static string FindPeFromPath(string ModuleName, List <string> CandidateFolders, string ProcessorArch)
{
string PeFilePath = null;
// Filter out "problematic" search paths before it triggers an exception from Path.Combine
// see https://github.com/lucasg/Dependencies/issues/49
var CuratedCandidateFolders = CandidateFolders.Where(
path => !IsFilepathInvalid(path)
);
foreach (String CandidatePath in CuratedCandidateFolders)
{
PeFilePath = Path.Combine(CandidatePath, ModuleName);
PE TestPe = BinaryCache.LoadPe(PeFilePath);
if (TestPe != null && TestPe.LoadSuccessful)
{
Debug.WriteLine("Attempt to load {0:s} {1:s} {2:s}", PeFilePath, TestPe.GetProcessor(), ProcessorArch);
if (TestPe.GetProcessor() == ProcessorArch)
{
return(PeFilePath);
}
}
}
return(null);
}
public void LoadPe()
{
Action action = () =>
{
if (Filepath != null)
{
PE Module = BinaryCache.LoadPe(Filepath);
Imports = Module.GetImports().Select(i => ImportDll.From(i)).ToList();
try
{
var PeAssembly = AssemblyDefinition.ReadAssembly(Filepath);
ModuleReferences = PeAssembly.Modules.SelectMany(m => m.ModuleReferences).Where(mr => mr.Name.Length > 0).Select(m => ImportDll.From(m)).ToList();
AssemblyReferences = PeAssembly.Modules.SelectMany(m => m.AssemblyReferences).ToList();
} catch (BadImageFormatException)
{
}
}
else
{
//Module = null;
}
};
SafeExecutor(action);
}
private void ConstructDependencyTree(ModuleTreeViewItem RootNode, string FilePath, int RecursionLevel = 0)
{
PE CurrentPE = BinaryCache.LoadPe(FilePath);
if (null == CurrentPE)
{
return;
}
ConstructDependencyTree(RootNode, CurrentPE, RecursionLevel);
}
public void LoadPe()
{
if (Filepath != null)
{
PE Module = BinaryCache.LoadPe(Filepath);
Imports = Module.GetImports();
}
else
{
//Module = null;
}
}
/// <summary>
/// Background processing of a single PE file.
/// It can be lengthy since there are disk access (and misses).
/// </summary>
/// <param name="NewTreeContexts"> This variable is passed as reference to be updated since this function is run in a separate thread. </param>
/// <param name="newPe"> Current PE file analyzed </param>
private void ProcessPe(List <ImportContext> NewTreeContexts, PE newPe)
{
List <PeImportDll> PeImports = newPe.GetImports();
foreach (PeImportDll DllImport in PeImports)
{
bool FoundApiSet = false;
string ImportDllName = DllImport.Name;
// Look for api set target
if (ImportDllName.StartsWith("api-") || ImportDllName.StartsWith("ext-"))
{
// Strip the .dll extension and the last number (which is probably a build counter)
string ImportDllNameWithoutExtension = Path.GetFileNameWithoutExtension(ImportDllName);
string ImportDllHashKey = ImportDllNameWithoutExtension.Substring(0, ImportDllNameWithoutExtension.LastIndexOf("-"));
if (this.ApiSetmapCache.ContainsKey(ImportDllHashKey))
{
ApiSetTarget Targets = this.ApiSetmapCache[ImportDllHashKey];
if (Targets.Count > 0)
{
FoundApiSet = true;
ImportDllName = Targets[0];
}
}
}
ImportContext ImportModule = new ImportContext();
ImportModule.PeFilePath = null;
ImportModule.PeProperties = null;
ImportModule.ModuleName = DllImport.Name;
ImportModule.IsApiSet = FoundApiSet;
ImportModule.ApiSetModuleName = ImportDllName;
ImportModule.IsDelayLoadImport = (DllImport.Flags & 0x01) == 0x01; // TODO : Use proper macros
// Find Dll in "paths"
Tuple <ModuleSearchStrategy, String> FoundPe = FindPe.FindPeFromDefault(this.Pe, ImportDllName, this.SxsEntriesCache);
ImportModule.ModuleLocation = FoundPe.Item1;
if (ImportModule.ModuleLocation != ModuleSearchStrategy.NOT_FOUND)
{
ImportModule.PeFilePath = FoundPe.Item2;
ImportModule.PeProperties = BinaryCache.LoadPe(ImportModule.PeFilePath);
}
NewTreeContexts.Add(ImportModule);
}
}
public DependencyWindow(String FileName)
{
InitializeComponent();
this.Filename = FileName;
this.Pe = BinaryCache.LoadPe(FileName);
if (!this.Pe.LoadSuccessful)
{
MessageBox.Show(
String.Format("{0:s} is not a valid PE-COFF file", this.Filename),
"Invalid PE",
MessageBoxButton.OK
);
return;
}
this.SymPrv = new PhSymbolProvider();
