static Instruction create(OpCode opcode, object operand)
{
return(new Instruction {
OpCode = opcode,
Operand = operand,
});
}
public static ROpCode ConvertOpCode(OpCode opcode)
{
if (dnlibToReflection.TryGetValue(opcode, out ropcode))
{
return(ropcode);
}
return(ROpCodes.Nop);
}
ROpCode convertOpCode(OpCode opcode)
{
ROpCode ropcode;
if (dnlibToReflection.TryGetValue(opcode, out ropcode))
{
return(ropcode);
}
return(ROpCodes.Nop);
}
static public bool IsFallThrough(OpCode opCode) {
switch (opCode.FlowControl) {
case FlowControl.Call:
return opCode != OpCodes.Jmp;
case FlowControl.Cond_Branch:
case FlowControl.Next:
return true;
default:
return false;
}
}
private OpCode ReverseOperation(OpCode operation)
{
switch (operation.Code)
{
case Code.Add: return(OpCodes.Sub);
case Code.Sub: return(OpCodes.Add);
case Code.Xor: return(OpCodes.Xor);
default: throw new NotImplementedException();
}
}
public static bool IsUnconditionalBranch(OpCode opcode)
{
if (opcode.OpCodeType == OpCodeType.Prefix)
return false;
switch (opcode.FlowControl) {
case FlowControl.Branch:
case FlowControl.Throw:
case FlowControl.Return:
return true;
default:
return false;
}
}
private static OpCode GetRandomOperator()
{
OpCode operation = null;
switch (random.Next(0, 2))
{
case 0: operation = OpCodes.Add; break;
case 1: operation = OpCodes.Sub; break;
case 2: operation = OpCodes.Xor; break;
}
return(operation);
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
var name = field.Name.String;
callOpcode = OpCodes.Call;
if (name.EndsWith("%", StringComparison.Ordinal)) {
callOpcode = OpCodes.Callvirt;
name = name.TrimEnd(new char[] { '%' });
}
byte[] value = Convert.FromBase64String(name);
int methodIndex = BitConverter.ToInt32(value, 0); // 0-based memberRef index
var mr = module.ResolveMemberRef((uint)methodIndex + 1);
if (mr == null || !mr.IsMethodRef)
throw new ApplicationException(string.Format("Invalid MemberRef index: {0}", methodIndex));
calledMethod = mr;
}
private OpCode getRandomOperation()
{
OpCode operation = null;
switch (r.Next(0, 3))
{
case 0: operation = OpCodes.Add; break;
case 1: operation = OpCodes.Sub; break;
case 2: operation = OpCodes.Xor; break;
}
return(operation);
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
var ctx = (Context)context;
switch (ctx.proxyCreatorType) {
case ProxyCreatorType.CallOrCallvirt:
callOpcode = field.IsFamilyOrAssembly ? OpCodes.Callvirt : OpCodes.Call;
break;
case ProxyCreatorType.CallCtor:
callOpcode = OpCodes.Call;
break;
case ProxyCreatorType.Newobj:
callOpcode = OpCodes.Newobj;
break;
default:
throw new ApplicationException(string.Format("Invalid proxy creator type: {0}", ctx.proxyCreatorType));
}
calledMethod = module.ResolveToken(ctx.methodToken) as IMethod;
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
callOpcode = OpCodes.Call;
string name = field.Name.String;
uint memberRefRid = 0;
for (int i = name.Length - 1; i >= 0; i--) {
char c = name[i];
if (c == '~') {
callOpcode = OpCodes.Callvirt;
break;
}
int val;
if (specialCharsDict.TryGetValue(c, out val))
memberRefRid = memberRefRid * (uint)specialChars.Length + (uint)val;
}
memberRefRid++;
calledMethod = module.ResolveMemberRef(memberRefRid);
if (calledMethod == null)
Logger.w("Ignoring invalid method RID: {0:X8}, field: {1:X8}", memberRefRid, field.MDToken.ToInt32());
}
public static string GetOpCodeDocumentation(OpCode code) {
int index = (int)code.Code;
int hi = index >> 8;
if (hi == 0xFE)
index -= 0xFD00;
else if (hi != 0)
return null;
var s = cachedOpCodeDocs[index];
if (s != null)
return s;
var docProvider = XmlDocLoader.MscorlibDocumentation;
if (docProvider != null) {
string docXml = docProvider.GetDocumentation("F:System.Reflection.Emit.OpCodes." + code.Code.ToString());
