From 81360259d8648b9aef981de9c78f7043633fc820 Mon Sep 17 00:00:00 2001
From: MishaTY <46088515+MishaTY@users.noreply.github.com>
Date: Sun, 28 Feb 2021 13:13:48 -0500
Subject: [PATCH] Small project cleanup and add support file extended opcodes
---
LibDotNetParser/CILApi/DotNetFile.cs | 8 +-
LibDotNetParser/CILApi/DotNetMethod.cs | 6 +-
LibDotNetParser/CILApi/DotNetType.cs | 2 +-
.../CILApi/IL/DotNetVirtualMachine.cs | 356 ------------------
LibDotNetParser/{ => CILApi/IL}/ILFormater.cs | 0
.../CILApi/{ => IL}/ILInstruction.cs | 0
.../CILApi/{ => IL}/IlDecompiler.cs | 7 +
.../IL/{ => OpCodes}/CallMethodDataHolder.cs | 0
.../CILApi/IL/{ => OpCodes}/OpCode.cs | 0
.../IL/{ => OpCodes}/OpCodeOperandType.cs | 0
.../CILApi/IL/{ => OpCodes}/OpCodes.cs | 267 ++++++++++++-
LibDotNetParser/CILApi/IL/OpCodesExt.cs | 11 -
LibDotNetParser/CILApi/MethodAttr.cs | 2 +-
LibDotNetParser/DotNet/Tabels/Tabels.cs | 2 +-
.../{PEParaser.cs => PE/PEFile.cs} | 42 +--
TesterKernel/Kernel.cs | 2 +
16 files changed, 304 insertions(+), 401 deletions(-)
delete mode 100644 LibDotNetParser/CILApi/IL/DotNetVirtualMachine.cs
rename LibDotNetParser/{ => CILApi/IL}/ILFormater.cs (100%)
rename LibDotNetParser/CILApi/{ => IL}/ILInstruction.cs (100%)
rename LibDotNetParser/CILApi/{ => IL}/IlDecompiler.cs (98%)
rename LibDotNetParser/CILApi/IL/{ => OpCodes}/CallMethodDataHolder.cs (100%)
rename LibDotNetParser/CILApi/IL/{ => OpCodes}/OpCode.cs (100%)
rename LibDotNetParser/CILApi/IL/{ => OpCodes}/OpCodeOperandType.cs (100%)
rename LibDotNetParser/CILApi/IL/{ => OpCodes}/OpCodes.cs (79%)
delete mode 100644 LibDotNetParser/CILApi/IL/OpCodesExt.cs
rename LibDotNetParser/{PEParaser.cs => PE/PEFile.cs} (99%)
diff --git a/LibDotNetParser/CILApi/DotNetFile.cs b/LibDotNetParser/CILApi/DotNetFile.cs
index 69b7303..cfa83af 100644
--- a/LibDotNetParser/CILApi/DotNetFile.cs
+++ b/LibDotNetParser/CILApi/DotNetFile.cs
@@ -4,8 +4,8 @@ namespace LibDotNetParser.CILApi
{
public class DotNetFile
{
- PEParaser peFile;
- public PEParaser Backend
+ PEFile peFile;
+ public PEFile Backend
{
get { return peFile; }
}
@@ -49,12 +49,12 @@ public DotNetMethod EntryPoint
}
public DotNetFile(string Path)
{
- peFile = new PEParaser(Path);
+ peFile = new PEFile(Path);
}
public DotNetFile(byte[] file)
{
- peFile = new PEParaser(file);
+ peFile = new PEFile(file);
}
}
}
diff --git a/LibDotNetParser/CILApi/DotNetMethod.cs b/LibDotNetParser/CILApi/DotNetMethod.cs
index 11cb91e..6efb136 100644
--- a/LibDotNetParser/CILApi/DotNetMethod.cs
+++ b/LibDotNetParser/CILApi/DotNetMethod.cs
@@ -12,7 +12,7 @@ namespace LibDotNetParser.CILApi
{
public class DotNetMethod
{
- private PEParaser file;
+ private PEFile file;
private DotNetFile file2;
private MethodTabelRow method;
@@ -24,7 +24,7 @@ public uint Offset
{
get
{
- return (uint)PEParaser.RelativeVirtualAddressToFileOffset(RVA, file.PeHeader.Sections);
+ return (uint)PEFile.RelativeVirtualAddressToFileOffset(RVA, file.PeHeader.Sections);
}
}
public DotNetFile File
@@ -49,7 +49,7 @@ public bool IsStatic
///
///
///
- public DotNetMethod(PEParaser file, MethodTabelRow item, DotNetType parrent)
+ public DotNetMethod(PEFile file, MethodTabelRow item, DotNetType parrent)
{
this.file = file;
