SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-03 21:29:23 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Add editorconfig, fix issues

Browse Source
This commit is contained in:
Matt Nadareski
2026-01-25 17:27:42 -05:00
parent 7058c7a150
commit 0d2f81773d
84 changed files with 407 additions and 244 deletions
Download Patch File Download Diff File Expand all files Collapse all files

167
.editorconfig Normal file
View File

@@ -0,0 +1,167 @@
# top-most EditorConfig file
root = true
# C# files
[*.cs]
# Indentation and spacing
charset = utf-8
indent_size = 4
indent_style = space
tab_width = 4
trim_trailing_whitespace = true
# New line preferences
end_of_line = lf
insert_final_newline = true
max_line_length = unset
# using directive preferences
csharp_using_directive_placement = outside_namespace
dotnet_diagnostic.IDE0005.severity = error
# Code-block preferences
csharp_style_namespace_declarations = block_scoped
csharp_style_prefer_method_group_conversion = true
csharp_style_prefer_top_level_statements = false
# Expression-level preferences
csharp_prefer_simple_default_expression = true
csharp_style_inlined_variable_declaration = true
csharp_style_unused_value_assignment_preference = discard_variable
csharp_style_unused_value_expression_statement_preference = discard_variable
dotnet_diagnostic.IDE0001.severity = warning
dotnet_diagnostic.IDE0002.severity = warning
dotnet_diagnostic.IDE0004.severity = warning
dotnet_diagnostic.IDE0010.severity = error
dotnet_diagnostic.IDE0051.severity = warning
dotnet_diagnostic.IDE0052.severity = warning
dotnet_diagnostic.IDE0072.severity = warning
dotnet_diagnostic.IDE0080.severity = warning
dotnet_diagnostic.IDE0100.severity = error
dotnet_diagnostic.IDE0110.severity = error
dotnet_diagnostic.IDE0120.severity = warning
dotnet_diagnostic.IDE0121.severity = warning
dotnet_diagnostic.IDE0240.severity = error
dotnet_diagnostic.IDE0241.severity = error
dotnet_style_coalesce_expression = true
dotnet_style_namespace_match_folder = false
dotnet_style_null_propagation = true
dotnet_style_prefer_auto_properties = true
dotnet_style_prefer_collection_expression = when_types_loosely_match
dotnet_style_prefer_is_null_check_over_reference_equality_method = true
dotnet_style_prefer_compound_assignment = true
csharp_style_prefer_simple_property_accessors = true
dotnet_style_prefer_simplified_interpolation = true
dotnet_style_prefer_simplified_boolean_expressions = true
csharp_style_prefer_unbound_generic_type_in_nameof = true
# Field preferences
dotnet_diagnostic.IDE0044.severity = warning
dotnet_style_readonly_field = true
# Language keyword vs. framework types preferences
dotnet_diagnostic.IDE0049.severity = error
dotnet_style_predefined_type_for_locals_parameters_members = true
dotnet_style_predefined_type_for_member_access = true
# Modifier preferences
csharp_prefer_static_local_function = true
csharp_style_prefer_readonly_struct = true
dotnet_diagnostic.IDE0036.severity = warning
dotnet_diagnostic.IDE0040.severity = error
dotnet_diagnostic.IDE0380.severity = error
dotnet_style_require_accessibility_modifiers = always
# New-line preferences
dotnet_diagnostic.IDE2000.severity = warning
dotnet_diagnostic.IDE2002.severity = warning
dotnet_diagnostic.IDE2003.severity = warning
dotnet_diagnostic.IDE2004.severity = warning
dotnet_diagnostic.IDE2005.severity = warning
dotnet_diagnostic.IDE2006.severity = warning
csharp_style_allow_blank_line_after_colon_in_constructor_initializer_experimental = false
csharp_style_allow_blank_line_after_token_in_arrow_expression_clause_experimental = false
csharp_style_allow_blank_line_after_token_in_conditional_expression_experimental = false
csharp_style_allow_blank_lines_between_consecutive_braces_experimental = false
dotnet_style_allow_multiple_blank_lines_experimental = false
dotnet_style_allow_statement_immediately_after_block_experimental = false
# Null-checking preferences
csharp_style_conditional_delegate_call = true
# Parameter preferences
dotnet_code_quality_unused_parameters = all
dotnet_diagnostic.IDE0280.severity = error
# Parentheses preferences
dotnet_diagnostic.IDE0047.severity = warning
dotnet_diagnostic.IDE0048.severity = warning
dotnet_style_parentheses_in_arithmetic_binary_operators = always_for_clarity
dotnet_style_parentheses_in_other_binary_operators = always_for_clarity
dotnet_style_parentheses_in_other_operators = always_for_clarity
dotnet_style_parentheses_in_relational_binary_operators = always_for_clarity
# Pattern-matching preferences
dotnet_diagnostic.IDE0019.severity = warning
dotnet_diagnostic.IDE0020.severity = warning
dotnet_diagnostic.IDE0038.severity = warning
dotnet_diagnostic.IDE0066.severity = none
dotnet_diagnostic.IDE0083.severity = warning
dotnet_diagnostic.IDE0260.severity = warning
csharp_style_pattern_matching_over_as_with_null_check = true
csharp_style_pattern_matching_over_is_with_cast_check = true
csharp_style_prefer_not_pattern = true
csharp_style_prefer_pattern_matching = true
# this. and Me. preferences
dotnet_style_qualification_for_event = false
dotnet_style_qualification_for_field = false
dotnet_style_qualification_for_method = false
dotnet_style_qualification_for_property = false
# var preferences
csharp_style_var_for_built_in_types = false
csharp_style_var_when_type_is_apparent = true
# .NET formatting options
dotnet_separate_import_directive_groups = false
dotnet_sort_system_directives_first = true
# C# formatting options
csharp_indent_block_contents = true
csharp_indent_braces = false
csharp_indent_case_contents = true
csharp_indent_case_contents_when_block = false
csharp_indent_labels = one_less_than_current
csharp_indent_switch_labels = true
csharp_new_line_before_catch = true
csharp_new_line_before_else = true
csharp_new_line_before_finally = true
csharp_new_line_before_members_in_anonymous_types = true
csharp_new_line_before_members_in_object_initializers = true
csharp_new_line_before_open_brace = all
csharp_new_line_between_query_expression_clauses = true
csharp_preserve_single_line_blocks = true
csharp_preserve_single_line_statements = true
csharp_space_after_cast = false
csharp_space_after_colon_in_inheritance_clause = true
csharp_space_after_comma = true
csharp_space_after_dot = false
csharp_space_after_keywords_in_control_flow_statements = true
csharp_space_after_semicolon_in_for_statement = true
csharp_space_around_binary_operators = before_and_after
csharp_space_around_declaration_statements = false
csharp_space_before_colon_in_inheritance_clause = true
csharp_space_before_comma = false
csharp_space_before_dot = false
csharp_space_before_open_square_brackets = false
csharp_space_before_semicolon_in_for_statement = false
csharp_space_between_empty_square_brackets = false
csharp_space_between_method_call_empty_parameter_list_parentheses = false
csharp_space_between_method_call_name_and_opening_parenthesis = false
csharp_space_between_method_call_parameter_list_parentheses = false
csharp_space_between_method_declaration_empty_parameter_list_parentheses = false
csharp_space_between_method_declaration_parameter_list_parentheses = false
csharp_space_between_parentheses = false
csharp_space_between_square_brackets = false

2
BinaryObjectScanner/Data/CheckDictionary.cs
View File

@@ -13,7 +13,7 @@ namespace BinaryObjectScanner.Data
/// <remarks>Handles the proper Add implementation</remarks>
public void Append(T key, string? value)
{
if (value == null || value.Trim().Length == 0)
if (value is null || value.Trim().Length == 0)
return;
#if NET20 || NET35

14
BinaryObjectScanner/Data/ProtectionDictionary.cs
View File

@@ -26,7 +26,7 @@ namespace BinaryObjectScanner.Data
public void Append(string key, string? value)
{
// If the value is empty, don't add it
if (value == null || value.Trim().Length == 0)
if (value is null || value.Trim().Length == 0)
return;
EnsureKey(key);
@@ -47,7 +47,7 @@ namespace BinaryObjectScanner.Data
EnsureKey(key);
foreach (string value in values)
{
if (value == null || value.Trim().Length == 0)
if (value is null || value.Trim().Length == 0)
continue;
foreach (string subValue in ProcessProtectionString(value))
@@ -79,7 +79,7 @@ namespace BinaryObjectScanner.Data
public void Append(ProtectionDictionary? addition)
{
// If the dictionary is missing, just return
if (addition == null)
if (addition is null)
return;
// Loop through each of the addition keys and add accordingly
@@ -106,10 +106,10 @@ namespace BinaryObjectScanner.Data
// If the key is empty, remove it
#if NET20 || NET35
if (this[key] == null || this[key].Count == 0)
if (this[key] is null || this[key].Count == 0)
Remove(key);
#else
if (this[key] == null || this[key].IsEmpty)
if (this[key] is null || this[key].IsEmpty)
TryRemove(key, out _);
#endif
}
@@ -189,13 +189,13 @@ namespace BinaryObjectScanner.Data
/// <param name="values">Queue to get data from</param>
private void AddRangeToKey(string key, IEnumerable<string> values)
{
if (values == null)
if (values is null)
return;
EnsureKey(key);
foreach (string value in values)
{
if (value == null || value.Trim().Length == 0)
if (value is null || value.Trim().Length == 0)
continue;
foreach (string subValue in ProcessProtectionString(value))

6
BinaryObjectScanner/Data/StaticChecks.cs
View File

@@ -150,7 +150,7 @@ namespace BinaryObjectScanner.Data
{
// Get information from the type param
string? interfaceName = typeof(T).FullName;
if (interfaceName == null)
if (interfaceName is null)
return [];
// If not all types can be loaded, use the ones that could be
@@ -173,7 +173,7 @@ namespace BinaryObjectScanner.Data
foreach (Type? type in assemblyTypes)
{
// Skip invalid types
if (type == null)
if (type is null)
continue;
// If the type isn't a class
@@ -187,7 +187,7 @@ namespace BinaryObjectScanner.Data
// Try to create a concrete instance of the type
var instance = (T?)Activator.CreateInstance(type);
if (instance != null)
if (instance is not null)
classTypes.Add(instance);
}