if (docXml != null) {
XmlDocRenderer renderer = new XmlDocRenderer();
renderer.AddXmlDocumentation(docXml);
return cachedOpCodeDocs[index] = renderer.ToString();
}
}
return null;
}
static int FindInstruction(IList<Instruction> instrs, int index, OpCode opcode) {
if (index < 0)
return -1;
for (int i = index; i < instrs.Count; i++) {
if (instrs[i].OpCode == opcode)
return i;
}
return -1;
}
protected void Add(MethodDef oldMethod, IMethod newMethod, OpCode opCode) {
if (oldMethod == null)
return;
oldToNewMethod.Add(oldMethod, new NewMethodInfo(opCode, newMethod));
}
void GetCallInfo_v18_r75367(DelegateInitInfo info, ProxyCreatorInfo creatorInfo, out IMethod calledMethod, out OpCode callOpcode, Func<ProxyCreatorInfo, uint, uint> getRid) {
var sig = module.ReadBlob(info.field.MDToken.Raw);
int len = sig.Length;
uint magic = (uint)((sig[len - 2] << 24) | (sig[len - 3] << 16) | (sig[len - 5] << 8) | sig[len - 6]);
uint rid = getRid(creatorInfo, magic);
int token = (sig[len - 7] << 24) | (int)rid;
uint table = (uint)token >> 24;
if (table != 6 && table != 0x0A && table != 0x2B)
throw new ApplicationException("Invalid method token");
calledMethod = module.ResolveToken(token) as IMethod;
callOpcode = GetCallOpCode(creatorInfo, info.field);
}
object CreateDNLibOperand(OpCode opcode, Value op) {
if (op is Int32Value)
return ((Int32Value)op).Value;
if (op is StringValue)
return ((StringValue)op).value;
return null;
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
throw new System.NotImplementedException();
}
ROpCode ConvertOpCode(OpCode opcode)
{
ROpCode ropcode;
if (dnlibToReflection.TryGetValue(opcode, out ropcode))
return ropcode;
return ROpCodes.Nop;
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
calledMethod = module.ResolveToken(0x06000000 + field.MDToken.ToInt32()) as IMethod;
callOpcode = OpCodes.Call;
}
IField FixLoadStoreFieldInstruction(Instruction instr, IField fieldRef, OpCode staticInstr, OpCode instanceInstr)
{
var field = deobfuscatorContext.ResolveField(fieldRef);
bool isStatic;
if (field == null) {
Logger.w("Could not resolve field {0:X8}. Assuming it's not static.", fieldRef == null ? 0 : fieldRef.MDToken.Raw);
isStatic = false;
}
else
isStatic = field.IsStatic;
instr.OpCode = isStatic ? staticInstr : instanceInstr;
return fieldRef;
}
public bool GetFlippedBranchOpCode(out OpCode opcode) {
switch (OpCode.Code) {
case Code.Bge: opcode = OpCodes.Blt; return true;
case Code.Bge_S: opcode = OpCodes.Blt_S; return true;
case Code.Bge_Un: opcode = OpCodes.Blt_Un; return true;
case Code.Bge_Un_S: opcode = OpCodes.Blt_Un_S; return true;
case Code.Blt: opcode = OpCodes.Bge; return true;
case Code.Blt_S: opcode = OpCodes.Bge_S; return true;
case Code.Blt_Un: opcode = OpCodes.Bge_Un; return true;
case Code.Blt_Un_S: opcode = OpCodes.Bge_Un_S; return true;
case Code.Bgt: opcode = OpCodes.Ble; return true;
case Code.Bgt_S: opcode = OpCodes.Ble_S; return true;
case Code.Bgt_Un: opcode = OpCodes.Ble_Un; return true;
case Code.Bgt_Un_S: opcode = OpCodes.Ble_Un_S; return true;
case Code.Ble: opcode = OpCodes.Bgt; return true;
case Code.Ble_S: opcode = OpCodes.Bgt_S; return true;
case Code.Ble_Un: opcode = OpCodes.Bgt_Un; return true;
case Code.Ble_Un_S: opcode = OpCodes.Bgt_Un_S; return true;
case Code.Brfalse: opcode = OpCodes.Brtrue; return true;
case Code.Brfalse_S:opcode = OpCodes.Brtrue_S; return true;
case Code.Brtrue: opcode = OpCodes.Brfalse; return true;
case Code.Brtrue_S: opcode = OpCodes.Brfalse_S; return true;
// Can't flip beq and bne.un since it's object vs uint/float
case Code.Beq:
case Code.Beq_S:
case Code.Bne_Un:
case Code.Bne_Un_S:
default:
opcode = OpCodes.Nop; // Whatever...
