8}", InitializedDataSize));
}
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
VirtualAddress = reader.ReadUInt32();
Size = reader.ReadUInt16();
Type = (CorVtable)reader.ReadUInt16();
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
ImageBase = reader.ReadUInt32();
var actualSectionAlignment = reader.ReadUInt32();
if (actualSectionAlignment != sectionAlignment)
throw new PEException("invalid PEHeaderNTSpecificFields.SectionAlignment");
FileAlignment = reader.ReadUInt32();
if (FileAlignment != fileAlignment1 && FileAlignment != fileAlignment2)
throw new PEException("invalid PEHeaderNTSpecificFields.FileAlignment");
var actualOSMajor = reader.ReadUInt16();
if (actualOSMajor != osMajor)
throw new PEException("invalid PEHeaderNTSpecificFields.OSMajor");
var actualOSMinor = reader.ReadUInt16();
if (actualOSMinor != osMinor)
throw new PEException("invalid PEHeaderNTSpecificFields.OSMinor");
var actualUserMajor = reader.ReadUInt16();
if (actualUserMajor != userMajor)
throw new PEException("invalid PEHeaderNTSpecificFields.UserMajor");
var actualUserMinor = reader.ReadUInt16();
if (actualUserMinor != userMinor)
throw new PEException("invalid PEHeaderNTSpecificFields.UserMinor");
var actualSubSysMajor = reader.ReadUInt16();
if (actualSubSysMajor != subSysMajor)
throw new PEException("invalid PEHeaderNTSpecificFields.SubSysMajor");
var actualSubSysMinor = reader.ReadUInt16();
if (actualSubSysMinor != subSysMinor)
throw new PEException("invalid PEHeaderNTSpecificFields.SubSysMinor");
var actualReserved = reader.ReadUInt32();
if (actualReserved != reserved)
throw new PEException("invalid PEHeaderNTSpecificFields.Reserved");
ImageSize = reader.ReadUInt32();
if (ImageSize % sectionAlignment != 0)
throw new PEException("invalid PEHeaderNTSpecificFields.ImageSize");
HeaderSize = reader.ReadUInt32();
if (HeaderSize % FileAlignment != 0)
throw new PEException("invalid PEHeaderNTSpecificFields.HeaderSize");
FileChecksum = reader.ReadUInt32();
SubSystem = (SubSystem)reader.ReadUInt16();
if (SubSystem != SubSystem.WINDOWS_CUI && SubSystem != SubSystem.WINDOWS_GUI)
throw new PEException("invalid PEHeaderNTSpecificFields.SubSystem");
DllFlags = reader.ReadUInt16();
var actualStackReserveSize = reader.ReadUInt32();
if (actualStackReserveSize != stackReserveSize)
throw new PEException("invalid PEHeaderNTSpecificFields.StackReserveSize");
StackCommitSize = reader.ReadUInt32();
HeapReserveSize = reader.ReadUInt32();
HeapCommitSize = reader.ReadUInt32();
var actualLoaderFlags = reader.ReadUInt32();
if (actualLoaderFlags != loaderFlags)
throw new PEException("invalid PEHeaderNTSpecificFields.LoaderFlags");
var actualNumberOfDataDirectories = reader.ReadUInt32();
if (actualNumberOfDataDirectories != numberOfDataDirectories)
throw new PEException("invalid PEHeaderNTSpecificFields.NumberOfDataDirectories");
if (ctxt.Tracer != null)
{
ctxt.Tracer.AppendLine(String.Format("PEHeaderNTSpecificFields.ImageBase: {0:x8}", ImageBase));
ctxt.Tracer.AppendLine(String.Format("PEHeaderNTSpecificFields.ImageSize: {0:x8}", ImageSize));
ctxt.Tracer.AppendLine(String.Format("PEHeaderNTSpecificFields.HeaderSize: {0:x8}", HeaderSize));
ctxt.Tracer.AppendLine(String.Format("PEHeaderNTSpecificFields.FileChecksum: {0:x8}", FileChecksum));
}
}
public void Read(ReaderContext ctxt, BlobReader reader)
{
var actualExportTable = reader.ReadUInt64();
if (actualExportTable != exportTable)
throw new PEException("invalid PEHeaderDataDirecties.ExportTable");
ImportTable.Read(reader);
ResourceTable.Read(reader);
var actualExceptionTable = reader.ReadUInt64();
if (actualExceptionTable != exceptionTable)
throw new PEException("invalid PEHeaderDataDirecties.ExceptionTable");
CertificateTable.Read(reader);
BaseRelocationTable.Read(reader);
Debug.Read(reader);
var actualCopyright = reader.ReadUInt64();
if (actualCopyright != copyright)
throw new PEException("invalid PEHeaderDataDirecties.Copyright");
var actualGlobalPtr = reader.ReadUInt64();
if (actualGlobalPtr != globalPtr)
throw new PEException("invalid PEHeaderDataDirecties.GlobalPtr");
var actualTLSTable = reader.ReadUInt64();
if (actualTLSTable != tlsTable)
throw new PEException("invalid PEHeaderDataDirecties.TlsTable");
var actualLoadConfigTable = reader.ReadUInt64();
if (actualLoadConfigTable != loadConfigTable)
throw new PEException("invalid PEHeaderDataDirecties.LoadConfigTable");
var actualBoundImport = reader.ReadUInt64();
if (actualBoundImport != boundImport)
throw new PEException("invalid PEHeaderDataDirecties.BoundImport");
IAT.Read(reader);
var actualDelayImportDescriptor = reader.ReadUInt64();
if (actualDelayImportDescriptor != delayImportDescriptor)
throw new PEException("invalid PEHeaderDataDirecties.DelayImportDescriptor");
CLIHeader.Read(reader);
var actualReserved = reader.ReadUInt64();
if (actualReserved != reserved)
throw new PEException("invalid PEHeaderDataDirecties.Reserved");
}
public override void ReadRest(ReaderContext ctxt, BlobReader reader)
{
if (TypeArity > 0)
TypeArity = (int)reader.ReadCompressedUInt32();
var paramCount = (int)reader.ReadCompressedUInt32();
ReturnType = new TypeWithCustomMods();
ReturnType.Read(ctxt, reader);
var sentinelIndex = -1;
if (paramCount > 0)
{
var parameters = new Seq<TypeWithCustomMods>(paramCount);
for (var i = 0; i < paramCount; i++)
{
var param = new TypeWithCustomMods();
param.Read(ctxt, reader);
if (param.Type.IsSentinel)
{
if (CallingConvention == CallingConvention.ManagedVarArg ||
CallingConvention == CallingConvention.NativeC)
{
if (sentinelIndex > 0)
throw new PEException("multiple sentinels in VARARG/C signature");
sentinelIndex = i;
i--;
}
else
throw new PEException("unexpected sentinel in non-VARARG/C signature");
}
else
parameters.Add(param);
}
Parameters = parameters;
}
else
Parameters = Constants.EmptyTypeWithCustomMods;
VarArgs = sentinelIndex < 0 ? 0 : paramCount - sentinelIndex;
}