this.RootFolder = Path.GetDirectoryName(FileName);
this.SxsEntriesCache = SxsManifest.GetSxsEntries(this.Pe);
this.ProcessedModulesCache = new ModulesCache();
this.ApiSetmapCache = Phlib.GetApiSetSchema();
this._SelectedModule = null;
this._DisplayWarning = false;
// TODO : Find a way to properly bind commands instead of using this hack
this.ModulesList.DoFindModuleInTreeCommand = DoFindModuleInTree;
this.ModulesList.ConfigureSearchOrderCommand = ConfigureSearchOrderCommand;
var RootFilename = Path.GetFileName(FileName);
var RootModule = new DisplayModuleInfo(RootFilename, this.Pe, ModuleSearchStrategy.ROOT);
this.ProcessedModulesCache.Add(new ModuleCacheKey(RootFilename, FileName), RootModule);
ModuleTreeViewItem treeNode = new ModuleTreeViewItem();
DependencyNodeContext childTreeInfoContext = new DependencyNodeContext()
{
ModuleInfo = new WeakReference(RootModule),
IsDummy = false
};
treeNode.DataContext = childTreeInfoContext;
treeNode.Header = treeNode.GetTreeNodeHeaderName(Dependencies.Properties.Settings.Default.FullPath);
treeNode.IsExpanded = true;
this.DllTreeView.Items.Add(treeNode);
// Recursively construct tree of dll imports
ConstructDependencyTree(treeNode, this.Pe);
}
public PE LoadBinary(string path)
{
StatusBarMessage = String.Format("Loading module {0:s} ...", path);
PE pe = BinaryCache.LoadPe(path);
if (!pe.LoadSuccessful)
{
StatusBarMessage = String.Format("Loading module {0:s} failed.", path);
}
else
{
StatusBarMessage = String.Format("Loading PE file \"{0:s}\" successful.", pe.Filepath);
}
return(pe);
}
public void LoadPe()
{
Action action = () =>
{
if (Filepath != null)
{
PE Module = BinaryCache.LoadPe(Filepath);
Imports = Module.GetImports();
}
else
{
//Module = null;
}
};
SafeExecutor(action);
}
static string FindPeFromPath(string ModuleName, List <string> CandidateFolders, bool Wow64Dll = false)
{
string PeFilePath = null;
foreach (String CandidatePath in CandidateFolders)
{
PeFilePath = Path.Combine(CandidatePath, ModuleName);
PE TestPe = BinaryCache.LoadPe(PeFilePath);
if ((TestPe != null) && (TestPe.LoadSuccessful) && (TestPe.IsWow64Dll() == Wow64Dll))
{
return(PeFilePath);
}
}
return(null);
}
public PeDependencyItem(PeDependencies _Root, string _ModuleName, string ModuleFilepath, ModuleSearchStrategy Strategy, int Level)
{
Root = _Root;
ModuleName = _ModuleName;
if (ModuleFilepath != null)
{
PE Module = BinaryCache.LoadPe(ModuleFilepath);
Imports = Module.GetImports();
}
else
{
//Module = null;
Imports = new List <PeImportDll>();
}
Filepath = ModuleFilepath;
SearchStrategy = Strategy;
RecursionLevel = Level;
DependenciesResolved = false;
}
public PE LoadBinary(string path)
{
StatusBarMessage = String.Format("Loading module {0:s} ...", path);
if (!NativeFile.Exists(path))
{
StatusBarMessage = String.Format("Loading PE file \"{0:s}\" failed : file not present on disk.", path);
return(null);
}
PE pe = BinaryCache.LoadPe(path);
if (pe == null || !pe.LoadSuccessful)
{
StatusBarMessage = String.Format("Loading module {0:s} failed.", path);
}
else
{
StatusBarMessage = String.Format("Loading PE file \"{0:s}\" successful.", pe.Filepath);
}
return(pe);
}
static string FindPeFromPath(string ModuleName, List <string> CandidateFolders, bool Wow64Dll = false)
{
string PeFilePath = null;
// Filter out "problematic" search paths before it triggers an exception from Path.Combine
// see https://github.com/lucasg/Dependencies/issues/49
var CuratedCandidateFolders = CandidateFolders.Where(
path => !IsFilepathInvalid(path)
);
foreach (String CandidatePath in CuratedCandidateFolders)
{
PeFilePath = Path.Combine(CandidatePath, ModuleName);
PE TestPe = BinaryCache.LoadPe(PeFilePath);
if ((TestPe != null) && (TestPe.LoadSuccessful) && (TestPe.IsWow64Dll() == Wow64Dll))
{
return(PeFilePath);
}
}
return(null);
}
private void ConstructDependencyTree(ModuleTreeViewItem RootNode, string FilePath, int RecursionLevel = 0)
{
ConstructDependencyTree(RootNode, BinaryCache.LoadPe(FilePath), RecursionLevel);
}
