public AssemblyDebugParser(Stream?peStream, Stream pdbStream) { Stream inputStream; if (!PdbConverter.IsPortable(pdbStream)) { if (peStream == null) { throw new ArgumentNullException(nameof(peStream), "Full PDB's require the PE file to be next to the PDB"); } if (!AppCompat.IsSupported(RuntimeFeature.DiaSymReader)) { throw new PlatformNotSupportedException("Windows PDB cannot be processed on this platform."); } // Full PDB. convert to ppdb in memory _pdbBytes = pdbStream.ReadAllBytes(); pdbStream.Position = 0; _peBytes = peStream.ReadAllBytes(); peStream.Position = 0; _temporaryPdbStream = new MemoryStream(); PdbConverter.Default.ConvertWindowsToPortable(peStream, pdbStream, _temporaryPdbStream); _temporaryPdbStream.Position = 0; peStream.Position = 0; inputStream = _temporaryPdbStream; _pdbType = PdbType.Full; } else { inputStream = pdbStream; _pdbType = PdbType.Portable; _pdbBytes = pdbStream.ReadAllBytes(); pdbStream.Position = 0; } _readerProvider = MetadataReaderProvider.FromPortablePdbStream(inputStream); _reader = _readerProvider.GetMetadataReader(); if (peStream != null) { _peReader = new PEReader(peStream); _ownPeReader = true; } }
public void AppCompatTestCreators() { var r = new AppCompat(); var reg = new RegistryHive(@"D:\SynologyDrive\Registry\SYSTEM_Creators"); reg.ParseHive(); var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache"); Check.That(r.Values.Count).IsEqualTo(0); r.ProcessValues(key); Check.That(r.Values.Count).IsEqualTo(506); var ff = (ValuesOut)r.Values[0]; Check.That(ff.CacheEntryPosition).IsEqualTo(0); Check.That(ff.ProgramName).Contains("nvstreg.exe"); }
public void AppCompatTestOneOff() { var r = new AppCompat(); var reg = new RegistryHive(@"C:\Users\eric\Desktop\SYSTEM"); reg.ParseHive(); var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache"); Check.That(r.Values.Count).IsEqualTo(0); r.ProcessValues(key); Check.That(r.Values.Count).IsEqualTo(325); var ff = (ValuesOut)r.Values[0]; Check.That(ff.CacheEntryPosition).IsEqualTo(0); Check.That(ff.ProgramName).Contains("Logon"); }
public void AppCompatTest() { var r = new AppCompat(); var reg = new RegistryHive(@"D:\Sync\RegistryHives\SYSTEM"); reg.ParseHive(); var key = reg.GetKey(@"ControlSet001\Control\Session Manager\AppCompatCache"); Check.That(r.Values.Count).IsEqualTo(0); r.ProcessValues(key); Check.That(r.Values.Count).IsEqualTo(1024); var ff = (ValuesOut)r.Values[0]; Check.That(ff.CacheEntryPosition).IsEqualTo(0); Check.That(ff.ProgramName).Contains("java"); }
private void ShowFile(PackageFile file) { object?content = null; var isBinary = false; // find all plugins which can handle this file's extension var contentViewers = FindContentViewer(file); if (contentViewers != null) { try { // iterate over all plugins, looking for the first one that return non-null content foreach (var viewer in contentViewers) { var files = file.GetAssociatedPackageFiles().ToList(); content = viewer.GetView(file, files); if (content != null) { // found a plugin that can read this file, stop break; } } } catch (Exception ex) when(!(ex is FileNotFoundException)) { DiagnosticsClient.TrackException(ex, ViewModel.Package, ViewModel.PublishedOnNuGetOrg); // don't let plugin crash the app content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString(); } isBinary = content is not string; } // if plugins fail to read this file, fall back to the default viewer var truncated = false; if (content == null) { isBinary = FileHelper.IsBinaryFile(file.Name); if (isBinary) { content = Resources.UnsupportedFormatMessage; } else { content = ReadFileContent(file, out truncated); } } long size = -1; IReadOnlyList <AuthenticodeSignature> sigs; SignatureCheckResult isValidSig; { // note: later, throught binding converter, SigningCertificate's CN value is extracted through native api if (AppCompat.IsSupported(RuntimeFeature.Cryptography, RuntimeFeature.NativeMethods)) { using var stream = file.GetStream(); using var tempFile = new TemporaryFile(stream, Path.GetExtension(file.Name)); var extractor = new FileInspector(tempFile.FileName); sigs = extractor.GetSignatures().ToList(); isValidSig = extractor.Validate(); size = tempFile.Length; } else { using var stream = StreamUtility.MakeSeekable(file.GetStream(), disposeOriginal: true); var peFile = new PeFile(stream); var certificate = CryptoUtility.GetSigningCertificate(peFile); if (certificate is not null) { sigs = new List <AuthenticodeSignature>(0); isValidSig = SignatureCheckResult.UnknownProvider; } else { sigs = new List <AuthenticodeSignature>(0); isValidSig = SignatureCheckResult.NoSignature; } size = peFile.FileSize; } } var fileInfo = new FileContentInfo( file, file.Path, content, !isBinary, size, truncated, sigs, isValidSig); ViewModel.ShowFile(fileInfo); }