2
BinaryObjectScanner/FileType/Executable.cs
View File

@@ -47,7 +47,7 @@ namespace BinaryObjectScanner.FileType
stream.Seek(0, SeekOrigin.Begin);
fileContent = stream.ReadBytes((int)stream.Length);
if (fileContent == null)
if (fileContent is null)
return protections;
}
catch (Exception ex)

2
BinaryObjectScanner/FileType/ISO9660.cs
View File

@@ -90,7 +90,7 @@ namespace BinaryObjectScanner.FileType
int offset = 0;
string? potentialAppUseString = applicationUse.ReadNullTerminatedAnsiString(ref offset);
if (potentialAppUseString != null && potentialAppUseString.Length > 0) // Some image authoring programs add a starting string to AU data
if (potentialAppUseString is not null && potentialAppUseString.Length > 0) // Some image authoring programs add a starting string to AU data
{
if (potentialAppUseString.StartsWith("ImgBurn"))
return false;

2
BinaryObjectScanner/Interfaces/IContentCheck.cs
View File

@@ -12,6 +12,6 @@
/// <param name="fileContent">Byte array representing the file contents</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string? CheckContents(string file, byte[] fileContent, bool includeDebug);
public string? CheckContents(string file, byte[] fileContent, bool includeDebug);
}
}

4
BinaryObjectScanner/Interfaces/IDetectable.cs
View File

@@ -14,7 +14,7 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Detected file or protection type, null on error</returns>
/// <remarks>Ideally, this should just point to the other detect implementation.</remarks>
string? Detect(string file, bool includeDebug);
public string? Detect(string file, bool includeDebug);
/// <summary>
/// Check if a stream is detected as this file type
@@ -23,6 +23,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="file">Path to the input file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Detected file or protection type, null on error</returns>
string? Detect(Stream stream, string file, bool includeDebug);
public string? Detect(Stream stream, string file, bool includeDebug);
}
}

2
BinaryObjectScanner/Interfaces/IDiskImageCheck.cs
View File

@@ -14,6 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="diskImage">Disk image representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string? CheckDiskImage(string file, T diskImage, bool includeDebug);
public string? CheckDiskImage(string file, T diskImage, bool includeDebug);
}
}

2
BinaryObjectScanner/Interfaces/IExecutableCheck.cs
View File

@@ -14,6 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="exe">Executable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string? CheckExecutable(string file, T exe, bool includeDebug);
public string? CheckExecutable(string file, T exe, bool includeDebug);
}
}

4
BinaryObjectScanner/Interfaces/IPathCheck.cs
View File

@@ -16,13 +16,13 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="path">Path to check for protection indicators</param>
/// <param name="files">List of strings representing files in a directory</param>
/// <remarks>This can do some limited content checking as well, but it's suggested to use a content check instead, if possible</remarks>
List<string> CheckDirectoryPath(string path, List<string>? files);
public List<string> CheckDirectoryPath(string path, List<string>? files);
/// <summary>
/// Check a file path for protections based on path name
/// </summary>
/// <param name="path">Path to check for protection indicators</param>
/// <remarks>This can do some limited content checking as well, but it's suggested to use a content check instead, if possible</remarks>
string? CheckFilePath(string path);
public string? CheckFilePath(string path);
}
}

6
BinaryObjectScanner/Packer/ASPack.cs
View File

@@ -18,7 +18,7 @@ namespace BinaryObjectScanner.Packer
return "ASPack 2.29";
// Use the entry point data, if it exists
if (exe.EntryPointData != null)
if (exe.EntryPointData is not null)
{
var matchers = GenerateMatchers();
var match = MatchUtil.GetFirstMatch(file, exe.EntryPointData, matchers, includeDebug);
@@ -28,7 +28,7 @@ namespace BinaryObjectScanner.Packer
// Get the .adata* section, if it exists
var adataSectionRaw = exe.GetFirstSectionData(".adata", exact: false);
if (adataSectionRaw != null)
if (adataSectionRaw is not null)
{
var matchers = GenerateMatchers();
var match = MatchUtil.GetFirstMatch(file, adataSectionRaw, matchers, includeDebug);
@@ -38,7 +38,7 @@ namespace BinaryObjectScanner.Packer
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw != null)
if (dataSectionRaw is not null)
{
var matchers = GenerateMatchers();
var match = MatchUtil.GetFirstMatch(file, dataSectionRaw, matchers, includeDebug);

2
BinaryObjectScanner/Packer/AdvancedInstaller.cs
View File

@@ -11,7 +11,7 @@ namespace BinaryObjectScanner.Packer
{
// Get the .rdata section strings, if they exist
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("Software\\Caphyon\\Advanced Installer")))
return "Caphyon Advanced Installer SFX";

2
BinaryObjectScanner/Packer/CExe.cs
View File

@@ -18,7 +18,7 @@ namespace BinaryObjectScanner.Packer
if (exe.FindResourceByNamedType("99, ").Count == 2)
return "CExe";
if (exe.StubExecutableData != null)
if (exe.StubExecutableData is not null)
{
var matchers = new List<ContentMatchSet>
{

2
BinaryObjectScanner/Packer/Crunch.cs
View File

@@ -16,7 +16,7 @@ namespace BinaryObjectScanner.Packer
// Get the last section strings, if they exist
var sections = exe.SectionTable ?? [];
var strs = exe.GetSectionStrings(sections.Length - 1);
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("BITARTS")))
return "Crunch";

2
BinaryObjectScanner/Packer/DotFuscator.cs
View File

@@ -11,7 +11,7 @@ namespace BinaryObjectScanner.Packer
{
// Get the .text section strings, if they exist
var strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("DotfuscatorAttribute")))
return "dotFuscator";

2
BinaryObjectScanner/Packer/DotNetReactor.cs
View File

@@ -25,7 +25,7 @@ namespace BinaryObjectScanner.Packer
// Get the .text section, if it exists
var textData = exe.GetFirstSectionData(".text");
if (textData != null)
if (textData is not null)
{
var matchers = new List<ContentMatchSet>
{

8
BinaryObjectScanner/Packer/EmbeddedFile.cs
View File

@@ -19,7 +19,7 @@ namespace BinaryObjectScanner.Packer
// Check the overlay, if it exists
byte[]? overlayData = exe.OverlayData;
if (overlayData != null && overlayData.Length > 0)
if (overlayData is not null && overlayData.Length > 0)
{
// Set the output variables
int overlayOffset = 0;
@@ -111,12 +111,12 @@ namespace BinaryObjectScanner.Packer
// Only process the resources if they are recognized
var resourceData = exe.ResourceData;
if (resourceData != null)
if (resourceData is not null)
{
// Get the resources that have an archive signature
foreach (var value in resourceData.Values)
{
if (value == null || value is not byte[] ba || ba.Length == 0)
if (value is null || value is not byte[] ba || ba.Length == 0)
continue;
// Set the output variables
@@ -162,7 +162,7 @@ namespace BinaryObjectScanner.Packer
// Check the overlay, if it exists
byte[]? overlayData = exe.OverlayData;
if (overlayData != null && overlayData.Length > 0)
if (overlayData is not null && overlayData.Length > 0)
{
// Set the output variables
int overlayOffset = 0;

2
BinaryObjectScanner/Packer/GenteeInstaller.cs
View File

@@ -22,7 +22,7 @@ namespace BinaryObjectScanner.Packer
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("Gentee installer")))
return "Gentee Installer";

2
BinaryObjectScanner/Packer/GhostInstaller.cs
View File

@@ -14,7 +14,7 @@ namespace BinaryObjectScanner.Packer
{
// <see href="https://www.virustotal.com/gui/file/b2fc4cffe5131195baf419e96c9fa68c3f23208986fb14e3c5b458b1e7d6af89/details"/>
var overlayData = exe.OverlayData;
if (overlayData != null)
if (overlayData is not null)
{
// GIPEND
if (overlayData.EndsWith([0x47, 0x49, 0x50, 0x45, 0x4E, 0x44]))

8
BinaryObjectScanner/Packer/InnoSetup.cs
View File

@@ -15,7 +15,7 @@ namespace BinaryObjectScanner.Packer
{
// Check for "Inno" in the reserved words
var reserved2 = exe.Stub?.Header?.Reserved2;
if (reserved2 != null && reserved2.Length > 5)
if (reserved2 is not null && reserved2.Length > 5)
{
if (reserved2[4] == 0x6E49 && reserved2[5] == 0x6F6E)
{
@@ -35,10 +35,10 @@ namespace BinaryObjectScanner.Packer
{
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
var str = strs.Find(s => s.StartsWith("Inno Setup Setup Data"));
if (str != null)
if (str is not null)
{
return str.Replace("Inno Setup Setup Data", "Inno Setup")
.Replace("(u)", "[Unicode]")
@@ -62,7 +62,7 @@ namespace BinaryObjectScanner.Packer
#pragma warning disable CS0618
byte[]? data = exe.ReadArbitraryRange();
if (data == null)
if (data is null)
return "Unknown 1.X";
var matchers = new List<ContentMatchSet>

2
BinaryObjectScanner/Packer/InstallerVISE.cs
View File

@@ -13,7 +13,7 @@ namespace BinaryObjectScanner.Packer
{
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("ViseMain")))
return "Installer VISE";

4
BinaryObjectScanner/Packer/MicrosoftCABSFX.cs
View File

@@ -23,7 +23,7 @@ namespace BinaryObjectScanner.Packer
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("wextract_cleanup")))
return $"Microsoft CAB SFX {GetVersion(exe)}";
@@ -31,7 +31,7 @@ namespace BinaryObjectScanner.Packer
// Get the .text section strings, if they exist
strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
// This detects a different but similar type of SFX that uses Microsoft CAB files.
// Further research is needed to see if it's just a different version or entirely separate.