this.method = item;
diff --git a/LibDotNetParser/CILApi/DotNetType.cs b/LibDotNetParser/CILApi/DotNetType.cs
index c6118b1..3094b7d 100644
--- a/LibDotNetParser/CILApi/DotNetType.cs
+++ b/LibDotNetParser/CILApi/DotNetType.cs
@@ -11,7 +11,7 @@ namespace LibDotNetParser.CILApi
{
public class DotNetType
{
- private PEParaser file;
+ private PEFile file;
private TypeDefTabelRow type;
private TypeFlags flags;
private int NextTypeIndex;
diff --git a/LibDotNetParser/CILApi/IL/DotNetVirtualMachine.cs b/LibDotNetParser/CILApi/IL/DotNetVirtualMachine.cs
deleted file mode 100644
index a46e86d..0000000
--- a/LibDotNetParser/CILApi/IL/DotNetVirtualMachine.cs
+++ /dev/null
@@ -1,356 +0,0 @@
-//using LibDotNetParser.CILApi.IL;
-//using System;
-//using System.Collections.Generic;
-
-//namespace LibDotNetParser.CILApi
-//{
-// public class DotNetVirtualMachine
-// {
-// DotNetFile mainFile;
-
-// private List LoadedDlls = new List();
-// ///
-// /// For debuging
-// ///
-// public bool DumpIL = true;
-// private bool IsRunning = false;
-// int argsCurrentIndex = 0;
-// object[] Args = new object[12];
-
-// public DotNetVirtualMachine()
-// {
-// }
-// ///
-// /// Sets the EXE with the main entry point.
-// ///
-// ///
-// public void SetMainExe(DotNetFile file)
-// {
-// this.mainFile = file;
-// }
-// ///
-// /// Adds a Framework DLL/Depend dll
-// ///
-// ///
-// public void AddDll(DotNetFile file)
-// {
-// LoadedDlls.Add(file);
-// }
-// ///
-// /// Calls the entrypoint in the file.
-// ///
-// public void Start()
-// {
-// if (mainFile == null)
-// throw new Exception("MainFile not set: Please call SetMainExe()");
-
-// DotNetMethod m = null;
-// foreach (var item in mainFile.Types)
-// {
-// foreach (var m2 in item.Methods)
-// {
-// if (m2.IsStatic && m2.Name == "Main")
-// {
-// m = m2;
-// break;
-// }
-// }
-// }
-// if (m == null)
-// throw new System.Exception("Invaild .NET EXE: Entry Point not found!");
-
-// IsRunning = true;
-// ProcessMethod(m, mainFile, "Arg 1", "Arg 2");
-// }
-// ///
-// /// Makes things much easier for the DoStartMethod() function
-// ///
-// ///
-// ///
-// // All of the Opcodes that have additional parameters have to be processed here.
-// private void ProcessMethod(DotNetMethod m, DotNetFile fs, params string[] args)
-// {
-// byte[] code = m.GetBody();
-// List inr = new List();
-
-// for (int i = 0; i < code.Length; i++)
-// {
-// byte opCode = code[i];
-// if (!IsRunning)
-// return;
-
-// if (opCode == (byte)OpCodes.Ldstr)
-// {
-// //Decode the number
-// byte first = code[i + 1]; //1st index
-// byte sec = code[i + 2]; //2nd
-// byte third = code[i + 3];
-// byte forth = code[i + 4];
-// byte[] num = new byte[] { first, sec, third, 0 };
-// var numb = BitConverter.ToInt32(num, 0);
-
-// //Get the string
-// string s;
-
-// //Microsoft does really good documentation on front-end things. For example: Windows Apis, and the dot net framework.
-// //But, They don't do backend documentation, for example: Decoding this string token.
-// //I have to go through 100,000+ lines of code in the .NET Clr to figure out how these string tokens work and still didnt figure it out.
-
-// if (forth != 112)
-// {
-// //Will this ever be in the String Stream?
