public static void InitInstructionsCombobox(ComboBox cbo, MethodDefinition method, Instruction selectedIns, ref string[] instructionsStr) { cbo.Enabled = true; cbo.Items.Clear(); cbo.DropDownStyle = ComboBoxStyle.DropDownList; Collection <Instruction> ic = method.Body.Instructions; if (instructionsStr == null) { instructionsStr = new string[ic.Count + 1]; instructionsStr[0] = "N/A"; for (int i = 1; i < instructionsStr.Length; i++) { instructionsStr[i] = InsUtils.GetInstructionText(ic, i - 1); } } cbo.Items.AddRange(instructionsStr); if (cbo.Items.Count > 0 && selectedIns != null) { cbo.SelectedIndex = ic.IndexOf(selectedIns) + 1; } else { cbo.SelectedIndex = 0; } }
public static string GetInstructionText(Collection <Instruction> ic, int insIndex, bool deepCheck) { if (insIndex == -1) { return("?"); } // check dead loop string opText; if (ic[insIndex].Operand is Instruction) { if (deepCheck) { Instruction op = (Instruction)ic[insIndex].Operand; opText = GetInstructionText(ic, ic.IndexOf(op), false); } else { opText = insIndex.ToString(); } } else { opText = InsUtils.GetOperandText(ic, insIndex); } return(String.Format("{0} -> {1} {2}", insIndex, ic[insIndex].OpCode.Name, opText)); }
private void InitInstructions(ComboBox cbo) { cbo.Enabled = true; cbo.Items.Clear(); cbo.DropDownStyle = ComboBoxStyle.DropDownList; Collection <Instruction> ic = _method.Body.Instructions; for (int i = 0; i < ic.Count; i++) { cbo.Items.Add(InsUtils.GetInstructionText(ic, i)); } if (cbo.Items.Count > 0) { if (_ins.Operand is Instruction) { cbo.SelectedIndex = ic.IndexOf(_ins.Operand as Instruction); } else { cbo.SelectedIndex = 0; } } }
public void InitForm(MethodDefinition method) { if (method == _method) { return; } if (!method.HasBody) { return; } //clear last method info cboMethods.Items.Clear(); _staticMethodCount = 0; for (int i = 0; i < _staticMethods.Length; i++) { _staticMethods[i] = null; } //init current method _method = method; cboMethods.Items.Add("N/A"); cboMethods.Items.Add("Automatic"); Collection <Instruction> ic = _method.Body.Instructions; for (int i = 0; i < ic.Count; i++) { if (ic[i].Operand is MethodDefinition) { MethodDefinition md = ic[i].Operand as MethodDefinition; if (md.IsStatic && md.ReturnType.Name == "String") { string text = InsUtils.GetMethodText(md); if (!cboMethods.Items.Contains(text)) { _staticMethods[_staticMethodCount] = md; _staticMethodCount++; cboMethods.Items.Add(text); if (_staticMethodCount >= _staticMethods.Length) { break; } } } } } if (cboMethods.Items.Contains(_selectedText)) { cboMethods.SelectedItem = _selectedText; } else { //if (cboMethods.Items.Count > 2) // cboMethods.SelectedIndex = 1; //else cboMethods.SelectedIndex = 0; } }
public static List <JumpInstruction> Find(MethodDefinition method, int insStart, int insEnd) { List <JumpInstruction> list = new List <JumpInstruction>(); Collection <Instruction> ic = method.Body.Instructions; if (insStart < 0) { insStart = 0; } if (insEnd < 0) { insEnd = ic.Count - 1; } InsUtils.ComputeIndexes(ic); for (int i = insStart; i <= insEnd; i++) { Instruction insTemp = ic[i]; if (DeobfUtils.IsJumpInstruction(insTemp)) { list.Add(new JumpInstruction(insTemp)); } } return(list); }
private void InitForm(object o) { if (o is MemberReference) { MemberReference mr = (MemberReference)o; txtOriginalName.Text = InsUtils.GetOldMemberName(mr); txtCurrentName.Text = mr.Name; } else if (o is Resource) { Resource r = (Resource)o; txtOriginalName.Text = String.Empty; txtCurrentName.Text = r.Name; } else { txtOriginalName.Text = String.Empty; txtCurrentName.Text = o.ToString(); } if (!String.IsNullOrEmpty(txtOriginalName.Text)) { byte[] bytes = Encoding.Unicode.GetBytes(txtOriginalName.Text); txtOriginalNameHex.Text = BytesUtils.BytesToHexString(bytes, true); } if (!String.IsNullOrEmpty(txtCurrentName.Text)) { byte[] bytes = Encoding.Unicode.GetBytes(txtCurrentName.Text); txtCurrentNameHex.Text = BytesUtils.BytesToHexString(bytes, true); } }