4
BinaryObjectScanner/Packer/NSIS.cs
View File

@@ -30,7 +30,7 @@ namespace BinaryObjectScanner.Packer
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("NullsoftInst")))
return "NSIS";
@@ -38,7 +38,7 @@ namespace BinaryObjectScanner.Packer
// Get the overlay strings, if they exist
strs = exe.OverlayStrings;
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("NullsoftInst")))
return "NSIS";

2
BinaryObjectScanner/Packer/ReflexiveArcadeInstaller.cs
View File

@@ -16,7 +16,7 @@ namespace BinaryObjectScanner.Packer
{
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// <see href="https://www.virustotal.com/gui/file/33b98b675d78b88ed317e7e52dca21ca07bd84e79211294fcec72cab48d11184"/>
if (strs.Exists(s => s.Contains("ReflexiveArcade")))

10
BinaryObjectScanner/Packer/UPX.cs
View File

@@ -18,14 +18,14 @@ namespace BinaryObjectScanner.Packer
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Check header padding strings
if (exe.HeaderPaddingStrings != null && exe.HeaderPaddingStrings.Count > 0)
if (exe.HeaderPaddingStrings is not null && exe.HeaderPaddingStrings.Count > 0)
{
var match = exe.HeaderPaddingStrings.Find(s => s.Contains("UPX!"));
//if (match != null)
//if (match is not null)
// return "UPX";
match = exe.HeaderPaddingStrings.Find(s => s.StartsWith("$Id: UPX"));
if (match != null)
if (match is not null)
{
var regexMatch = _oldUpxVersionMatch.Match(match);
if (regexMatch.Success)
@@ -35,7 +35,7 @@ namespace BinaryObjectScanner.Packer
}
match = exe.HeaderPaddingStrings.Find(s => _upxVersionMatch.IsMatch(s));
if (match != null && exe.HeaderPaddingStrings.Exists(s => s == "UPX!"))
if (match is not null && exe.HeaderPaddingStrings.Exists(s => s == "UPX!"))
{
var regexMatch = _upxVersionMatch.Match(match);
if (regexMatch.Success)
@@ -43,7 +43,7 @@ namespace BinaryObjectScanner.Packer
else
return "UPX (Unknown Version)";
}
else if (match != null && exe.HeaderPaddingStrings.Exists(s => s == "NOS "))
else if (match is not null && exe.HeaderPaddingStrings.Exists(s => s == "NOS "))
{
var regexMatch = _upxVersionMatch.Match(match);
if (regexMatch.Success)

8
BinaryObjectScanner/Packer/WinZipSFX.cs
View File

@@ -11,14 +11,14 @@ namespace BinaryObjectScanner.Packer
public string? CheckExecutable(string file, NewExecutable exe, bool includeDebug)
{
// If the resident-name table doesnt exist
if (exe.ResidentNameTable == null)
if (exe.ResidentNameTable is null)
return null;
// Get the resident and non-resident name table strings
var rntStrs = Array.ConvertAll(exe.ResidentNameTable,
rnte => rnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
rnte => rnte?.NameString is null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
var nrntStrs = Array.ConvertAll(exe.NonResidentNameTable ?? [],
nrnte => nrnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString));
nrnte => nrnte?.NameString is null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString));
// Check for the WinZip name strings
bool winZipNameFound = Array.Exists(rntStrs, s => s.Contains("WZ-SE-01"));
@@ -40,7 +40,7 @@ namespace BinaryObjectScanner.Packer
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Check the export directory table, if it exists
if (exe.ExportDirectoryTable != null)
if (exe.ExportDirectoryTable is not null)
{
var version = GetPEExportDirectoryVersion(exe);
if (!string.IsNullOrEmpty(version))

2
BinaryObjectScanner/Packer/WiseInstaller.cs
View File

@@ -24,7 +24,7 @@ namespace BinaryObjectScanner.Packer
return "Wise Installation Wizard Module";
// If the section header can be found
if (exe.WiseSection != null)
if (exe.WiseSection is not null)
return "Wise Installation Wizard Module";
return null;

10
BinaryObjectScanner/Protection/ActiveMARK.cs
View File

@@ -37,7 +37,7 @@ namespace BinaryObjectScanner.Protection
// - In the stub data, there's a string for the download: "http://d.trymedia.com/dd/..."
// Get the entry point data, if it exists
if (exe.EntryPointData != null)
if (exe.EntryPointData is not null)
{
// Found in "Zuma.exe"
if (exe.EntryPointData.StartsWith(new byte?[] { 0x89, 0x25, 0x04, 0xF0, 0x86, 0x00, 0x68, 0x30 }))
@@ -46,7 +46,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data section strings, if they exist
var strs = exe.GetLastSectionStrings(".data");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("MPRMMGVA"))
&& strs.Exists(s => s.Contains("This application cannot run with an active debugger in memory.")))
@@ -60,14 +60,14 @@ namespace BinaryObjectScanner.Protection
if (resources.Count > 0)
{
bool match = resources
.ConvertAll(r => r == null ? string.Empty : Encoding.ASCII.GetString(r))
.ConvertAll(r => r is null ? string.Empty : Encoding.ASCII.GetString(r))
.FindIndex(r => r.Contains("ActiveMARK")) > -1;
if (match)
return "ActiveMARK";
}
// Get the overlay data, if it exists
if (exe.OverlayStrings != null)
if (exe.OverlayStrings is not null)
{
if (exe.OverlayStrings.Exists(s => s.Contains("TMSAMVOH")))
return "ActiveMARK";
@@ -75,7 +75,7 @@ namespace BinaryObjectScanner.Protection
// Get the last .bss section strings, if they exist
strs = exe.GetLastSectionStrings(".bss");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("TMSAMVOF")))
return "ActiveMARK";

2
BinaryObjectScanner/Protection/AegiSoft.cs
View File

@@ -39,7 +39,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw != null)
if (dataSectionRaw is not null)
{
var matchers = new List<ContentMatchSet>
{

24
BinaryObjectScanner/Protection/AlphaROM.cs
View File

@@ -62,7 +62,7 @@ namespace BinaryObjectScanner.Protection
// TODO: triple-check that length is never below 14
int offset = 0;
var applicationIdentifierString = pvd.ApplicationIdentifier.ReadNullTerminatedAnsiString(ref offset)?.Trim();
if (applicationIdentifierString == null || applicationIdentifierString.Length < 14)
if (applicationIdentifierString is null || applicationIdentifierString.Length < 14)
return null;
if (!Regex.IsMatch(applicationIdentifierString, "^[A-Z0-9]*$", RegexOptions.Compiled))
@@ -92,15 +92,15 @@ namespace BinaryObjectScanner.Protection
if (applicationIdentifierString.Length >= 18 && applicationIdentifierString.Length <= 20)
{
#if NETCOREAPP || NETSTANDARD2_1_OR_GREATER
if (int.TryParse(applicationIdentifierString.AsSpan(0, 4), out int year) == false
|| int.TryParse(applicationIdentifierString.AsSpan(4, 2), out int month) == false
|| int.TryParse(applicationIdentifierString.AsSpan(6, 2), out int day) == false
|| int.TryParse(applicationIdentifierString.AsSpan(8, 6), out int extraTime) == false)
if (!int.TryParse(applicationIdentifierString.AsSpan(0, 4), out int year)
|| !int.TryParse(applicationIdentifierString.AsSpan(4, 2), out int month)
|| i!nt.TryParse(applicationIdentifierString.AsSpan(6, 2), out int day)
|| i!nt.TryParse(applicationIdentifierString.AsSpan(8, 6), out int extraTime))
#else
if (int.TryParse(applicationIdentifierString.Substring(0, 4), out int year) == false
|| int.TryParse(applicationIdentifierString.Substring(4, 2), out int month) == false
|| int.TryParse(applicationIdentifierString.Substring(6, 2), out int day) == false
|| int.TryParse(applicationIdentifierString.Substring(8, 6), out int extraTime) == false)
if (!int.TryParse(applicationIdentifierString.Substring(0, 4), out int year)
|| !int.TryParse(applicationIdentifierString.Substring(4, 2), out int month)
|| !int.TryParse(applicationIdentifierString.Substring(6, 2), out int day)
|| !int.TryParse(applicationIdentifierString.Substring(8, 6), out int extraTime))
#endif
{
return null;
@@ -133,7 +133,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("\\SETTEC")))
return "Alpha-ROM";
@@ -144,7 +144,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("This Game is Japan Only")))
return "Alpha-ROM";
@@ -159,7 +159,7 @@ namespace BinaryObjectScanner.Protection
}
// Get the overlay data, if it exists
if (exe.OverlayStrings != null)
if (exe.OverlayStrings is not null)
{
// Found in Redump entry 84122.
if (exe.OverlayStrings.Exists(s => s.Contains("SETTEC0000")))

2
BinaryObjectScanner/Protection/Armadillo.cs
View File

@@ -33,7 +33,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the section strings, if they exist
var strs = exe.GetFirstSectionStrings(sectionName);
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("ARMDEBUG")))
return "Armadillo";

6
BinaryObjectScanner/Protection/ByteShield.cs
View File

@@ -89,7 +89,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "LineRider2.exe" in Redump entry 6236
if (strs.Exists(s => s.OptionalContains("ByteShield")))
@@ -98,7 +98,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
// Found in "ByteShield.dll" in Redump entry 6236
if (strs.Exists(s => s.OptionalContains("Byte|Shield")))
@@ -115,7 +115,7 @@ namespace BinaryObjectScanner.Protection
// Get the .ret section strings, if they exist
strs = exe.GetFirstSectionStrings(".ret");
if (strs != null)
if (strs is not null)
{
// TODO: Figure out if this specifically indicates if the file is encrypted
// Found in "LineRider2.bbz" in Redump entry 6236

14
BinaryObjectScanner/Protection/CDDVDCops.cs
View File

@@ -74,7 +74,7 @@ namespace BinaryObjectScanner.Protection
// TODO: Don't read entire file
#pragma warning disable CS0618
byte[]? data = exe.ReadArbitraryRange();
if (data == null)
if (data is null)
return null;
// TODO: Figure out what NE section this lives in
@@ -121,11 +121,11 @@ namespace BinaryObjectScanner.Protection
// Get the resident and non-resident name table strings
var nrntStrs = Array.ConvertAll(exe.NonResidentNameTable ?? [],
nrnte => nrnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString));
nrnte => nrnte?.NameString is null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString));
// Check the imported-name table
// Found in "h3blade.exe" in Redump entry 85077.
if (exe.ImportedNameTable != null)
if (exe.ImportedNameTable is not null)
{
foreach (var inte in exe.ImportedNameTable.Values)
{
@@ -150,7 +150,7 @@ namespace BinaryObjectScanner.Protection
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Get the stub executable data, if it exists
if (exe.StubExecutableData != null)
if (exe.StubExecutableData is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -182,10 +182,10 @@ namespace BinaryObjectScanner.Protection
// This contains the version section that the Content Check looked for. There are likely other sections
// that may contain it. Update when more are found.
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
var match = strs.Find(s => s.Contains(" ver. ") && (s.Contains("CD-Cops, ") || s.Contains("DVD-Cops, ")));
if (match != null)
if (match is not null)
if (match.Contains("CD-Cops"))
return $"CD-Cops {GetVersionString(match)}";
else if (match.Contains("DVD-Cops"))
@@ -258,7 +258,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
string version = Encoding.ASCII.GetString(fileContent, positions[0] + 15, 4);