-// s = mainFile.Backend.ClrStringsStream.GetByOffset((uint)numb);
-// }
-// else
-// {
-// //US stream
-
-// //This is only a temp. hack
-// s = mainFile.Backend.ClrUsStream.GetByOffset((uint)numb);
-// }
-// int rid = numb & 0x00ffffff; //Not sure weather this is needed, but I found it in the CLR
-// i += 4; //skip past the string
-
-// inr.Add(new ILInstruction()
-// {
-// OpCode = OpCodes.Ldstr,
-// Operand = s
-// });
-// }
-// else if (opCode == OpCodes.Call)
-// {
-// try
-// {
-// byte fi = code[i + 1];
-// byte s = code[i + 2];
-// byte t = code[i + 3];
-// byte f = code[i + 4];
-// byte[] num = new byte[] { fi, s, t, f };
-// short numb = BitConverter.ToInt16(num, 0); //Method Token
-
-
-// //Get the method that we are calling
-// var c = mainFile.Backend.tabels.MemberRefTabelRow[numb - 1]; //is the -1 needed?
-
-// i += 4; //skip past the string
-// #region Decode
-// //Decode the class bytes
-// uint tabel;
-// uint row;
-// DecodeMemberRefParent(c.Class, out tabel, out row);
-
-
-// var funcName = mainFile.Backend.ClrStringsStream.GetByOffset(c.Name);
-// string classs;
-// string Namespace;
-
-// //TYPE def
-// if (tabel == 02)
-// {
-// var tt = mainFile.Backend.tabels.TypeDefTabel[(int)row - 1];
-
-// classs = mainFile.Backend.ClrStringsStream.GetByOffset(tt.Name);
-// Namespace = mainFile.Backend.ClrStringsStream.GetByOffset(tt.Namespace);
-// }
-// //Type REF
-// else if (tabel == 01)
-// {
-// var tt = fs.Backend.tabels.TypeRefTabel[(int)row - 1];
-
-// classs = fs.Backend.ClrStringsStream.GetByOffset(tt.TypeName);
-// Namespace = fs.Backend.ClrStringsStream.GetByOffset(tt.TypeNamespace);
-// }
-// //Module Ref
-// else if (tabel == 26)
-// {
-// //var tt = file.Backend.MetaDataStreamTablesHeader.Tables.ModuleRef[(int)row - 1];
-
-// //classs = file.Backend.ClrStringsStream.GetByOffset(tt.Name);
-// //Namespace = file.Backend.ClrStringsStream.GetByOffset(tt.Namespace);
-// Console.WriteLine("Module Ref not supported!");
-// classs = "";
-// Namespace = "";
-// }
-// //Unknown
-// else
-// {
-// classs = "";
-// Namespace = "";
-// }
-// #endregion
-// var inst = new ILInstruction()
-// {
-// OpCode = OpCodes.Call,
-// DecompilerExtraData = numb
-// };
-
-// DotNetMethod m2 = ResolveMethod(Namespace, classs, funcName);
-
-// inst.Operand = new CallMethodDataHolder() { ClassName = classs, NameSpace = Namespace, FunctionName = funcName, ResolvedMethod = m2 };
-
-
-// inr.Add(inst);
-// }
-// catch { }
-// }
-// else
-// {
-// inr.Add(new ILInstruction() { OpCode = opCode });
-// }
-// }
-// //After decoding, start the method
-// DoStartMethod(inr, fs, args);
-// }
-// ///
-// /// TODO: Resolve Method Properly using the MethodRef Tabel
-// ///
-// ///
-// ///
-// ///
-// ///
-// private DotNetMethod ResolveMethod(string Namespace, string TypeName, string MethodName)
-// {
-// //Search for the method in main Exe
-// DotNetMethod m2 = null;
-// foreach (var type in mainFile.Types)
-// {
-// if (type.Name == TypeName && type.NameSpace == Namespace)
-// {
-// foreach (var method in type.Methods)
-// {
-// if (method.Name == MethodName)
-// {
-// m2 = method;
-// break;
-// }
-// }
-// }
-// }
-// //Search in the other dlls
-// if (m2 == null)
-// {
-// foreach (var item in LoadedDlls)
-// {
-// foreach (var type in item.Types)
-// {
-// if (type.Name == TypeName && type.NameSpace == Namespace)
-// {
-// foreach (var method in type.Methods)
-// {
-// if (method.Name == MethodName)