return false;
}
}
public static OpCodeInfo Get(OpCode opCode)
{
return Get(opCode.Code);
}
public ConvInfo(byte type, bool second, bool third, OpCode opCode) {
this.Type = type;
this.Second = second;
this.Third = third;
this.OpCode = opCode;
}
private OpCode ReverseOperator(OpCode operation)
{
switch (operation.Code)
{
case Code.Add: return OpCodes.Sub;
case Code.Sub: return OpCodes.Add;
case Code.Xor: return OpCodes.Xor;
default: throw new NotImplementedException();
}
}
protected override void getCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode)
{
uint rid = 0;
foreach (var c in field.Name.String)
rid = (rid << 4) + (uint)hexToInt((char)((byte)c + 0x2F));
rid &= 0x00FFFFFF;
calledMethod = module.ResolveMemberRef(rid);
var calledMethodDef = DotNetUtils.getMethod2(module, calledMethod);
if (calledMethodDef != null) {
proxyMethodsType = calledMethodDef.DeclaringType;
proxyTargetMethods.add(calledMethodDef, true);
calledMethod = calledMethodDef;
}
callOpcode = OpCodes.Call;
}
static bool CanThrowException(OpCode opcode)
{
if (opcode.OpCodeType == OpCodeType.Prefix)
return false;
return OpCodeInfo.Get(opcode).CanThrow;
}
static bool IsBranch(OpCode opcode)
{
if (opcode.OpCodeType == OpCodeType.Prefix)
return false;
switch (opcode.FlowControl) {
case FlowControl.Cond_Branch:
case FlowControl.Branch:
case FlowControl.Throw:
case FlowControl.Return:
return true;
case FlowControl.Next:
case FlowControl.Call:
return false;
default:
throw new NotSupportedException(opcode.FlowControl.ToString());
}
}
static Instruction create(OpCode opcode, object operand)
{
return new Instruction {
OpCode = opcode,
Operand = operand,
};
}
private OpCodeInfo(OpCode opcode)
{
this.opcode = opcode;
this.CanThrow = true;
}
protected override void GetCallInfo(object context, FieldDef field, out IMethod calledMethod, out OpCode callOpcode) {
byte flags = reader.ReadByte();
int methodToken = 0x06000000 + ((flags & 0x3F) << 24) + (int)reader.ReadCompressedUInt32();
int genericTypeToken = (flags & 0x40) == 0 ? -1 : 0x1B000000 + (int)reader.ReadCompressedUInt32();
callOpcode = (flags & 0x80) != 0 ? OpCodes.Callvirt : OpCodes.Call;
calledMethod = module.ResolveToken(methodToken) as IMethod;
if (calledMethod == null)
throw new ApplicationException("Could not find method");
if (genericTypeToken != -1 && calledMethod.DeclaringType.MDToken.ToInt32() != genericTypeToken)
throw new ApplicationException("Invalid declaring type token");
}
IField fixLoadStoreFieldInstruction(Instruction instr, int token, OpCode staticInstr, OpCode instanceInstr)
{
var fieldRef = module.ResolveToken(token) as IField;
var field = deobfuscatorContext.resolveField(fieldRef);
bool isStatic;
if (field == null) {
Logger.w("Could not resolve field {0:X8}. Assuming it's not static.", token);
isStatic = false;
}
else
isStatic = field.IsStatic;
instr.OpCode = isStatic ? staticInstr : instanceInstr;
return fieldRef;
}
static OpCode InverseBranch(OpCode opCode)
{
switch (opCode.Code) {
case Code.Bge:
return OpCodes.Blt;
case Code.Bge_Un:
return OpCodes.Blt_Un;
case Code.Blt:
return OpCodes.Bge;
case Code.Blt_Un:
return OpCodes.Bge_Un;
case Code.Bgt:
return OpCodes.Ble;
case Code.Bgt_Un:
return OpCodes.Ble_Un;
case Code.Ble:
return OpCodes.Bgt;
case Code.Ble_Un:
return OpCodes.Bgt_Un;
case Code.Brfalse:
return OpCodes.Brtrue;
case Code.Brtrue:
return OpCodes.Brfalse;
case Code.Beq:
return OpCodes.Bne_Un;
case Code.Bne_Un:
return OpCodes.Beq;
}
throw new NotSupportedException();
}
public static void AddOperand(IList<short> instrs, ModuleDefMD module, uint offset, OpCode opCode, object operand)
{
Instruction target;
IVariable variable;
switch (opCode.OperandType) {
case OperandType.InlineBrTarget:
