unsafe void IProgressTask.Execute(IProgress progress)
{
this.progress = progress;
if (infos.Length == 0)
{
return;
}
uint maxSize = infos.Max(a => a.Size);
var buf = new byte[maxSize];
byte[] buf2 = null;
foreach (var info in infos)
{
progress.ThrowIfCancellationRequested();
progress.SetDescription(Path.GetFileName(info.Filename));
simpleProcessReader.Read(info.ProcessHandle, info.Address, buf, 0, info.Size);
progress.ThrowIfCancellationRequested();
currentProgress++;
progress.SetTotalProgress(currentProgress);
byte[] data = buf;
int dataSize = (int)info.Size;
if (info.MemoryLayout)
{
if (buf2 == null)
{
buf2 = new byte[buf.Length];
}
data = buf2;
progress.ThrowIfCancellationRequested();
Array.Clear(buf2, 0, dataSize);
WritePEFile(buf, buf2, dataSize, out dataSize);
}
var file = File.Create(info.Filename);
try {
file.Write(data, 0, dataSize);
currentProgress++;
progress.SetTotalProgress(currentProgress);
}
catch {
file.Dispose();
try { File.Delete(info.Filename); }
catch { }
throw;
}
finally {
file.Dispose();
}
}
}
public bool UpdateMemory()
{
if (Process.HasExited)
{
return(false);
}
//TODO: Only compare the smallest possible region, eg. all MD and IL bodies. Don't include writable sects.
var newData = new byte[data.Length];
simpleProcessReader.Read(Process.CorProcess.Handle, Address, newData, 0, data.Length);
if (Equals(data, newData))
{
return(false);
}
Array.Copy(newData, data, data.Length);
return(true);
}
public static MemoryModuleDefFile Create(SimpleProcessReader simpleProcessReader, DnModule dnModule, bool loadSyms)
{
Debug.Assert(!dnModule.IsDynamic);
Debug.Assert(dnModule.Address != 0);
ulong address = dnModule.Address;
var process = dnModule.Process;
var data = new byte[dnModule.Size];
string location = dnModule.IsInMemory ? string.Empty : dnModule.Name;
simpleProcessReader.Read(process.CorProcess.Handle, address, data, 0, data.Length);
var peImage = new PEImage(data, GetImageLayout(dnModule), true);
var module = ModuleDefMD.Load(peImage);
module.Location = location;
bool autoUpdateMemory = false; //TODO: Init to default value
if (GacInfo.IsGacPath(dnModule.Name))
{
autoUpdateMemory = false; // GAC files are not likely to decrypt methods in memory
}
return(new MemoryModuleDefFile(simpleProcessReader, process, address, data, dnModule.IsInMemory, module, loadSyms, autoUpdateMemory));
}
public static MemoryModuleDefFile Create(SimpleProcessReader simpleProcessReader, DnModule dnModule, bool loadSyms) {
Debug.Assert(!dnModule.IsDynamic);
Debug.Assert(dnModule.Address != 0);
ulong address = dnModule.Address;
var process = dnModule.Process;
var data = new byte[dnModule.Size];
string location = dnModule.IsInMemory ? string.Empty : dnModule.Name;
simpleProcessReader.Read(process.CorProcess.Handle, address, data, 0, data.Length);
var peImage = new PEImage(data, GetImageLayout(dnModule), true);
var module = ModuleDefMD.Load(peImage);
module.Location = location;
bool autoUpdateMemory = false;//TODO: Init to default value
if (GacInfo.IsGacPath(dnModule.Name))
autoUpdateMemory = false; // GAC files are not likely to decrypt methods in memory
return new MemoryModuleDefFile(simpleProcessReader, process, address, data, dnModule.IsInMemory, module, loadSyms, autoUpdateMemory);
}