6
BinaryObjectScanner/Protection/CDGuard.cs
View File

@@ -29,7 +29,7 @@ namespace BinaryObjectScanner.Protection
// TODO: Investigate the numerous ".guard" sections present in "Randevu.exe" in Redump entry 97142.
// Get the export directory table
if (exe.ExportDirectoryTable != null)
if (exe.ExportDirectoryTable is not null)
{
// Found in "cdguard.dll" in Redump entry 97142 and IA item "pahgeby-he3hakomkou".
bool match = exe.ExportDirectoryTable.Name.OptionalEquals("cdguard.dll", StringComparison.OrdinalIgnoreCase);
@@ -38,10 +38,10 @@ namespace BinaryObjectScanner.Protection
}
// Get the import directory table
if (exe.ImportDirectoryTable != null)
if (exe.ImportDirectoryTable is not null)
{
// Found in "Randevu.exe" in Redump entry 97142.
bool match = Array.Exists(exe.ImportDirectoryTable, idte => idte?.Name != null && idte.Name.Equals("cdguard.dll", StringComparison.OrdinalIgnoreCase));
bool match = Array.Exists(exe.ImportDirectoryTable, idte => idte?.Name is not null && idte.Name.Equals("cdguard.dll", StringComparison.OrdinalIgnoreCase));
if (match)
return "CD-Guard Copy Protection System";
}

2
BinaryObjectScanner/Protection/CDLock.cs
View File

@@ -31,7 +31,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw != null)
if (dataSectionRaw is not null)
{
var matchers = new List<ContentMatchSet>
{

4
BinaryObjectScanner/Protection/CDSHiELDSE.cs
View File

@@ -10,7 +10,7 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Indicates Hypertech Crack Proof as well?
//// Get the import directory table
//if (exe.ImportDirectoryTable != null)
//if (exe.ImportDirectoryTable is not null)
//{
// bool match = exe.ImportDirectoryTable.Any(idte => idte.Name == "KeRnEl32.dLl");
// if (match)
@@ -19,7 +19,7 @@ namespace BinaryObjectScanner.Protection
// Get the code/CODE section strings, if they exist
var strs = exe.GetFirstSectionStrings("code") ?? exe.GetFirstSectionStrings("CODE");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("~0017.tmp")))
return "CDSHiELD SE";

2
BinaryObjectScanner/Protection/CenegaProtectDVD.cs
View File

@@ -19,7 +19,7 @@ namespace BinaryObjectScanner.Protection
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Get the export directory table
if (exe.ExportDirectoryTable != null)
if (exe.ExportDirectoryTable is not null)
{
// Found in "cenega.dll" in IA item "speed-pack".
bool match = exe.ExportDirectoryTable.Name.OptionalEquals("ProtectDVD.dll", StringComparison.OrdinalIgnoreCase);

2
BinaryObjectScanner/Protection/ChosenBytesCodeLock.cs
View File

@@ -34,7 +34,7 @@ namespace BinaryObjectScanner.Protection
// Get the .text section strings, if they exist
var strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("CODE-LOCK.OCX")))
return "ChosenBytes Code-Lock";

8
BinaryObjectScanner/Protection/CopyX.cs
View File

@@ -61,7 +61,7 @@ namespace BinaryObjectScanner.Protection
// Checks for Professional
// PEX checks intentionally only detect Professional
if (exe.OverlayStrings != null)
if (exe.OverlayStrings is not null)
{
// Checks if main executable contains reference to optgraph.dll.
// This might be better removed later, as Redump ID 82475 is a false positive, and also doesn't actually
@@ -76,7 +76,7 @@ namespace BinaryObjectScanner.Protection
}
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
// Samples: Redump ID 82475, German Emergency 2 Deluxe, Redump ID 48393
if (strs.Exists(s => s.Contains("optgraph.dll")))
@@ -90,7 +90,7 @@ namespace BinaryObjectScanner.Protection
public List<string> CheckDirectoryPath(string path, List<string>? files)
{
var protections = new List<string>();
if (files == null)
if (files is null)
return protections;
// Checks for Light
@@ -124,7 +124,7 @@ namespace BinaryObjectScanner.Protection
break;
}
if ((lightFiles != null) && (lightFiles.Count > 0))
if ((lightFiles is not null) && (lightFiles.Count > 0))
{
try
{

2
BinaryObjectScanner/Protection/CrypKey.cs
View File

@@ -18,7 +18,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the code/CODE section strings, if they exist
var strs = exe.GetFirstSectionStrings("code") ?? exe.GetFirstSectionStrings("CODE");
if (strs != null)
if (strs is not null)
{
// Found in "NECRO95.EXE" in IA item "NBECRORV11".
// Full string:

2
BinaryObjectScanner/Protection/Cucko.cs
View File

@@ -17,7 +17,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the .text section, if it exists
var textData = exe.GetFirstSectionData(".text");
if (textData != null)
if (textData is not null)
{
var matchers = new List<ContentMatchSet>
{

4
BinaryObjectScanner/Protection/DVDMoviePROTECT.cs
View File

@@ -11,7 +11,7 @@ namespace BinaryObjectScanner.Protection
public List<string> CheckDirectoryPath(string path, List<string>? files)
{
var protections = new List<string>();
if (files == null)
if (files is null)
return protections;
if (Directory.Exists(Path.Combine(path, "VIDEO_TS")))
@@ -20,7 +20,7 @@ namespace BinaryObjectScanner.Protection
for (int i = 0; i < bupfiles.Count; i++)
{
var bupfile = new FileInfo(bupfiles[i]);
if (bupfile.DirectoryName == null)
if (bupfile.DirectoryName is null)
continue;
#if NETCOREAPP || NETSTANDARD2_1_OR_GREATER

2
BinaryObjectScanner/Protection/Denuvo.cs
View File

@@ -63,7 +63,7 @@ namespace BinaryObjectScanner.Protection
// https://github.com/horsicq/Detect-It-Easy/blob/master/db/PE/_denuvoComplete.2.sg
// Denuvo Protector
if (exe.OptionalHeader?.Magic == OHMN.PE32Plus && exe.EntryPointData != null)
if (exe.OptionalHeader?.Magic == OHMN.PE32Plus && exe.EntryPointData is not null)
{
byte?[] denuvoProtector =
[

6
BinaryObjectScanner/Protection/DinamicMultimedia.cs
View File

@@ -12,10 +12,8 @@ namespace BinaryObjectScanner.Protection
// LockBlocks falls under this category, being created by and seemingly exclusively in Dinamic Multimedia products, but in every place I find it described online, it is said to very specifically have two rings on the data side of the disc.
// Due to there being seemingly no absolute defining feature to LockBlocks other than this, any protected disc from Dinamic Multimedia that doesn't specifically have two rings is considered to have "Dinamic Multimedia Protection".
// That being said, it may be entirely possible that LockBlocks is the name for all these protections as a whole, as some sources seem to consider games that don't seem to have two rings to have LockBlocks.
// FX Interactive was formed by people formerly working at Dinamic Multimedia. The ring system used by this company shares many features of the Dinamic one, including using the same Mastering SIDs. It's possible related as a result but no direct connection has been found.
// Another possibly related DRM is SonoProtec. All known instances of Dinamic Multimedia Protection (aswell as FX Interactive) have been mastered at Sonopress Ibermemory SA. And while no directly comfirmed isntances of Sonoprotec has been found. Patent for this protection was filled by Sonopress Ibermemory SA on 1998-11-06. Around the same time Dinamic Multimedia Protection started showing up and patent description is very similar to how LockBlocks was described.
// FX Interactive was formed by people formerly working at Dinamic Multimedia. The ring system used by this company shares many features of the Dinamic one, including using the same Mastering SIDs. It's possible related as a result but no direct connection has been found.
// Another possibly related DRM is SonoProtec. All known instances of Dinamic Multimedia Protection (aswell as FX Interactive) have been mastered at Sonopress Ibermemory SA. And while no directly comfirmed isntances of Sonoprotec has been found. Patent for this protection was filled by Sonopress Ibermemory SA on 1998-11-06. Around the same time Dinamic Multimedia Protection started showing up and patent description is very similar to how LockBlocks was described.
// Resources:
// https://www.cdmediaworld.com/hardware/cdrom/cd_protections_lockblocks.shtml

4
BinaryObjectScanner/Protection/DiscGuard.cs
View File

@@ -75,7 +75,7 @@ namespace BinaryObjectScanner.Protection
// Get the .vbn section, if it exists
var vbnData = exe.GetFirstSectionData(".vbn");
if (vbnData != null)
if (vbnData is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -195,7 +195,7 @@ namespace BinaryObjectScanner.Protection
private string? GetVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
// Check the internal versions

6
BinaryObjectScanner/Protection/ElectronicArts.cs
View File

@@ -31,7 +31,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("EReg Config Form")))
return "EA CdKey Registration Module";
@@ -39,7 +39,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("GenericEA")) && strs.Exists(s => s.Contains("Activation")))
return "EA DRM Protection";
@@ -47,7 +47,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("GenericEA")) && strs.Exists(s => s.Contains("Activation")))
return "EA DRM Protection";

6
BinaryObjectScanner/Protection/Engine32.cs
View File

@@ -20,10 +20,10 @@ namespace BinaryObjectScanner.Protection
// Most every tested sample of "engine32.dll" has a product name of "engine32", and the file description typically follows the naming pattern of "[Game Name] DLL-helper".
// Detects Engine32 within the game executables that contain it.
if (exe.ImportDirectoryTable != null && exe.ImportHintNameTable != null)
if (exe.ImportDirectoryTable is not null && exe.ImportHintNameTable is not null)
{
bool importDirectoryTableMatch = Array.Exists(exe.ImportDirectoryTable,
idte => idte?.Name != null && idte.Name.Equals("ENGINE32.DLL", StringComparison.OrdinalIgnoreCase));
idte => idte?.Name is not null && idte.Name.Equals("ENGINE32.DLL", StringComparison.OrdinalIgnoreCase));
bool hintNameTableMatch = Array.Exists(exe.ImportHintNameTable,
ihne => ihne?.Name == "InitEngine");
@@ -33,7 +33,7 @@ namespace BinaryObjectScanner.Protection
}
// Detects Engine32 within the file "engine32.dll".
if (exe.ExportNameTable?.Strings != null)
if (exe.ExportNameTable?.Strings is not null)
{
bool exportNameTableMatch1 = Array.Exists(exe.ExportNameTable.Strings, s => s == "engine32.dll");
bool exportNameTableMatch2 = Array.Exists(exe.ExportNameTable.Strings, s => s == "DeinitEngine");