-// {
-// m2 = method;
-// break;
-// }
-// }
-// }
-// }
-// }
-// }
-
-// if (m2 == null)
-// {
-// Console.WriteLine($"Cannot resolve method: {Namespace}.{TypeName}.{MethodName}(...);");
-// //throw new MissingMethodException($"Cannot resolve method: {Namespace}.{TypeName}.{MethodName}(...);");
-// return null;
-// }
-// return m2;
-// }
-// private void DoStartMethod(List ops, DotNetFile fs, params string[] args)
-// {
-// foreach (var item in ops)
-// {
-// if (!IsRunning)
-// return;
-// if (item.OpCode == OpCodes.Nop)
-// {
-// //Don't do anything
-// if (DumpIL)
-// Console.WriteLine("[IL] NOP");
-// }
-
-// else if (item.OpCode == OpCodes.Ldstr)
-// {
-// Args[argsCurrentIndex] = (string)item.Operand;
-// argsCurrentIndex++;
-// if (DumpIL)
-// Console.WriteLine("[IL] Ldstr \"" + (string)item.Operand + "\"");
-// }
-// else if (item.OpCode == OpCodes.Call)
-// {
-// var x = (CallMethodDataHolder)item.Operand;
-
-// //Call function
-// if (DumpIL)
-// Console.WriteLine("[IL] Call " + x.NameSpace + "." + x.ClassName + "." + x.FunctionName);
-
-// //Execute Method
-// if (x.ResolvedMethod != null)
-// {
-// ProcessMethod(x.ResolvedMethod, x.ResolvedMethod.File, "TODO");
-// }
-// else
-// {
-// PrintErrorAndExit("Fatal Error: cannot find method: " + x.NameSpace + "." + x.ClassName + "." + x.FunctionName, "ClrUnresolvedMethodError");
-// }
-// argsCurrentIndex = 0;
-// }
-// else if (item.OpCode == OpCodes.Ldarg_0)
-// {
-// Args[0] = args[0];
-// }
-// else if (item.OpCode == OpCodes.Ret)
-// {
-// if (DumpIL)
-// Console.WriteLine("[IL] RET");
-// return;
-// }
-// else
-// {
-// if (DumpIL)
-// Console.WriteLine("[IL] Unknown OPCODE: " + item.OpCode);
-// }
-// }
-// }
-// private void PrintErrorAndExit(string message, string errorName)
-// {
-// Console.WriteLine($"A {errorName} has occured in {mainFile.Backend.ClrStringsStream.GetByOffset(mainFile.Backend.tabels.ModuleTabel[0].Name)}: {message}");
-// IsRunning = false;
-// }
-// #region Decoding MemberRefParent
-// private const uint MemberRefParrent = 0x7;
-// private const uint MemberRefParrent_TYPEDEF = 0x0;
-// private const uint MemberRefParrent_TYPEREF = 0x1;
-// private const uint MemberRefParrent_MODULEREF = 0x2;
-// private const uint MemberRefParrent_METHODDEF = 0x3;
-// private const uint MemberRefParrent_TYPESPEC = 0x4;
-// private static void DecodeMemberRefParent(uint index, out uint tableIndex, out uint row)
-// {
-// tableIndex = 0;
-// switch (index & MemberRefParrent)
-// {
-// case MemberRefParrent_TYPEDEF:
-// tableIndex = 02;
-// break;
-
-// case MemberRefParrent_TYPEREF:
-// tableIndex = 01;
-// break;
-
-// case MemberRefParrent_MODULEREF:
-// tableIndex = 26;
-// break;
-
-// case MemberRefParrent_METHODDEF:
-// tableIndex = 06;
-// break;
-
-// case MemberRefParrent_TYPESPEC:
-// tableIndex = 27;
-// break;
-// }
-// row = index >> 3;
-// }
-// #endregion
-// }
-//}
\ No newline at end of file
diff --git a/LibDotNetParser/ILFormater.cs b/LibDotNetParser/CILApi/IL/ILFormater.cs
similarity index 100%
rename from LibDotNetParser/ILFormater.cs
rename to LibDotNetParser/CILApi/IL/ILFormater.cs
diff --git a/LibDotNetParser/CILApi/ILInstruction.cs b/LibDotNetParser/CILApi/IL/ILInstruction.cs
similarity index 100%
rename from LibDotNetParser/CILApi/ILInstruction.cs
rename to LibDotNetParser/CILApi/IL/ILInstruction.cs
diff --git a/LibDotNetParser/CILApi/IlDecompiler.cs b/LibDotNetParser/CILApi/IL/IlDecompiler.cs
