internal TypeSystem(NETHeader netheader) { this._managedHeader = netheader; if (netheader.ParentAssembly._path.StartsWith(@"C:\Windows\Microsoft.NET\Framework") && netheader.ParentAssembly._path.EndsWith("\\mscorlib.dll")) _iscorlib = true; else { _mscorlibRef = new AssemblyReference("mscorlib", AssemblyAttributes.None, new Version(), AssemblyHashAlgorithm.None, 0 , null) {_netheader = netheader }; } Void = CreateCorLibTypeRef("System", "Void", ElementType.Void); IntPtr = CreateCorLibTypeRef("System", "IntPtr", ElementType.I); Int8 = CreateCorLibTypeRef("System", "SByte", ElementType.I1); Int16 = CreateCorLibTypeRef("System", "Int16", ElementType.I2); Int32 = CreateCorLibTypeRef("System", "Int32", ElementType.I4); Int64 = CreateCorLibTypeRef("System", "Int64", ElementType.I8); UIntPtr = CreateCorLibTypeRef("System", "UIntPtr", ElementType.U); UInt8 = CreateCorLibTypeRef("System", "Byte", ElementType.U1); UInt16 = CreateCorLibTypeRef("System", "UInt16", ElementType.U2); UInt32 = CreateCorLibTypeRef("System", "UInt32", ElementType.U4); UInt64 = CreateCorLibTypeRef("System", "UInt64", ElementType.U8); Object = CreateCorLibTypeRef("System", "Object", ElementType.Object); Single = CreateCorLibTypeRef("System", "Single", ElementType.R4); Double = CreateCorLibTypeRef("System", "Double", ElementType.R8); Char = CreateCorLibTypeRef("System", "Char", ElementType.Char); String = CreateCorLibTypeRef("System", "String", ElementType.String); Type = CreateCorLibTypeRef("System", "Type", ElementType.Type); Boolean = CreateCorLibTypeRef("System", "Boolean", ElementType.Boolean); }
internal TypeSystem(NETHeader netheader) { this.managedHeader = netheader; if (netheader.ParentAssembly.path.StartsWith(@"C:\Windows\Microsoft.NET\Framework") && netheader.ParentAssembly.path.EndsWith("\\mscorlib.dll")) iscorlib = true; else { mscorlibref = new AssemblyReference() { name = "mscorlib", netheader = netheader }; //mscorlibref = netheader.TablesHeap.GetTable( MetaDataTableType.AssemblyRef).Members.First(m => (m as AssemblyReference).Name == "mscorlib") as AssemblyReference; } Void = CreateCorLibTypeRef("System", "Void", ElementType.Void); IntPtr = CreateCorLibTypeRef("System", "IntPtr", ElementType.I); Int8 = CreateCorLibTypeRef("System", "SByte", ElementType.I1); Int16 = CreateCorLibTypeRef("System", "Int16", ElementType.I2); Int32 = CreateCorLibTypeRef("System", "Int32", ElementType.I4); Int64 = CreateCorLibTypeRef("System", "Int64", ElementType.I8); UIntPtr = CreateCorLibTypeRef("System", "UIntPtr", ElementType.U); UInt8 = CreateCorLibTypeRef("System", "Byte", ElementType.U1); UInt16 = CreateCorLibTypeRef("System", "UInt16", ElementType.U2); UInt32 = CreateCorLibTypeRef("System", "UInt32", ElementType.U4); UInt64 = CreateCorLibTypeRef("System", "UInt64", ElementType.U8); Object = CreateCorLibTypeRef("System", "Object", ElementType.Object); Single = CreateCorLibTypeRef("System", "Single", ElementType.R4); Double = CreateCorLibTypeRef("System", "Double", ElementType.R8); Char = CreateCorLibTypeRef("System", "Char", ElementType.Char); String = CreateCorLibTypeRef("System", "String", ElementType.String); Type = CreateCorLibTypeRef("System", "Type", ElementType.Type); Boolean = CreateCorLibTypeRef("System", "Boolean", ElementType.Boolean); }
private void UpdateNetDirectories(NETHeader newHeader) { ConstructNetDirectories(newHeader); // first stream has offset equal to md header size. uint mdSize = newHeader.MetaDataStreams[0]._streamHeader.Offset; // add sizes of streams. foreach (MetaDataStream stream in newHeader.MetaDataStreams) { mdSize += stream.StreamSize; } newHeader.MetaDataDirectory.Size = mdSize; // TODO: resources directory. }
/// <summary> /// Loads an assembly from a specific file using the specific reading parameters. /// </summary> /// <param name="file">The file to read.</param> /// <param name="arguments">The reading parameters to use.</param> /// <returns></returns> /// <exception cref="System.BadImageFormatException"></exception> public static Win32Assembly LoadFile(string file, ReadingParameters arguments) { try { Win32Assembly a = new Win32Assembly(); a.path = file; a.ReadingArguments = arguments; a.peImage = PeImage.LoadFromAssembly(a); a.headerReader = PeHeaderReader.FromAssembly(a); a.ntHeader = NTHeader.FromAssembly(a); a.mzHeader = MZHeader.FromAssembly(a); a.headerReader.LoadData(arguments.IgnoreDataDirectoryAmount); if (!arguments.OnlyManaged) { a.disassembler = new x86Disassembler(a); a.assembler = new x86Assembler(a); a.importExportTableReader = new ImportExportTableReader(a.ntHeader); a.resourcesReader = new ResourcesReader(a.ntHeader); } a.netHeader = NETHeader.FromAssembly(a); a.peImage.SetOffset(a.ntHeader.OptionalHeader.HeaderSize); return(a); } catch (Exception ex) { if (ex is AccessViolationException || ex is FileNotFoundException) { throw; } throw new BadImageFormatException("The file is not a valid Portable Executable File.", ex); } }