target = operand as Instruction;
if (target == null)
instrs.AddUnknownInt32();
else
instrs.AddInt32(unchecked((int)target.Offset - (int)(offset + 4)));
break;
case OperandType.InlineField:
case OperandType.InlineMethod:
case OperandType.InlineTok:
case OperandType.InlineType:
var tok = operand as ITokenOperand;
instrs.AddToken(module, tok == null ? 0 : tok.MDToken.Raw);
break;
case OperandType.InlineSig:
var msig = operand as MethodSig;
instrs.AddToken(module, msig == null ? 0 : msig.OriginalToken);
break;
case OperandType.InlineString:
instrs.AddUnknownInt32();
break;
case OperandType.InlineI:
if (operand is int)
instrs.AddInt32((int)operand);
else
instrs.AddUnknownInt32();
break;
case OperandType.InlineI8:
if (operand is long)
instrs.AddInt64((long)operand);
else
instrs.AddUnknownInt64();
break;
case OperandType.InlineR:
if (operand is double)
instrs.AddDouble((double)operand);
else
instrs.AddUnknownInt64();
break;
case OperandType.ShortInlineR:
if (operand is float)
instrs.AddSingle((float)operand);
else
instrs.AddUnknownInt32();
break;
case OperandType.InlineSwitch:
var targets = operand as IList<Instruction>;
if (targets == null)
instrs.AddUnknownInt32();
else {
uint offsetAfter = offset + 4 + (uint)targets.Count * 4;
instrs.AddInt32(targets.Count);
foreach (var instr in targets) {
if (instr == null)
instrs.AddUnknownInt32();
else
instrs.AddInt32(unchecked((int)instr.Offset - (int)offsetAfter));
}
}
break;
case OperandType.InlineVar:
variable = operand as IVariable;
if (variable == null)
instrs.AddUnknownInt16();
else if (ushort.MinValue <= variable.Index && variable.Index <= ushort.MaxValue)
instrs.AddInt16(unchecked((short)variable.Index));
else
instrs.AddUnknownInt16();
break;
case OperandType.ShortInlineVar:
variable = operand as IVariable;
if (variable == null)
instrs.AddUnknownByte();
else if (byte.MinValue <= variable.Index && variable.Index <= byte.MaxValue)
instrs.Add((byte)variable.Index);
else
instrs.AddUnknownByte();
break;
case OperandType.ShortInlineBrTarget:
target = operand as Instruction;
if (target == null)
instrs.AddUnknownByte();
else {
int displ = unchecked((int)target.Offset - (int)(offset + 1));
if (sbyte.MinValue <= displ && displ <= sbyte.MaxValue)
instrs.Add((short)(displ & 0xFF));
else
instrs.AddUnknownByte();
}
break;
case OperandType.ShortInlineI:
if (operand is sbyte)
instrs.Add((short)((sbyte)operand & 0xFF));
else if (operand is byte)
instrs.Add((short)((byte)operand & 0xFF));
else
instrs.AddUnknownByte();
break;
case OperandType.InlineNone:
case OperandType.InlinePhi:
break;
default: throw new InvalidOperationException();
}
}
object Create(IToolTipContentCreatorContext context, OpCode opCode)
{
var creator = context.Create();
var s = ILLanguageHelper.GetOpCodeDocumentation(opCode);
string opCodeHex = opCode.Size > 1 ? string.Format("0x{0:X4}", opCode.Value) : string.Format("0x{0:X2}", opCode.Value);
creator.Output.Write(opCode.Name, TextTokenKind.OpCode);
creator.Output.WriteSpace();
creator.Output.Write("(", TextTokenKind.Operator);
creator.Output.Write(opCodeHex, TextTokenKind.Number);
creator.Output.Write(")", TextTokenKind.Operator);
if (s != null) {
creator.Output.Write(" - ", TextTokenKind.Text);
creator.Output.Write(s, TextTokenKind.Text);
}
return creator.Create();
}
public FieldInstructionOperand(OpCode staticOpCode, OpCode instanceOpCode, IField field) {
this.StaticOpCode = staticOpCode;
this.InstanceOpCode = instanceOpCode;
this.Field = field;
}
public NewMethodInfo(OpCode opCode, IMethod method) {
this.opCode = opCode;
this.method = method;
}
static Instruction Create(OpCode opcode, object operand) =>
new Instruction
{
OpCode = opcode,
Operand = operand,
};