similarity index 98%
rename from LibDotNetParser/CILApi/IlDecompiler.cs
rename to LibDotNetParser/CILApi/IL/IlDecompiler.cs
index 917af57..de46782 100644
--- a/LibDotNetParser/CILApi/IlDecompiler.cs
+++ b/LibDotNetParser/CILApi/IL/IlDecompiler.cs
@@ -26,6 +26,13 @@ public ILInstruction[] Decompile()
if (opCode == null)
continue;
+ if (opCodeb == 0xFE)
+ {
+ opCodeb = code[i + 1];
+ opCode = OpCodes.MultiOpCodes[opCodeb];
+ i++;
+ }
+
//TODO: Implment the rest of these
switch (opCode.OpCodeOperandType)
{
diff --git a/LibDotNetParser/CILApi/IL/CallMethodDataHolder.cs b/LibDotNetParser/CILApi/IL/OpCodes/CallMethodDataHolder.cs
similarity index 100%
rename from LibDotNetParser/CILApi/IL/CallMethodDataHolder.cs
rename to LibDotNetParser/CILApi/IL/OpCodes/CallMethodDataHolder.cs
diff --git a/LibDotNetParser/CILApi/IL/OpCode.cs b/LibDotNetParser/CILApi/IL/OpCodes/OpCode.cs
similarity index 100%
rename from LibDotNetParser/CILApi/IL/OpCode.cs
rename to LibDotNetParser/CILApi/IL/OpCodes/OpCode.cs
diff --git a/LibDotNetParser/CILApi/IL/OpCodeOperandType.cs b/LibDotNetParser/CILApi/IL/OpCodes/OpCodeOperandType.cs
similarity index 100%
rename from LibDotNetParser/CILApi/IL/OpCodeOperandType.cs
rename to LibDotNetParser/CILApi/IL/OpCodes/OpCodeOperandType.cs
diff --git a/LibDotNetParser/CILApi/IL/OpCodes.cs b/LibDotNetParser/CILApi/IL/OpCodes/OpCodes.cs
similarity index 79%
rename from LibDotNetParser/CILApi/IL/OpCodes.cs
rename to LibDotNetParser/CILApi/IL/OpCodes/OpCodes.cs
index 6389349..faf59d6 100644
--- a/LibDotNetParser/CILApi/IL/OpCodes.cs
+++ b/LibDotNetParser/CILApi/IL/OpCodes/OpCodes.cs
@@ -12,9 +12,7 @@ public static class OpCodes
//This File was generated by a tool that MishaProductions made.
// List of CIL Opcodes
- //This File was generated by a tool that MishaProductions made.
-
- // List of CIL Opcodes
+ // Single opcodes
public static readonly OpCode[] SingleOpCodes = new OpCode[256]
{
new OpCode("nop", 0, OpCodeOperandType.InlineNone),
@@ -274,5 +272,268 @@ public static class OpCodes
new OpCode("prefix1", 254, OpCodeOperandType.InlineNone),
new OpCode("prefixref", 255, OpCodeOperandType.InlineNone),
};
+
+
+ // Multi opcodes
+
+ public static readonly OpCode[] MultiOpCodes = new OpCode[256]
+ {
+new OpCode("arglist", 0, OpCodeOperandType.InlineNone, true),
+new OpCode("ceq", 1, OpCodeOperandType.InlineNone, true),
+new OpCode("cgt", 2, OpCodeOperandType.InlineNone, true),
+new OpCode("cgt.un", 3, OpCodeOperandType.InlineNone, true),
+new OpCode("clt", 4, OpCodeOperandType.InlineNone, true),
+new OpCode("clt.un", 5, OpCodeOperandType.InlineNone, true),
+new OpCode("ldftn", 6, OpCodeOperandType.InlineMethod, true),
+new OpCode("ldvirtftn", 7, OpCodeOperandType.InlineMethod, true),
+null,
+new OpCode("ldarg", 9, OpCodeOperandType.InlineVar, true),
+new OpCode("ldarga", 10, OpCodeOperandType.InlineVar, true),
+new OpCode("starg", 11, OpCodeOperandType.InlineVar, true),
+new OpCode("ldloc", 12, OpCodeOperandType.InlineVar, true),
+new OpCode("ldloca", 13, OpCodeOperandType.InlineVar, true),
+new OpCode("stloc", 14, OpCodeOperandType.InlineVar, true),
+new OpCode("localloc", 15, OpCodeOperandType.InlineNone, true),
+null,
+new OpCode("endfilter", 17, OpCodeOperandType.InlineNone, true),
+new OpCode("unaligned.", 18, OpCodeOperandType.ShortInlineI, true),
+new OpCode("volatile.", 19, OpCodeOperandType.InlineNone, true),
+new OpCode("tail.", 20, OpCodeOperandType.InlineNone, true),