public void CalculateOffsetsAndSizes() { if (Writer.OriginalAssembly.ntHeader.IsManagedAssembly) { NETHeader netHeader = Writer.OriginalAssembly.NETHeader; netHeader.reader.metadataHeader2.NumberOfStreams = (ushort)netHeader.MetaDataStreams.Count; // reconstruct blob (temporary solution, will be removed once blobs are being re-serialized). netHeader.BlobHeap.Reconstruct(); // rebuild tables heap and update all other heaps. netHeader.TablesHeap.Reconstruct(); uint streamOffset = 0x20;// (uint)(Marshal.SizeOf(typeof(Structures.METADATA_STREAM_HEADER)) * netHeader.MetaDataStreams.Count); foreach (MetaDataStream stream in netHeader.MetaDataStreams) { int namelength = 4 * ((stream.Name.Length / 4) + 1); streamOffset += (uint)Marshal.SizeOf(typeof(Structures.METADATA_STREAM_HEADER)); streamOffset += (uint)namelength; } netHeader.reader.netHeader.MetaData.Size = streamOffset; DataDirectory dataDir = netHeader.MetaDataDirectory; dataDir.rawDataDir.Size = streamOffset; foreach (MetaDataStream stream in netHeader.MetaDataStreams) { // give image stream.netheader = netHeader; // reset offset to prevent overwriting of expanded streams. stream.streamHeader.Offset = streamOffset; // calculate next stream offset. streamOffset += stream.StreamSize; // increase total md dir size Writer.OriginalAssembly.NETHeader.reader.netHeader.MetaData.Size += stream.StreamSize; dataDir.rawDataDir.Size += stream.StreamSize; } NewSize = dataDir.rawDataDir.Size; } }
private MetaDataStream GetHeap(NETHeader netheader, int headeroffset, Structures.METADATA_STREAM_HEADER rawHeader, string name) { switch (name) { case "#~": case "#-": return(new TablesHeap(netheader, headeroffset, rawHeader, name)); case "#Strings": return(new StringsHeap(netheader, headeroffset, rawHeader, name)); case "#US": return(new UserStringsHeap(netheader, headeroffset, rawHeader, name)); case "#GUID": return(new GuidHeap(netheader, headeroffset, rawHeader, name)); case "#Blob": return(new BlobHeap(netheader, headeroffset, rawHeader, name)); default: return(new MetaDataStream(netheader, headeroffset, rawHeader, name)); } }
public static MSILInstruction Create(MSILOpCode opcode, uint metadataToken, NETHeader netHeader) { return new MSILInstruction() { OpCode = opcode, OperandBytes = BitConverter.GetBytes(metadataToken), Operand = netHeader.TokenResolver.ResolveToken(metadataToken) }; }
internal NETHeaderReader(NTHeader header, NETHeader parent) { header.assembly.netHeader = parent; image = header.assembly.peImage; this.ntHeader = header; }
public MetaDataTokenResolver(NETHeader netheader) { this._netheader = netheader; }
private void SearchAsync() { List <ListViewItem> items = new List <ListViewItem>(); NETHeader netHeader = currentAssembly.NETHeader; MetaDataTable methodTable = netHeader.TablesHeap.GetTable(MetaDataTableType.Method); foreach (MetaDataMember member in methodTable.Members) { MethodDefinition methodDef = member as MethodDefinition; string methodName; string fullName; try { methodName = methodDef.Name; } catch { methodName = string.Empty; } try { fullName = methodDef.FullName; } catch { fullName = string.Empty; } Invoke(new Action <string, double, double>(ProcessCallBack), "Scanning " + (fullName == string.Empty ? methodDef.MetaDataToken.ToString("X8") : fullName), member.MetaDataToken - ((int)member.TableType << 24), methodTable.Members.Count); if (methodDef.HasBody) { try { MSILDisassembler disassembler = new MSILDisassembler(methodDef.Body); MSILInstruction[] instructions = disassembler.Disassemble(); foreach (MSILInstruction instruction in instructions) { if (instruction.OpCode.Code == MSILCode.Ldstr) { string value = instruction.Operand as string; items.Add(new ListViewItem(new string[] { value, "IL_" + instruction.Offset.ToString("X4"), methodDef.MetaDataToken.ToString("X8"), methodName, fullName, }) { Tag = methodDef }); } } } catch { // handle } } } Invoke(new Action <List <ListViewItem> >(SearchCallBack), items); }