2
BinaryObjectScanner/Protection/GFWL.cs
View File

@@ -22,7 +22,7 @@ namespace BinaryObjectScanner.Protection
return $"Games for Windows LIVE {exe.GetInternalVersion()}";
// Get the import directory table
if (exe.ImportDirectoryTable != null)
if (exe.ImportDirectoryTable is not null)
{
if (Array.Exists(exe.ImportDirectoryTable, idte => idte?.Name == "xlive.dll"))
return "Games for Windows LIVE";

4
BinaryObjectScanner/Protection/Gefest.cs
View File

@@ -22,10 +22,10 @@ namespace BinaryObjectScanner.Protection
public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Get the header padding strings, if it exists
if (exe.HeaderPaddingStrings != null)
if (exe.HeaderPaddingStrings is not null)
{
var match = exe.HeaderPaddingStrings.Find(s => s.Contains("Gefest Protection System"));
if (match != null)
if (match is not null)
return $"Gefest Protection System {GetVersion(match)}";
}

6
BinaryObjectScanner/Protection/HexalockAutoLock.cs
View File

@@ -54,7 +54,7 @@ namespace BinaryObjectScanner.Protection
// Get the .text section strings, if they exist
var strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
// Found in "The Sudoku Challenge Collection.exe" in "The Sudoku Challenge! Collection" by Play at Joe's.
if (strs.Exists(s => s.Contains("mfint.dll")))
@@ -63,7 +63,7 @@ namespace BinaryObjectScanner.Protection
// Get the code/CODE section strings, if they exist
strs = exe.GetFirstSectionStrings("code") ?? exe.GetFirstSectionStrings("CODE");
if (strs != null)
if (strs is not null)
{
// Found in "launcher.exe" in "Sea Adventure / Adventure de la Mer" by Compedia.
if (strs.Exists(s => s.Contains("mfint.dll")))
@@ -72,7 +72,7 @@ namespace BinaryObjectScanner.Protection
// Get the UPX1 section strings, if they exist
strs = exe.GetFirstSectionStrings("UPX1");
if (strs != null)
if (strs is not null)
{
// Found in "postmanpat.exe" in "Postman Pat" by Compedia.
if (strs.Exists(s => s.Contains("mfint.dll")))

4
BinaryObjectScanner/Protection/ImpulseReactor.cs
View File

@@ -33,13 +33,13 @@ namespace BinaryObjectScanner.Protection
// TODO: Check for CVP* instead?
bool containsCheck = false;
if (exe.ExportNameTable?.Strings != null)
if (exe.ExportNameTable?.Strings is not null)
containsCheck = Array.Exists(exe.ExportNameTable.Strings, s => s.OptionalStartsWith("CVPInitializeClient"));
// Get the .rdata section strings, if they exist
bool containsCheck2 = false;
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
containsCheck2 = strs.Exists(s => s.EndsWith("ATTLIST"))
&& strs.Exists(s => s.Equals("ELEMENT"))

4
BinaryObjectScanner/Protection/InterLok.cs
View File

@@ -11,13 +11,13 @@ namespace BinaryObjectScanner.Protection
{
// Get the .rsrc section strings, if they exist
var strs = exe.GetFirstSectionStrings(".rsrc");
if (strs != null)
if (strs is not null)
{
// Found in "nfsc_link.exe" in IA item "nfscorigin".
// Full string:
// (: ) InterLok PC v2.0, PACE Anti-Piracy, Copyright (C) 1998, ALL RIGHTS RESERVED
var match = strs.Find(s => s.Contains("InterLok") && s.Contains("PACE Anti-Piracy"));
if (match != null)
if (match is not null)
return $"PACE Anti-Piracy InterLok {GetVersion(match)}";
}

4
BinaryObjectScanner/Protection/JoWood.cs
View File

@@ -26,7 +26,7 @@ namespace BinaryObjectScanner.Protection
if (exe.ContainsSection(".dcrtext") && importTableMatches)
{
var dcrtextData = exe.GetFirstSectionData(".dcrtext");
if (dcrtextData != null)
if (dcrtextData is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -63,7 +63,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
return Encoding.ASCII.GetString(fileContent, positions[0] + 67, 8);

2
BinaryObjectScanner/Protection/KalypsoLauncher.cs
View File

@@ -41,7 +41,7 @@ namespace BinaryObjectScanner.Protection
// Get the .text section strings, if they exist
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
// Found in "TFT.exe" in Redump entry 95617.
if (strs.Exists(s => s.Contains("@KalypsoLauncherXml")))

2
BinaryObjectScanner/Protection/LabelGate.cs
View File

@@ -35,7 +35,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "START.EXE" (Redump entry 95010 and product ID SVWC-7185).
if (strs.Exists(s => s.Contains("LGCD2_LAUNCH")))

6
BinaryObjectScanner/Protection/LaserLok.cs
View File

@@ -33,7 +33,7 @@ namespace BinaryObjectScanner.Protection
return null;
string? finalString = reserved653Bytes.ReadNullTerminatedAnsiString(ref firstNonZero);
if (finalString == null)
if (finalString is null)
return null;
// Redump ID 113120
@@ -189,7 +189,7 @@ namespace BinaryObjectScanner.Protection
private static string GetBuild(byte[]? sectionContent, bool versionTwo)
{
if (sectionContent == null)
if (sectionContent is null)
return "(Build unknown)";
// Unkown + (char)0x00 + Unkown
@@ -214,7 +214,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion(byte[]? sectionContent, int position)
{
// If we have invalid data
if (sectionContent == null)
if (sectionContent is null)
return null;
return Encoding.ASCII.GetString(sectionContent, position + 76, 4);

3
BinaryObjectScanner/Protection/Macrovision.CDilla.cs
View File

@@ -56,7 +56,6 @@ namespace BinaryObjectScanner.Protection
// File Description "C-Dilla Windows NT RTS" in "CDILLA05.DLL"/"CDILLA10.EXE"/"CDILLA16.EXE" from C-Dilla LMS version 3.27.000 for Windows NT.
// File Description "C-Dilla Windows 16-Bit RTS Installer" in "CdaIns16.dll"/"CdSetup.exe" from C-Dilla LMS version 3.27.000.
return null;
}
@@ -115,7 +114,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "DJMixStation\DJMixStation.exe" in IA item "ejay_nestle_trial".
if (strs.Exists(s => s.Contains("SOFTWARE\\C-Dilla\\RTS")))

6
BinaryObjectScanner/Protection/Macrovision.CactusDataShield.cs
View File

@@ -35,7 +35,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("\\*.CDS")))
return "Cactus Data Shield 200";
@@ -113,7 +113,7 @@ namespace BinaryObjectScanner.Protection
public static string GetCactusDataShieldVersion(string firstMatchedString, List<string>? files)
{
// If we have no files
if (files == null)
if (files is null)
return string.Empty;
// Find the version.txt file first
@@ -137,7 +137,7 @@ namespace BinaryObjectScanner.Protection
{
using var sr = new StreamReader(path, Encoding.Default);
var line = sr.ReadLine();
if (line == null)
if (line is null)
return null;
#if NETCOREAPP || NETSTANDARD2_1_OR_GREATER

2
BinaryObjectScanner/Protection/Macrovision.FLEXnet.cs
View File

@@ -53,7 +53,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "FLEXLM.CPL", "INSTALLS.EXE", "LMGR326B.DLL", "LMGRD.EXE", and "TAKEFIVE.EXE" in IA item "prog-17_202403".
if (strs.Exists(s => s.Contains("FLEXlm License Manager")))

12
BinaryObjectScanner/Protection/Macrovision.SafeCast.cs
View File

@@ -43,10 +43,10 @@ namespace BinaryObjectScanner.Protection
internal static string? SafeCastCheckExecutable(string file, NewExecutable exe, bool includeDebug)
{
// Check for the CDAC01AA name string.
if (exe.ResidentNameTable != null)
if (exe.ResidentNameTable is not null)
{
var residentNames = Array.ConvertAll(exe.ResidentNameTable,
rnte => rnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
rnte => rnte?.NameString is null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
if (Array.Exists(residentNames, s => s.Contains("CDAC01AA")))
return "SafeCast";
}
@@ -54,7 +54,7 @@ namespace BinaryObjectScanner.Protection
// TODO: Don't read entire file
#pragma warning disable CS0618
byte[]? data = exe.ReadArbitraryRange();
if (data == null)
if (data is null)
return null;
var neMatchSets = new List<ContentMatchSet>
@@ -75,10 +75,10 @@ namespace BinaryObjectScanner.Protection
// TODO: Invesitgate if the "AdobeLM.dll" file (along with mentions of "AdobeLM" in executables) uniquely identifies SafeCast, or if it can be used with different DRM. (Found in IA item ccd0605)
// Get the import directory table, if it exists
if (exe.ImportDirectoryTable != null)
if (exe.ImportDirectoryTable is not null)
{
if (Array.Exists(exe.ImportDirectoryTable,
idte => idte?.Name != null && idte.Name.Equals("CdaC14BA.dll", StringComparison.OrdinalIgnoreCase)))
idte => idte?.Name is not null && idte.Name.Equals("CdaC14BA.dll", StringComparison.OrdinalIgnoreCase)))
{
return "SafeCast";
}
@@ -91,7 +91,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "DJMixStation\DJMixStation.exe" in IA item "ejay_nestle_trial".
if (strs.Exists(s => s.Contains("SOFTWARE\\C-Dilla\\SafeCast")))