public void InitForm(MethodDefinition md, int start, int end) { _method = md; _start = start; _end = end; Collection <Instruction> ic = _method.Body.Instructions; InsUtils.InitInstructionsCombobox(cboStart, _method, ic[_start], ref instructionsStr); InsUtils.InitInstructionsCombobox(cboEnd, _method, ic[_end], ref instructionsStr); InsUtils.InitInstructionsCombobox(cboTo, _method, null, ref instructionsStr); }
public bool IsMatchAllLevel(TypeDefinition type) { string name = InsUtils.GetOldMemberName(type); if (IsMatchAllLevel(name)) { return(true); } name = GetTokenString(type.MetadataToken); if (IsMatchAllLevel(name)) { return(true); } return(false); }
public bool EvalExpression(Instruction ins, Collection <Instruction> instructions) { object op = InsUtils.GetInstructionOperand(ins); if (op is Instruction) { int insIndex1 = instructions.IndexOf(ins); int insIndex2 = instructions.IndexOf((Instruction)op); return(Expression.Equals((insIndex2 - insIndex1).ToString())); } if (Expression.IndexOf("op") >= 0) { string expr = Expression.Replace("op", op == null ? "null" : op.ToString()); object o = Evaluator.Eval(expr); return(Convert.ToBoolean(o)); } return(false); }
public void InitForm(MethodDefinition md, int ehIndex) { if (_method == md && _ehIndex == ehIndex) { return; } _method = md; _ehIndex = ehIndex; if (_ehIndex < 0) { _eh = new ExceptionHandler(ExceptionHandlerType.Catch); _eh.CatchType = _method.Module.Import(typeof(System.Exception)); InitTypes(ExceptionHandlerType.Catch); } else { _eh = _method.Body.ExceptionHandlers[_ehIndex]; if (_eh.CatchType == null) { _eh.CatchType = _method.Module.Import(typeof(System.Exception)); } InitTypes(_eh.HandlerType); } txtCatchType.Text = _eh.CatchType.FullName; InsUtils.InitInstructionsCombobox(cboTryStart, _method, _eh.TryStart, ref instructionsStr); InsUtils.InitInstructionsCombobox(cboTryEnd, _method, _eh.TryEnd, ref instructionsStr); InsUtils.InitInstructionsCombobox(cboHandlerStart, _method, _eh.HandlerStart, ref instructionsStr); InsUtils.InitInstructionsCombobox(cboHandlerEnd, _method, _eh.HandlerEnd, ref instructionsStr); InsUtils.InitInstructionsCombobox(cboFilterStart, _method, _eh.FilterStart, ref instructionsStr); //InsUtils.InitInstructionsCombobox(cboFilterEnd, _method, _eh.FilterEnd, ref instructionsStr); }
public static string GetOperandText(Collection <Instruction> ic, int insIndex) { string text = String.Empty; if (insIndex < 0) { return(text); } object operand = ic[insIndex].Operand; if (operand == null) { return(text); } switch (operand.GetType().FullName) { case "System.String": text = String.Format("\"{0}\"", operand); break; case "System.Int32": case "System.Int16": case "System.Int64": long l = Convert.ToInt64(operand); if (l < 100) { text = l.ToString(); } else { text = String.Format("0x{0:x}", l); } break; case "System.UInt32": case "System.UInt16": case "System.UInt64": ulong ul = Convert.ToUInt64(operand); if (ul < 100) { text = ul.ToString(); } else { text = String.Format("0x{0:x}", ul); } break; case "System.Decimal": text = operand.ToString(); break; case "System.Double": text = operand.ToString(); break; case "System.Byte": case "System.SByte": text = String.Format("0x{0:x}", operand); break; case "System.Boolean": text = operand.ToString(); break; case "System.Char": text = String.Format("'{0}'", operand); break; case "System.DateTime": text = operand.ToString(); break; case "Mono.Cecil.Cil.Instruction": //text = GetAddressText(operand as Instruction); text = InsUtils.GetInstructionText(ic, ic.IndexOf(operand as Instruction)); break; case "Mono.Cecil.Cil.Instruction[]": Instruction[] ins = operand as Instruction[]; StringBuilder sb = new StringBuilder(); if (ins.Length > 0) { for (int i = 0; i < ins.Length; i++) { //sb.AppendFormat("{0}, ", GetAddressText(ins[i])); sb.AppendFormat("{0}, ", ic.IndexOf(ins[i])); } sb.Remove(sb.Length - 2, 2); } text = sb.ToString(); break; //case "Mono.Cecil.MethodDefinition": //case "Mono.Cecil.MethodReference": // text = (operand as MethodReference).Name; // break; //case "Mono.Cecil.FieldDefinition": //case "Mono.Cecil.FieldReference": // text = (operand as FieldReference).Name; // break; default: text = operand.ToString(); break; } return(text); }
private void btnOK_Click(object sender, EventArgs e) { if (cboOpCode.SelectedItem == null) { SimpleMessage.ShowInfo("Please select proper OpCode."); return; } try { OpCode op = (OpCode)cboOpCode.SelectedItem; switch (op.OperandType) { case OperandType.InlineBrTarget: case OperandType.ShortInlineBrTarget: _ins.OpCode = op; _ins.Operand = _method.Body.Instructions[cboOperand.SelectedIndex]; break; case OperandType.InlineString: _ins.OpCode = op; _ins.Operand = cboOperand.Text; break; case OperandType.InlineNone: _ins.OpCode = op; _ins.Operand = null; break; case OperandType.InlineI: _ins.OpCode = op; _ins.Operand = SimpleParse.ParseInt(cboOperand.Text); break; case OperandType.ShortInlineI: _ins.OpCode = op; if (op.Code == Code.Ldc_I4_S) { _ins.Operand = SimpleParse.ParseSByte(cboOperand.Text); } else { _ins.Operand = SimpleParse.ParseByte(cboOperand.Text); } break; case OperandType.InlineR: _ins.OpCode = op; _ins.Operand = Double.Parse(cboOperand.Text); break; case OperandType.ShortInlineR: _ins.OpCode = op; _ins.Operand = Single.Parse(cboOperand.Text); break; case OperandType.InlineI8: _ins.OpCode = op; _ins.Operand = SimpleParse.ParseLong(cboOperand.Text); break; case OperandType.InlineField: _ins.OpCode = op; _ins.Operand = cboOperand.SelectedItem; break; case OperandType.InlineVar: case OperandType.ShortInlineVar: _ins.OpCode = op; _ins.Operand = cboOperand.SelectedItem; break; case OperandType.ShortInlineArg: case OperandType.InlineArg: _ins.OpCode = op; _ins.Operand = cboOperand.SelectedItem; break; case OperandType.InlineMethod: _ins.OpCode = op; if (cboOperand.SelectedItem is MethodReference) { MethodReference mr = (MethodReference)cboOperand.SelectedItem; if (mr.DeclaringType.Module.FullyQualifiedName != _method.DeclaringType.Module.FullyQualifiedName) { _ins.Operand = _method.DeclaringType.Module.Import(mr); } else { _ins.Operand = mr; } } else { MethodInfo mi; MethodReference mr; switch (cboOperand.Text) { case METHOD_MESSAGEBOX: mi = typeof(System.Windows.Forms.MessageBox).GetMethod("Show", new Type[] { typeof(string) }); mr = _method.DeclaringType.Module.Import(mi); _ins.Operand = mr; break; } } break; case OperandType.InlineSwitch: { string opStr = cboOperand.Text; if (opStr != null) { string[] ops = opStr.