public void Dispose()
{
m_assembly = null;
m_metadataTableHeader = null;
m_pData = null;
m_fileSize = 0;
m_peHeader = null;
m_optionalHeader = null;
m_clrHeader = null;
m_streams = null;
m_fullPath = null;
if (m_tables != null)
{
for (var i = 0; i < m_tables.Length; ++i)
{
m_tables[i] = null;
}
m_tables = null;
}
if (m_memoryMap != null)
{
m_memoryMap.Dispose();
m_memoryMap = null;
}
}
private bool VerifyOptionalHeader()
{
if (FileFormat == FileFormat.PE32)
{
//I admit, there is some crazy imperitiveness going on here...
//So, if you don't quite follow the logic, I appologize.
//BUT, byt the time this function executes we should have verified that the
//OptionalHeader is large enough to handle the 32bit image type, so we can
//just go ahead and create the optioanl header 32.
m_optionalHeader = new OptionalHeader32((OptionalHeaderLayout32 *)(PEHeader + 1));
}
else if (FileFormat == FileFormat.PE32_PLUS)
{
//For 64 bit images, the optional header size needs to be a little bit larger (than it is for 32 bit
//images), but we couldn't know we were a 64 bit image until we examined the "magic number" (file
//format) in the OptionalHeader which we do after valiating the PE Header (because it's logically not
//part of the PE header, but is documented as part of the optional header. We don't read the optional
//header (which succeeds the PEHeader) until we know the PEHeader is valid, which at a minimum
//means there must be 224 bytes in the optional header. If the PEHEader is not valid, then we can't
//read the Optional Header, because it might not exist. In any case, once we know we can reade the
//file format, we do. If it turns out we have a 64 bit image, then we have to do another length check
//on the OptionalHeaderSize here. Note that we would have already verified the optional header
//size against the file size, so we don't need to repeat that check.
if (PEHeader->OptionalHeaderSize < 240)
{
return(false);
}
m_optionalHeader = new OptionalHeader64((OptionalHeaderLayout64 *)(PEHeader + 1));
}
else
{
return(false);
}
return(m_optionalHeader.Verify(m_fileSize, PEHeader));
}
public bool Verify(OptionalHeader header, byte *pFilePointer, uint fileSize, PEHeader *pPeHeader)
{
//1. The name is not empty.
if (GetNameAsString().Trim() == "")
{
return(false);
}
//2. VirtualAddress is a multiple of the section alignment.
if (VirtualAddress == 0 || (VirtualAddress % header.SectionAlignment) != 0)
{
return(false);
}
//3. SizeOfRawData is a multiple of the file alignment.
if ((SizeOfRawData % header.FileAlignment) != 0)
{
return(false);
}
//4. PointerToRawData is a multiple of the file alignment
if ((PointerToRawData % header.FileAlignment) != 0)
{
return(false);
}
//5. PointerToRawData == 0 <-> SizeOfRawData == 0
if ((PointerToRawData == 0) != (SizeOfRawData == 0))
{
return(false);
}
//6. If PointerToRawData is not null, it must fit inside the file.
try {
if (PointerToRawData > fileSize || checked (PointerToRawData + SizeOfRawData) > fileSize)
{
return(false);
}
} catch (OverflowException) {
return(false);
}
//7. PointerToRelocations must be 0.
if (PointerToRelocations != 0)
{
return(false);
}
//8. PointerToLineNumbers must be 0.
if (PointerToLineNumbers != 0)
{
return(false);
}
//9. NumberOfRelocations must be 0.
if (NumberOfRelocations != 0)
{
return(false);
}
//10. NumberOfLineNumbers must be 0.
if (NumberOfLineNumbers != 0)
{
return(false);
}
//11. The characteristics must be valid. We seperate out the check for
//bits marked as reserved from the check for defined bits that we don't support.
if ((Characteristics & SectionCharacteristics.Reserved) != 0)
{
return(false);
}
if ((Characteristics & SectionCharacteristics.DisallowedFlags) != 0)
{
return(false);
}
return(true);
}
public uint GetAlignedVirtualSize(OptionalHeader optionalHeader)
{
return(Util.Pad(VirtualSize, optionalHeader.SectionAlignment));
}
public unsafe bool Verify(OptionalHeader optionalHeader)
{
//1. The header size must be consistent with the other places it is reported.
if (HeaderSize < sizeof(CLRHeader))
{
return(false);
}
if (HeaderSize < optionalHeader.CLRRuntimeHeader.Size)
{
return(false);
}
//2. We require metadata versions between 2.0 and 2.5.
if (MajorRuntimeVersion != 2)
{
return(false);
}
if (MinorRuntimeVersion > 5)
{
return(false);
}
//3. The total size of the meta-data must be at least large enough to store the metadata root.
if (Metadata.RVA == 0 || Metadata.Size < MetadataRoot.MinSize)
{
return(false);
}
//4. If any "uknown" flags are present, we reject the image.
if ((Flags & ~CLRHeaderFlags.KnownFlags) != 0)
{
return(false);
}
//4. We don't support mixed-mode assemblies.