8
BinaryObjectScanner/Protection/Macrovision.SafeDisc.cs
View File

@@ -52,14 +52,14 @@ namespace BinaryObjectScanner.Protection
internal static string? SafeDiscCheckExecutable(string file, PortableExecutable exe, bool includeDebug)
{
// Found in Redump entry 57986.
if (exe.ImportHintNameTable != null)
if (exe.ImportHintNameTable is not null)
{
if (Array.Exists(exe.ImportHintNameTable, ihne => ihne?.Name == "LTDLL_Authenticate"))
return "SafeDisc Lite";
}
// Found in Redump entry 57986.
if (exe.ImportDirectoryTable != null)
if (exe.ImportDirectoryTable is not null)
{
if (Array.Exists(exe.ImportDirectoryTable, idte => idte?.Name == "ltdll.dll"))
return "SafeDisc Lite";
@@ -67,7 +67,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in Redump entries 14928, 25579, 32751.
if (strs.Exists(s => s.Contains("LTDLL_Initialise")))
@@ -313,7 +313,6 @@ namespace BinaryObjectScanner.Protection
new(new FilePathMatch("00001009.016"), GetSafeDiscSplshVersion, "SafeDisc"),
new(new FilePathMatch("00001009.256"), GetSafeDiscSplshVersion, "SafeDisc"),
new(new FilePathMatch("DPLAYERX.DLL"), GetSafeDiscDPlayerXVersion, "SafeDisc"),
new(new FilePathMatch("drvmgt.dll"), GetSafeDiscDrvmgtVersion, "SafeDisc"),
@@ -715,7 +714,6 @@ namespace BinaryObjectScanner.Protection
// "1.1.43 1999/02/25 -> SafeDisc 1.01.043 (Redump entries 34562 and 63304).
// "1.1.44 1999/03/08" -> SafeDisc 1.01.044 (Redump entries 61731 and 81619).
// The hash of every "CLOKSPL.EXE" correlates directly to a specific SafeDisc version.
var sha1 = HashTool.GetFileHash(firstMatchedString, HashType.SHA1);
return sha1?.ToUpperInvariant() switch

38
BinaryObjectScanner/Protection/Macrovision.cs
View File

@@ -100,7 +100,7 @@ namespace BinaryObjectScanner.Protection
if (!string.IsNullOrEmpty(safeCast))
resultsList.Add(safeCast!);
if (resultsList != null && resultsList.Count > 0)
if (resultsList is not null && resultsList.Count > 0)
return string.Join(";", [.. resultsList]);
return null;
@@ -136,12 +136,12 @@ namespace BinaryObjectScanner.Protection
{
// Check the header padding for protected sections.
var sectionMatch = CheckSectionForProtection(file, includeDebug, exe.HeaderPaddingStrings, exe.HeaderPaddingData, true);
if (sectionMatch != null)
if (sectionMatch is not null)
resultsList.Add(sectionMatch);
// Get the .data section, if it exists, for protected sections.
sectionMatch = CheckSectionForProtection(file, includeDebug, exe.GetFirstSectionStrings(".data"), exe.GetFirstSectionData(".data"), true);
if (sectionMatch != null)
if (sectionMatch is not null)
resultsList.Add(sectionMatch!);
int entryPointIndex = exe.FindEntryPointSectionIndex();
@@ -169,12 +169,12 @@ namespace BinaryObjectScanner.Protection
{
// Check the header padding for protected sections.
var sectionMatch = CheckSectionForProtection(file, includeDebug, exe.HeaderPaddingStrings, exe.HeaderPaddingData, false);
if (sectionMatch != null)
if (sectionMatch is not null)
resultsList.Add(sectionMatch);
// Check the .data section, if it exists, for protected sections.
sectionMatch = CheckSectionForProtection(file, includeDebug, exe.GetFirstSectionStrings(".data"), exe.GetFirstSectionData(".data"), false);
if (sectionMatch != null)
if (sectionMatch is not null)
resultsList.Add(sectionMatch);
}
@@ -210,7 +210,7 @@ namespace BinaryObjectScanner.Protection
// Clean the result list
resultsList = CleanResultList(resultsList);
if (resultsList != null && resultsList.Count > 0)
if (resultsList is not null && resultsList.Count > 0)
return string.Join(";", [.. resultsList]);
return null;
@@ -223,40 +223,40 @@ namespace BinaryObjectScanner.Protection
// Run Macrovision directory checks
var macrovision = MacrovisionCheckDirectoryPath(path, files);
if (macrovision != null)
if (macrovision is not null)
results.AddRange(macrovision);
// Run Cactus Data Shield directory checks
var cactusDataShield = CactusDataShieldCheckDirectoryPath(path, files);
if (cactusDataShield != null)
if (cactusDataShield is not null)
results.AddRange(cactusDataShield);
// Run C-Dilla directory checks
var cDilla = CDillaCheckDirectoryPath(path, files);
if (cDilla != null)
if (cDilla is not null)
results.AddRange(cDilla);
// Run FLEXnet directory checks
var flexNet = FLEXNetCheckDirectoryPath(path, files);
if (flexNet != null)
if (flexNet is not null)
results.AddRange(flexNet);
// Run RipGuard directory checks
var ripGuard = RipGuardCheckDirectoryPath(path, files);
if (ripGuard != null)
if (ripGuard is not null)
results.AddRange(ripGuard);
// Run SafeCast directory checks
var safeCast = SafeCastCheckDirectoryPath(path, files);
if (safeCast != null)
if (safeCast is not null)
results.AddRange(safeCast);
// Run SafeDisc directory checks
var safeDisc = SafeDiscCheckDirectoryPath(path, files);
if (safeDisc != null)
if (safeDisc is not null)
results.AddRange(safeDisc);
if (results != null && results.Count > 0)
if (results is not null && results.Count > 0)
return results;
return [];
@@ -304,7 +304,7 @@ namespace BinaryObjectScanner.Protection
// Clean the result list
resultsList = CleanResultList(resultsList);
if (resultsList != null && resultsList.Count > 0)
if (resultsList is not null && resultsList.Count > 0)
return string.Join(";", [.. resultsList]);
return null;
@@ -498,7 +498,7 @@ namespace BinaryObjectScanner.Protection
private static string? CheckSectionForProtection(string file, bool includeDebug, List<string>? sectionStrings, byte[]? sectionRaw, bool newVersion)
{
// Get the section strings, if they exist
if (sectionStrings != null)
if (sectionStrings is not null)
{
// If we don't have the "BoG_" string, the section isn't protected.
if (!sectionStrings.Exists(s => s.Contains("BoG_")))
@@ -524,7 +524,7 @@ namespace BinaryObjectScanner.Protection
}
// Get the section data, if it exists
if (sectionRaw != null)
if (sectionRaw is not null)
{
// TODO: Add more checks to help differentiate between SafeDisc and SafeCast.
var matchers = new List<ContentMatchSet>
@@ -547,7 +547,7 @@ namespace BinaryObjectScanner.Protection
internal static string? GetMacrovisionVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
// Begin reading 2 bytes after "BoG_ *90.0&!! Yy>" for older versions
@@ -831,7 +831,7 @@ namespace BinaryObjectScanner.Protection
private static List<string>? CleanResultList(List<string>? resultsList)
{
// If we have an invalid result list
if (resultsList == null || resultsList.Count == 0)
if (resultsList is null || resultsList.Count == 0)
return resultsList;
// Remove duplicates

4
BinaryObjectScanner/Protection/MediaMax.cs
View File

@@ -41,14 +41,14 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("CD3 Launch Error")))
return "MediaMax CD-3";
}
// Get the export name table
if (exe.ExportNameTable?.Strings != null)
if (exe.ExportNameTable?.Strings is not null)
{
if (Array.Exists(exe.ExportNameTable.Strings, s => s == "DllInstallSbcp"))
return "MediaMax CD-3";

20
BinaryObjectScanner/Protection/ProtectDISC.cs
View File

@@ -29,7 +29,7 @@ namespace BinaryObjectScanner.Protection
int offset = 0;
var copyrightString = pvd.CopyrightFileIdentifier.ReadNullTerminatedAnsiString(ref offset);
if (copyrightString == null || copyrightString.Length < 19)
if (copyrightString is null || copyrightString.Length < 19)
return null;
// Redump ID 15896 has a trailing space
@@ -52,7 +52,7 @@ namespace BinaryObjectScanner.Protection
// number and should not be printed.
// Previous versions just have spaces here, so it doesn't need to be validated beyond that.
var abstractIdentifierString = pvd.AbstractFileIdentifier.ReadNullTerminatedAnsiString(ref offset);
if (abstractIdentifierString == null || abstractIdentifierString.Trim().Length == 0)
if (abstractIdentifierString is null || abstractIdentifierString.Trim().Length == 0)
return "ProtectDiSC 6-7.x";
return "ProtectDiSC 7.x+";
@@ -68,7 +68,7 @@ namespace BinaryObjectScanner.Protection
for (int i = 3; i < sections.Length; i++)
{
var nthSectionData = exe.GetSectionData(i);
if (nthSectionData == null)
if (nthSectionData is null)
continue;
var matchers = new List<ContentMatchSet>
@@ -84,7 +84,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw != null)
if (dataSectionRaw is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -104,10 +104,10 @@ namespace BinaryObjectScanner.Protection
{
// Get the n - 1 section strings, if they exist
var strs = exe.GetSectionStrings(sections.Length - 2);
if (strs != null)
if (strs is not null)
{
var str = strs.Find(s => s.Contains("VOB ProtectCD"));
if (str != null)
if (str is not null)
return $"VOB ProtectCD {GetOldVersion(str)}";
}
}
@@ -118,7 +118,7 @@ namespace BinaryObjectScanner.Protection
if (sections.Length > 0)
{
var lastSectionData = exe.GetSectionData(sections.Length - 1);
if (lastSectionData != null)
if (lastSectionData is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -201,7 +201,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion3till6(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
string version = GetVOBVersion(fileContent, positions[0]);
@@ -214,7 +214,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion6till8(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
string version;
@@ -270,7 +270,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion76till10(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
int index = positions[0] + 37;

2
BinaryObjectScanner/Protection/ProtectDVDVideo.cs
View File

@@ -11,7 +11,7 @@ namespace BinaryObjectScanner.Protection
public List<string> CheckDirectoryPath(string path, List<string>? files)
{
var protections = new List<string>();
if (files == null)
if (files is null)
return protections;
if (Directory.Exists(Path.Combine(path, "VIDEO_TS")))