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); if (ops != null && ops.Length > 0) { Instruction[] opIns = new Instruction[ops.Length]; for (int i = 0; i < ops.Length; i++) { int opIndex = -1; if (int.TryParse(ops[i], out opIndex)) { if (opIndex >= 0 && opIndex < _method.Body.Instructions.Count) { opIns[i] = _method.Body.Instructions[opIndex]; } else { opIndex = -1; } } if (opIndex == -1) { throw new Exception("Invalid instruction index" + ops[i]); } } _ins.Operand = null; _ins.Operand = opIns; } } } break; case OperandType.InlineType: _ins.OpCode = op; if (cboOperand.SelectedItem == null) { _ins.Operand = ClassEditHelper.ParseTypeReference(cboOperand.Text, _method.Module); } else { _ins.Operand = ClassEditHelper.ParseTypeReference(cboOperand.SelectedItem, _method.Module); } break; default: if (_ins.OpCode.OperandType != op.OperandType) { SimpleMessage.ShowInfo(op.Name + " not implemented"); return; } else { _ins.OpCode = op; if (cboOperand.SelectedIndex >= 0) { _ins.Operand = cboOperand.SelectedItem; } else { _ins.Operand = null; } } break; } switch (_mode) { case EditModes.Edit: break; case EditModes.InsertAfter: _ilp.InsertAfter(_method.Body.Instructions[_insIndex], _ins); break; case EditModes.InsertBefore: _ilp.InsertBefore(_method.Body.Instructions[_insIndex], _ins); break; } InsUtils.ComputeOffsets(_method.Body.Instructions); this.DialogResult = DialogResult.OK; this.Close(); } catch (Exception ex) { SimpleMessage.ShowException(ex); } }
public void InitForm(frmClassEdit mainForm, MethodDefinition md, int insIndex, EditModes mode) { if (_method == md && _insIndex == insIndex) { return; } _mainForm = mainForm; _method = md; _ilp = md.Body.GetILProcessor(); _insIndex = insIndex; _mode = mode; Collection <Instruction> ic = _method.Body.Instructions; switch (mode) { case EditModes.Edit: _ins = ic[_insIndex]; if (_ins.Previous == null) { txtPrevIns.Text = String.Empty; } else { txtPrevIns.Text = InsUtils.GetInstructionText(ic, ic.IndexOf(_ins.Previous)); } if (_ins.Next == null) { txtNextIns.Text = String.Empty; } else { txtNextIns.Text = InsUtils.GetInstructionText(ic, ic.IndexOf(_ins.Next)); } break; case EditModes.InsertAfter: _ins = _ilp.Create(OpCodes.Nop); txtPrevIns.Text = InsUtils.GetInstructionText(ic, _insIndex); if (ic[_insIndex].Next == null) { txtNextIns.Text = String.Empty; } else { txtNextIns.Text = InsUtils.GetInstructionText(ic, ic.IndexOf(ic[_insIndex].Next)); } break; case EditModes.InsertBefore: _ins = _ilp.Create(OpCodes.Nop); txtNextIns.Text = InsUtils.GetInstructionText(ic, _insIndex); if (ic[_insIndex].Previous == null) { txtPrevIns.Text = String.Empty; } else { txtPrevIns.Text = InsUtils.GetInstructionText(ic, ic.IndexOf(ic[_insIndex].Previous)); } break; } InitOpCodes(cboOpCode); }
private void cboOpCode_SelectedIndexChanged(object sender, EventArgs e) { btnSelectMethod.Enabled = false; if (cboOpCode.SelectedItem == null) { DisableOperand(); return; } OpCode op = (OpCode)cboOpCode.SelectedItem; lblOpCodeInfo.Text = String.Format("FlowControl: {0}\nOpCodeType: {1}\nOperandType: {2}", op.FlowControl.ToString(), op.OpCodeType.ToString(), op.OperandType.ToString()); Collection <Instruction> ic = _method.Body.Instructions; switch (op.OperandType) { case OperandType.InlineBrTarget: case OperandType.ShortInlineBrTarget: InitInstructions(cboOperand); break; case OperandType.InlineString: cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDown; if (_ins.Operand != null) { cboOperand.Items.Add(_ins.Operand); cboOperand.SelectedIndex = 0; } break; case OperandType.InlineNone: DisableOperand(); break; case OperandType.InlineI: case OperandType.InlineI8: case OperandType.ShortInlineI: case OperandType.InlineR: case OperandType.ShortInlineR: cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDown; cboOperand.Items.Add(InsUtils.GetOperandText(ic, _insIndex)); cboOperand.SelectedIndex = 0; break; case OperandType.InlineSwitch: cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDown; cboOperand.Items.Add(InsUtils.GetOperandText(ic, _insIndex)); cboOperand.SelectedIndex = 0; Instruction[] switchIns = _ins.Operand as Instruction[]; cboOperand.Items.Add("----------------------------------------"); for (int i = 0; i < switchIns.Length; i++) { cboOperand.Items.Add( String.Format("{0} (0x{0:x}): {1}", i, InsUtils.GetInstructionText(ic, ic.IndexOf(switchIns[i]))) ); } break; case OperandType.InlineField: if (_ins.Operand == null || _method.DeclaringType.Fields.Contains(_ins.Operand as FieldDefinition)) { InitFields(cboOperand); } else { cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDownList; cboOperand.Items.Add(InsUtils.GetOperandText(ic, _insIndex)); cboOperand.SelectedIndex = 0; } break; case OperandType.InlineVar: case OperandType.ShortInlineVar: InitVars(cboOperand); break; case OperandType.ShortInlineArg: case OperandType.InlineArg: InitParams(cboOperand); break; case OperandType.InlineMethod: InitMethods(cboOperand); btnSelectMethod.Enabled = true; break; case OperandType.InlineType: cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDown; if (_ins.Operand != null) { cboOperand.Items.Add(_ins.Operand); cboOperand.SelectedIndex = 0; } ClassEditHelper.InitDropdownTypes(cboOperand, _method.Module); break; default: cboOperand.Enabled = true; cboOperand.Items.Clear(); cboOperand.DropDownStyle = ComboBoxStyle.DropDownList; if (_ins.Operand != null) { cboOperand.Items.Add(_ins.Operand); cboOperand.SelectedIndex = 0; } break; } }
public static List <ForStatementBlock> Find(MethodDefinition method) { List <ForStatementBlock> list = new List <ForStatementBlock>(); if (method == null || !method.HasBody) { return(list); } Collection <Instruction> ic = method.Body.Instructions; if (ic.Count < 1) { return(list); } InsUtils.ComputeIndexes(ic); for (int i = 0; i < ic.Count; i++) { const int maxLoop = 50; int count = 0; Instruction insLdci4 = ic[i]; if (!insLdci4.OpCode.Name.StartsWith("ldc.i4")) { continue; } Instruction insStloc = insLdci4.Next; count = 0; while (insStloc != null && !insStloc.OpCode.Name.StartsWith("stloc") && count < maxLoop) { insStloc = insStloc.Next; count++; } if (insStloc == null || !insStloc.OpCode.Name.StartsWith("stloc")) { continue; } Instruction insBr = insStloc.Next; if (insBr == null || !insBr.OpCode.Name.StartsWith("br") || insBr.Next == null) { continue; } Instruction insLdloc = insBr.Operand as Instruction; if (insLdloc == null || !insLdloc.OpCode.Name.StartsWith("ldloc")) { continue; } Instruction insBlt = insLdloc.Next; count = 0; while (insBlt != null && !insBlt.OpCode.Name.StartsWith("blt") && !insBlt.OpCode.Name.StartsWith("clt") && !insBlt.OpCode.Name.StartsWith("call") && count < maxLoop) { insBlt = insBlt.Next; count++; } if (insBlt == null) { continue; } bool skip = false; if (insBlt.OpCode.Name.StartsWith("blt")) { //ok } else if (insBlt.OpCode.Name.StartsWith("clt")) { if (insBlt.Next != null && insBlt.Next.OpCode.Name.StartsWith("brtrue")) { insBlt = insBlt.Next; } else { skip = true; } } else if (insBlt.OpCode.Name.StartsWith("call")) { MethodReference mr = insBlt.Operand as MethodReference; if (mr.FullName == "System.Boolean System.Collections.IEnumerator::MoveNext()") { if (insBlt.Next != null && insBlt.Next.OpCode.Name.StartsWith("brtrue")) { insBlt = insBlt.Next; } else { skip = true; } } else { skip = true; } } else { skip = true; } if (skip) { continue; } Instruction insBrNext = insBlt.Operand as Instruction; if (insBrNext == null || insBrNext.Offset != insBr.Next.Offset) { continue; } int varIndex = InsUtils.GetVariableIndex(insStloc); if (varIndex < 0) { continue; } ForStatementBlock fsb = new ForStatementBlock(varIndex, insLdci4.Index, insBlt.Index); list.Add(fsb); i = insBlt.Index; } return(list); }