const CLRHeaderFlags requiredFlags = CLRHeaderFlags.COMIMAGE_FLAGS_ILONLY;
if ((Flags & requiredFlags) != requiredFlags)
{
return(false);
}
const CLRHeaderFlags disallowedFlags = CLRHeaderFlags.COMIMAGE_FLAGS_NATIVE_ENTRYPOINT;
if ((Flags & disallowedFlags) != 0)
{
return(false);
}
//5. The StrongNameSignature pointer should have a zero size only if it is null.
if (!StrongNameSignature.IsConsistent())
{
return(false);
}
//6. We should have a Strong name pointer iif the image is marked as being strong named signed.
if (StrongNameSignature.IsZero() != ((Flags & CLRHeaderFlags.COMIMAGE_FLAGS_STRONGNAMESIGNED) == 0))
{
return(false);
}
//7. There should be a null code manager table pointer.
if (!CodeManagerTable.IsZero())
{
return(false);
}
//8. There should be no vtable fixups.
if (!VTableFixups.IsZero())
{
return(false);
}
return(true);
}
public unsafe bool Verify(OptionalHeader optionalHeader)
{
//1. The header size must be consistent with the other places it is reported.
if (HeaderSize < sizeof(CLRHeader)) {
return false;
}
if (HeaderSize < optionalHeader.CLRRuntimeHeader.Size) {
return false;
}
//2. We require metadata versions between 2.0 and 2.5.
if (MajorRuntimeVersion != 2) {
return false;
}
if (MinorRuntimeVersion > 5) {
return false;
}
//3. The total size of the meta-data must be at least large enough to store the metadata root.
if (Metadata.RVA == 0 || Metadata.Size < MetadataRoot.MinSize) {
return false;
}
//4. If any "uknown" flags are present, we reject the image.
if ((Flags & ~CLRHeaderFlags.KnownFlags) != 0) {
return false;
}
//4. We don't support mixed-mode assemblies.
const CLRHeaderFlags requiredFlags = CLRHeaderFlags.COMIMAGE_FLAGS_ILONLY;
if ((Flags & requiredFlags) != requiredFlags) {
return false;
}
const CLRHeaderFlags disallowedFlags = CLRHeaderFlags.COMIMAGE_FLAGS_NATIVE_ENTRYPOINT;
if ((Flags & disallowedFlags) != 0) {
return false;
}
//5. The StrongNameSignature pointer should have a zero size only if it is null.
if (! StrongNameSignature.IsConsistent()) {
return false;
}
//6. We should have a Strong name pointer iif the image is marked as being strong named signed.
if (StrongNameSignature.IsZero() != ((Flags & CLRHeaderFlags.COMIMAGE_FLAGS_STRONGNAMESIGNED) == 0)) {
return false;
}
//7. There should be a null code manager table pointer.
if (! CodeManagerTable.IsZero()) {
return false;
}
//8. There should be no vtable fixups.
if (!VTableFixups.IsZero())
{
return false;
}
return true;
}
public bool Verify(OptionalHeader header, byte * pFilePointer, uint fileSize, PEHeader * pPeHeader)
{
//1. The name is not empty.
if (GetNameAsString().Trim() == "") {
return false;
}
//2. VirtualAddress is a multiple of the section alignment.
if (VirtualAddress == 0 || (VirtualAddress % header.SectionAlignment) != 0) {
return false;
}
//3. SizeOfRawData is a multiple of the file alignment.
if ((SizeOfRawData % header.FileAlignment) != 0) {
return false;
}
//4. PointerToRawData is a multiple of the file alignment
if ((PointerToRawData % header.FileAlignment) != 0) {
return false;
}
//5. PointerToRawData == 0 <-> SizeOfRawData == 0
if ((PointerToRawData == 0) != (SizeOfRawData == 0)) {
return false;
}
//6. If PointerToRawData is not null, it must fit inside the file.
try {
if (PointerToRawData > fileSize || checked(PointerToRawData + SizeOfRawData) > fileSize) {
return false;
}
} catch (OverflowException) {
return false;
}
//7. PointerToRelocations must be 0.
if (PointerToRelocations != 0) {
return false;
}
//8. PointerToLineNumbers must be 0.
if (PointerToLineNumbers != 0) {
return false;
}
//9. NumberOfRelocations must be 0.
if (NumberOfRelocations != 0) {
return false;
}
//10. NumberOfLineNumbers must be 0.
if (NumberOfLineNumbers != 0) {
return false;
}
//11. The characteristics must be valid. We seperate out the check for
//bits marked as reserved from the check for defined bits that we don't support.
if ((Characteristics & SectionCharacteristics.Reserved) != 0) {
return false;
}
if ((Characteristics & SectionCharacteristics.DisallowedFlags) != 0) {
return false;
}
return true;
}
public uint GetAlignedVirtualSize(OptionalHeader optionalHeader)
{
return Util.Pad(VirtualSize, optionalHeader.SectionAlignment);
}