13
BinaryObjectScanner/Protection/RainbowSentinel.cs
View File

@@ -43,7 +43,7 @@ namespace BinaryObjectScanner.Protection
// TODO: Don't read entire file
#pragma warning disable CS0618
byte[]? data = exe.ReadArbitraryRange();
if (data == null)
if (data is null)
return null;
// TODO: Figure out what NE section this lives in
@@ -107,7 +107,7 @@ namespace BinaryObjectScanner.Protection
// Get the resident and non-resident name table strings
var nrntStrs = Array.ConvertAll(exe.NonResidentNameTable ?? [],
rnte => rnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
rnte => rnte?.NameString is null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
// Check the nonresident-name table
// Found in "SSWIN.dll" in IA item "pcwkcd-1296".
@@ -196,7 +196,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "ADESKSYS.DLL"/"WINADMIN.EXE"/"WINQUERY.EXE" in BA entry "Autodesk AutoCAD LT 98 (1998) (CD) [English] [Dutch]", folder "\netsetup\SUPPORT\IPX".
if (strs.Exists(s => s.Contains("Rainbow SentinelSuperPro")))
@@ -209,7 +209,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
// Found in "SP32W.DLL" in IA item "pcwkcd-1296".
if (strs.Exists(s => s.Contains("SentinelPro WIN32 DLL")))
@@ -234,7 +234,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rsrc section strings, if they exist
strs = exe.GetFirstSectionStrings(".rsrc");
if (strs != null)
if (strs is not null)
{
// Found in "WINMON.exe" in IA item "czchip199707cd".
if (strs.Exists(s => s.Contains("NetSentinel Monitor")))
@@ -243,7 +243,7 @@ namespace BinaryObjectScanner.Protection
// Get the .text section strings, if they exist
strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
// Found in "ACLT.HWL" in BA entry "Autodesk AutoCAD LT 98 (1998) (CD) [English] [Dutch]", folder "\aclt\DRV\W95LOCK".
// Found in "ACAD.HWL" in BA entry "Autodesk AutoCAD r14 (1997)" and IA item "auto-cad-r14-cdrom".
@@ -272,7 +272,6 @@ namespace BinaryObjectScanner.Protection
return "Rainbow Sentinel";
}
return null;
}

2
BinaryObjectScanner/Protection/RealArcade.cs
View File

@@ -27,7 +27,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
// Found in "rebound.exe" in the installation directory for "Rebound" in IA item "Nova_RealArcadeCD_USA".
if (strs.Exists(s => s.Contains("RngInterstitialDLL")))

4
BinaryObjectScanner/Protection/Roxxe.cs
View File

@@ -18,7 +18,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the code/CODE section strings, if they exist
var strs = exe.GetFirstSectionStrings("code") ?? exe.GetFirstSectionStrings("CODE");
if (strs != null)
if (strs is not null)
{
// Found in "Owar.exe" in IA item "game4u-22-cd".
if (strs.Exists(s => s.Contains("TRCHANGER.INI")))
@@ -28,7 +28,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rsrc section strings, if they exist
// TODO: Check for these strings specifically within the application-defined resource that they're found in, not just the generic resource section.
strs = exe.GetFirstSectionStrings(".rsrc");
if (strs != null)
if (strs is not null)
{
// Found in "Owar.exe" in IA items "game4u-22-cd" and "original-war".
// These checks are less reliable, as they are still found in a version of the game that appears to have patched out Roxxe (the version present in IA item "original-war").

2
BinaryObjectScanner/Protection/SVKProtector.cs
View File

@@ -30,7 +30,7 @@ namespace BinaryObjectScanner.Protection
// TODO: Investigate the "Debugger or tool for monitoring detected!!!.Application cannot be run with debugger or monitoring tool(s) loaded!. Please unload it and restart the application" strings present in seemingly every version.
// Get the entry point data, if it exists.
if (exe.EntryPointData != null)
if (exe.EntryPointData is not null)
{
// Found in the SVKP 1.05 demo.
if (exe.EntryPointData.StartsWith(new byte?[]

32
BinaryObjectScanner/Protection/SecuROM.cs
View File

@@ -243,15 +243,15 @@ namespace BinaryObjectScanner.Protection
{
// Check if executable is a SecuROM PA module
var paModule = CheckProductActivation(exe);
if (paModule != null)
if (paModule is not null)
return paModule;
// Check if executable contains a SecuROM Matroschka Package
var package = exe.MatroschkaPackage;
if (package != null)
if (package is not null)
{
var packageType = CheckMatroschkaPackage(package, includeDebug);
if (packageType != null)
if (packageType is not null)
return packageType;
}
@@ -285,7 +285,7 @@ namespace BinaryObjectScanner.Protection
// Search after the last section
string? v4Version = GetV4Version(exe);
if (v4Version != null)
if (v4Version is not null)
return $"SecuROM {v4Version}";
// TODO: Investigate if this can be found by aligning to section containing entry point
@@ -295,14 +295,14 @@ namespace BinaryObjectScanner.Protection
for (int i = 4; i < sections.Length; i++)
{
var nthSection = sections[i];
if (nthSection == null)
if (nthSection is null)
continue;
string nthSectionName = Encoding.ASCII.GetString(nthSection.Name ?? []).TrimEnd('\0');
if (nthSectionName != ".idata" && nthSectionName != ".rsrc")
{
var nthSectionData = exe.GetFirstSectionData(nthSectionName);
if (nthSectionData == null)
if (nthSectionData is null)
continue;
var matchers = new List<ContentMatchSet>
@@ -319,7 +319,7 @@ namespace BinaryObjectScanner.Protection
// Get the .rdata section strings, if they exist
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
// Both have the identifier found within `.rdata` but the version is within `.data`
if (strs.Exists(s => s.Contains("/secuexp")))
@@ -397,7 +397,7 @@ namespace BinaryObjectScanner.Protection
{
// Cache the overlay data for easier access
var overlayData = exe.OverlayData;
if (overlayData == null || overlayData.Length < 20)
if (overlayData is null || overlayData.Length < 20)
return null;
// Search for the "AddD" string in the overlay
@@ -421,7 +421,7 @@ namespace BinaryObjectScanner.Protection
// Deserialize the AddD header
var reader = new SabreTools.Serialization.Readers.SecuROMAddD();
var addD = reader.Deserialize(overlayData, index);
if (addD == null)
if (addD is null)
return null;
// All samples have had 3 entries -- Revisit if needed
@@ -443,7 +443,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetV5Version(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
int index = positions[0] + 8; // Begin reading after "ÊÝݬ"
@@ -485,7 +485,7 @@ namespace BinaryObjectScanner.Protection
{
// If SecuROM is stripped, the MS-DOS stub might be shorter.
// We then know that SecuROM -was- there, but we don't know what exact version.
if (exe.StubExecutableData == null)
if (exe.StubExecutableData is null)
return "7 remnants";
//SecuROM 7 new and 8 -- 64 bytes for DOS stub, 236 bytes in total
@@ -523,7 +523,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw == null)
if (dataSectionRaw is null)
return "8";
// Search .data for the version indicator
@@ -556,16 +556,16 @@ namespace BinaryObjectScanner.Protection
private static string? CheckMatroschkaPackage(SecuROMMatroschkaPackage package, bool includeDebug)
{
// Check for all 0x00 required, as at least one known non-RC matroschka has the field, just empty.
if (package.KeyHexString == null || package.KeyHexString.Trim('\0').Length == 0)
if (package.KeyHexString is null || package.KeyHexString.Trim('\0').Length == 0)
return "SecuROM Matroschka Package";
if (package.Entries == null || package.Entries.Length == 0)
if (package.Entries is null || package.Entries.Length == 0)
return "SecuROM Matroschka Package - No Entries? - Please report to us on GitHub";
// The second entry in a Release Control matroschka package is always the encrypted executable
var entry = package.Entries[1];
if (entry.MD5 == null || entry.MD5.Length == 0)
if (entry.MD5 is null || entry.MD5.Length == 0)
return "SecuROM Matroschka Package - No MD5? - Please report to us on GitHub";
string md5String = BitConverter.ToString(entry.MD5!);
@@ -581,7 +581,7 @@ namespace BinaryObjectScanner.Protection
// If not known, check if encrypted executable is likely an alt signing of a known executable
// Filetime could be checked here, but if it was signed at a different time, the time will vary anyways
var readPath = entry.Path;
if (readPath == null || readPath.Length == 0)
if (readPath is null || readPath.Length == 0)
return $"SecuROM Release Control - Unknown executable {md5String},{entry.Size} - Please report to us on GitHub!";
var readPathName = readPath.TrimEnd('\0');

2
BinaryObjectScanner/Protection/SmartE.cs
View File

@@ -24,7 +24,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the last section data, if it exists
var lastSectionData = exe.GetSectionData(sections.Length - 1);
if (lastSectionData != null)
if (lastSectionData is not null)
{
// All sections seen so far are the last sections, so this is "technically"
// the only known needed check so far. Others kept as backups if this fails

16
BinaryObjectScanner/Protection/SolidShield.cs
View File

@@ -37,8 +37,8 @@ namespace BinaryObjectScanner.Protection
return $"SolidShield {GetInternalVersion(exe)}";
name = exe.ProductName;
// Only observed with Solidshield 3.0.0.0 games such as Redump ID 119211. Extracted from main executable.
// Only observed with Solidshield 3.0.0.0 games such as Redump ID 119211. Extracted from main executable.
if (exe.FileDescription.OptionalStartsWith("CORE Library", StringComparison.OrdinalIgnoreCase)
&& name.OptionalStartsWith("Solidshield", StringComparison.OrdinalIgnoreCase))
{
@@ -61,7 +61,7 @@ namespace BinaryObjectScanner.Protection
if (exe.ContainsSection(".init"))
{
var initData = exe.GetFirstSectionData(".init");
if (initData != null)
if (initData is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -90,10 +90,10 @@ namespace BinaryObjectScanner.Protection
{
// Get the nth section strings, if they exist
var strs = exe.GetSectionStrings(i);
if (strs != null)
if (strs is not null)
{
var str = strs.Find(s => s.Contains("Solidshield "));
if (str != null)
if (str is not null)
#if NETCOREAPP || NETSTANDARD2_1_OR_GREATER
return $"SolidShield EXE Wrapper {str["Solidshield ".Length..]}";
#else
@@ -103,7 +103,7 @@ namespace BinaryObjectScanner.Protection
}
// Get the import directory table, if it exists
if (exe.ImportDirectoryTable != null)
if (exe.ImportDirectoryTable is not null)
{
if (Array.Exists(exe.ImportDirectoryTable, idte => idte?.Name == "dvm.dll"))
return "SolidShield EXE Wrapper v1";
@@ -160,7 +160,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetExeWrapperVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
int position = positions[0];
@@ -187,7 +187,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersionPlusTages(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
int position = positions[0];