+new OpCode("initobj", 21, OpCodeOperandType.InlineType, true),
+new OpCode("constrained.", 22, OpCodeOperandType.InlineType, true),
+new OpCode("cpblk", 23, OpCodeOperandType.InlineNone, true),
+new OpCode("initblk", 24, OpCodeOperandType.InlineNone, true),
+null,
+new OpCode("rethrow", 26, OpCodeOperandType.InlineNone, true),
+null,
+new OpCode("sizeof", 28, OpCodeOperandType.InlineType, true),
+new OpCode("refanytype", 29, OpCodeOperandType.InlineNone, true),
+new OpCode("readonly.", 30, OpCodeOperandType.InlineNone, true),
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+null,
+ };
}
}
diff --git a/LibDotNetParser/CILApi/IL/OpCodesExt.cs b/LibDotNetParser/CILApi/IL/OpCodesExt.cs
deleted file mode 100644
index b080d11..0000000
--- a/LibDotNetParser/CILApi/IL/OpCodesExt.cs
+++ /dev/null
@@ -1,11 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-
-namespace LibDotNetParser.CILApi.IL
-{
- public class OpCodesExt
- {
- public const int Arglist = 0x00;
- }
-}
diff --git a/LibDotNetParser/CILApi/MethodAttr.cs b/LibDotNetParser/CILApi/MethodAttr.cs
index 818bc8e..9d3fabd 100644
--- a/LibDotNetParser/CILApi/MethodAttr.cs
+++ b/LibDotNetParser/CILApi/MethodAttr.cs
@@ -6,7 +6,7 @@
namespace LibDotNetParser.CILApi
{
- enum MethodAttr
+ internal enum MethodAttr
{
// member access mask - Use this mask to retrieve
diff --git a/LibDotNetParser/DotNet/Tabels/Tabels.cs b/LibDotNetParser/DotNet/Tabels/Tabels.cs
index 969fee1..799a4a1 100644
--- a/LibDotNetParser/DotNet/Tabels/Tabels.cs
+++ b/LibDotNetParser/DotNet/Tabels/Tabels.cs
@@ -18,7 +18,7 @@ public class Tabels
public List ParmTabel { get; }
public List InterfaceImplTable { get; }
public List MemberRefTabelRow { get; }
- public Tabels(PEParaser p)
+ public Tabels(PEFile p)
{
//Init
this.r = p.MetadataReader;
diff --git a/LibDotNetParser/PEParaser.cs b/LibDotNetParser/PE/PEFile.cs
similarity index 99%
rename from LibDotNetParser/PEParaser.cs
rename to LibDotNetParser/PE/PEFile.cs
index c8eb048..5b75117 100644
--- a/LibDotNetParser/PEParaser.cs
+++ b/LibDotNetParser/PE/PEFile.cs
@@ -8,7 +8,7 @@
namespace LibDotNetParser
{
- public class PEParaser
+ public class PEFile
{
#region PE
public DOSHeader DosHeader { get; private set; }
@@ -29,13 +29,13 @@ public class PEParaser
List Streams = new List();
#endregion
public BinaryReader RawFile;
- public PEParaser(string FilePath)
+ public PEFile(string FilePath)
{
byte[] fs = File.ReadAllBytes(FilePath);
Init(fs);
}
- public PEParaser(byte[] file)
+ public PEFile(byte[] file)
{
Init(file);
}
@@ -143,24 +143,6 @@ private void Init(byte[] data)
#endregion
}
- public byte[] GetStreamBytes(string streamName, BinaryReader r)
- {
- StreamHeader hdr = null;
- foreach (var item in Streams)
- {
- if (item.Name == streamName)
- {
- hdr = item;
- break;
- }
- }
- if (hdr == null)
- return null;
-
- return GetStreamBytes(r, hdr, ClrHeader.MetaDataDirectoryAddress, PeHeader.Sections);
- }
-
-
#region Read Windows Header
public DOSHeader ReadDOSHeader(BinaryReader reader)
{
@@ -375,6 +357,7 @@ public byte[] GetStreamBytes(BinaryReader reader, StreamHeader streamHeader, uin
return reader.ReadBytes((int)streamHeader.Size);
}
#endregion
+ #region Utils
public static ulong RelativeVirtualAddressToFileOffset(ulong rva, IEnumerable sections)
{
// find the section whose virtual address range contains the data directory's virtual address.
@@ -395,5 +378,22 @@ public static ulong RelativeVirtualAddressToFileOffset(ulong rva, IEnumerable