4
BinaryObjectScanner/Protection/StarForce.cs
View File

@@ -34,7 +34,7 @@ namespace BinaryObjectScanner.Protection
// StarForce Keyless check: the key is stored in the Data Preparer identifier.
string? dataPreparerIdentiferString = pvd.DataPreparerIdentifier.ReadNullTerminatedAnsiString(ref offset)?.Trim();
if (dataPreparerIdentiferString != null
if (dataPreparerIdentiferString is not null
&& dataPreparerIdentiferString.Length != 0
&& Regex.IsMatch(dataPreparerIdentiferString, "^[A-Z0-9-]*$", RegexOptions.Compiled))
{
@@ -168,7 +168,7 @@ namespace BinaryObjectScanner.Protection
// return $"StarForce {Tools.Utilities.GetInternalVersion(exe)}";
// Check the export name table
if (exe.ExportNameTable?.Strings != null)
if (exe.ExportNameTable?.Strings is not null)
{
// TODO: Should we just check for "PSA_*" instead of a single entry?
if (Array.Exists(exe.ExportNameTable.Strings, s => s == "PSA_GetDiscLabel"))

4
BinaryObjectScanner/Protection/Sysiphus.cs
View File

@@ -11,10 +11,10 @@ namespace BinaryObjectScanner.Protection
{
// Get the .data/DATA section strings, if they exist
var strs = exe.GetFirstSectionStrings(".data") ?? exe.GetFirstSectionStrings("DATA");
if (strs != null)
if (strs is not null)
{
var str = strs.Find(s => s.Contains("V SUHPISYS"));
if (str != null)
if (str is not null)
return $"Sysiphus {GetVersion(str)}";
}

4
BinaryObjectScanner/Protection/Tages.cs
View File

@@ -87,7 +87,7 @@ namespace BinaryObjectScanner.Protection
// Get the .data/DATA section, if it exists
var dataSectionRaw = exe.GetFirstSectionData(".data") ?? exe.GetFirstSectionData("DATA");
if (dataSectionRaw != null)
if (dataSectionRaw is not null)
{
var matchers = new List<ContentMatchSet>
{
@@ -269,7 +269,7 @@ namespace BinaryObjectScanner.Protection
private static string? GetVersion(string file, byte[]? fileContent, List<int> positions)
{
// If we have no content
if (fileContent == null)
if (fileContent is null)
return null;
// TODO: Determine difference between API and BASIC

2
BinaryObjectScanner/Protection/Themida.cs
View File

@@ -28,7 +28,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the "Arcsoft " section strings, if they exist
var strs = exe.GetFirstSectionStrings("Arcsoft ");
if (strs != null)
if (strs is not null)
{
// Found in "uDigital Theatre.exe" in http://downloads.fyxm.net/ArcSoft-TotalMedia-23085.html (https://web.archive.org/web/20221114042838/http://files.fyxm.net/23/23085/totalmediatheatre3platinum_retail_tbyb_all.exe).
// TODO: Investigate "uDRMCheck.dll" in the same product to see if it's related to Themida, or if it's a different form of DRM.

4
BinaryObjectScanner/Protection/WTMCDProtect.cs
View File

@@ -30,7 +30,7 @@ namespace BinaryObjectScanner.Protection
// Get the code/CODE section strings, if they exist
var strs = exe.GetFirstSectionStrings("code") ?? exe.GetFirstSectionStrings("CODE");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("wtmdum.imp")))
return "WTM CD Protect";
@@ -38,7 +38,7 @@ namespace BinaryObjectScanner.Protection
// Get the .text section strings, if they exist
strs = exe.GetFirstSectionStrings(".text");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("WTM DIGITAL Photo Protect")))
return "WTM Protection Viewer";

4
BinaryObjectScanner/Protection/XCP.cs
View File

@@ -15,7 +15,7 @@ namespace BinaryObjectScanner.Protection
{
// Get the .rdata section strings, if they exist
var strs = exe.GetFirstSectionStrings(".rdata");
if (strs != null)
if (strs is not null)
{
if (strs.Exists(s => s.Contains("XCP.DAT")))
return "XCP";
@@ -37,7 +37,7 @@ namespace BinaryObjectScanner.Protection
public List<string> CheckDirectoryPath(string path, List<string>? files)
{
var protections = new List<string>();
if (files == null)
if (files is null)
return protections;
// TODO: Verify if these are OR or AND

28
BinaryObjectScanner/Scanner.cs
View File

@@ -110,7 +110,7 @@ namespace BinaryObjectScanner
private ProtectionDictionary GetProtectionsImpl(List<string>? paths, int depth)
{
// If we have no paths, we can't scan
if (paths == null || paths.Count == 0)
if (paths is null || paths.Count == 0)
{
if (_includeDebug) Console.WriteLine("No paths found to scan, skipping...");
return [];
@@ -166,21 +166,21 @@ namespace BinaryObjectScanner
if (_scanPaths)
{
var filePathProtections = HandlePathChecks(file, files: null);
if (filePathProtections != null && filePathProtections.Count > 0)
if (filePathProtections is not null && filePathProtections.Count > 0)
protections.Append(filePathProtections);
}
// Scan for content-detectable protections
var fileProtections = GetInternalProtections(file, depth);
if (fileProtections != null && fileProtections.Count > 0)
if (fileProtections is not null && fileProtections.Count > 0)
protections.Append(fileProtections);
// Checkpoint
protections.TryGetValue(file, out var fullProtectionList);
#if NET20 || NET35
var fullProtection = fullProtectionList != null && fullProtectionList.Count > 0
var fullProtection = fullProtectionList is not null && fullProtectionList.Count > 0
#else
var fullProtection = fullProtectionList != null && !fullProtectionList.IsEmpty
var fullProtection = fullProtectionList is not null && !fullProtectionList.IsEmpty
#endif
? string.Join(", ", [.. fullProtectionList])
: null;
@@ -207,21 +207,21 @@ namespace BinaryObjectScanner
if (_scanPaths)
{
var filePathProtections = HandlePathChecks(path, files: null);
if (filePathProtections != null && filePathProtections.Count > 0)
if (filePathProtections is not null && filePathProtections.Count > 0)
protections.Append(filePathProtections);
}
// Scan for content-detectable protections
var fileProtections = GetInternalProtections(path, depth);
if (fileProtections != null && fileProtections.Count > 0)
if (fileProtections is not null && fileProtections.Count > 0)
protections.Append(fileProtections);
// Checkpoint
protections.TryGetValue(path, out var fullProtectionList);
#if NET20 || NET35
var fullProtection = fullProtectionList != null && fullProtectionList.Count > 0
var fullProtection = fullProtectionList is not null && fullProtectionList.Count > 0
#else
var fullProtection = fullProtectionList != null && !fullProtectionList.IsEmpty
var fullProtection = fullProtectionList is not null && !fullProtectionList.IsEmpty
#endif
? string.Join(", ", [.. fullProtectionList])
: null;
@@ -348,7 +348,7 @@ namespace BinaryObjectScanner
// Try to scan file contents
var detectable = CreateDetectable(fileType, wrapper);
if (_scanContents && detectable != null)
if (_scanContents && detectable is not null)
{
try
{
@@ -464,15 +464,15 @@ namespace BinaryObjectScanner
if (File.Exists(path))
{
var protection = impl.CheckFilePath(path!);
if (protection != null)
if (protection is not null)
protections.Add(protection);
}
// If we have a directory path
if (Directory.Exists(path) && files != null && files.Count > 0)
if (Directory.Exists(path) && files is not null && files.Count > 0)
{
var subProtections = impl.CheckDirectoryPath(path!, files);
if (subProtections != null)
if (subProtections is not null)
protections.AddRange(subProtections);
}
@@ -505,11 +505,13 @@ namespace BinaryObjectScanner
SFFS obj => new FileType.SFFS(obj),
// Fall back on the file type for types not implemented in Serialization
#pragma warning disable IDE0072
_ => fileType switch
{
WrapperType.Textfile => new FileType.Textfile(),
_ => null,
},
#pragma warning restore IDE0072
};
}

2
Coding Guide.md
View File

@@ -65,7 +65,7 @@ This section contains information on code standards regardless of which part of
- Null-coalescing and null-checking operators can be used to make more readable statements and better get across what a statement or string of statements is doing.
```c#
if (obj?.Parameter != null) { ... }
if (obj?.Parameter is not null) { ... }
bool value = DoSomething() ?? false;
```

4
ProtectionScan/Features/MainFeature.cs
View File

@@ -193,7 +193,7 @@ namespace ProtectionScan.Features
/// <param name="protections">Dictionary of protections found, if any</param>
private void WriteProtectionResults(string path, Dictionary<string, List<string>> protections)
{
if (protections == null)
if (protections is null)
{
Console.WriteLine($"No protections found for {path}");
return;
@@ -250,7 +250,7 @@ namespace ProtectionScan.Features
/// <param name="protections">Dictionary of protections found, if any</param>
private void WriteProtectionResultJson(string path, Dictionary<string, List<string>> protections)
{
if (protections == null)
if (protections is null)
{
Console.WriteLine($"No protections found for {path}");
return;

2
ProtectionScan/Program.cs
View File

@@ -20,7 +20,7 @@ namespace ProtectionScan
var commandSet = CreateCommands(mainFeature);
// If we have no args, show the help and quit
if (args == null || args.Length == 0)
if (args is null || args.Length == 0)
{
commandSet.OutputAllHelp();
return;

4
ProtectionScan/Progress.cs
View File

@@ -36,7 +36,7 @@ namespace ProtectionScan
// Capture the current synchronization context.
// If there is no current context, we use a default instance targeting the ThreadPool.
_synchronizationContext = SynchronizationContext.Current ?? ProgressStatics.DefaultContext;
Debug.Assert(_synchronizationContext != null);
Debug.Assert(_synchronizationContext is not null);
_invokeHandlers = new SendOrPostCallback(InvokeHandlers);
}
@@ -70,7 +70,7 @@ namespace ProtectionScan
// an event handler is removed between now and then.
Action<T>? handler = _handler;
EventHandler<T>? changedEvent = ProgressChanged;
if (handler != null || changedEvent != null)
if (handler is not null || changedEvent is not null)
{
// Post the processing to the sync context.
// (If T is a value type, it will get boxed here.)