SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-04-27 00:30:44 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Simplify packer handling code

Browse Source
This commit is contained in:
Matt Nadareski
2023-03-15 15:58:19 -04:00
parent e920bfc69c
commit 1e5bb7df64
1 changed files with 38 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
BurnOutSharp/Scanner.cs
View File

@@ -405,14 +405,9 @@ namespace BurnOutSharp
AppendToDictionary(protections, fileName, subProtections.Values.ToArray());
// If we have any extractable packers
var extractables = subProtections.Keys.Where(c => c is IExtractable).Select(c => c as IExtractable);
Parallel.ForEach(extractables, extractable =>
{
// Get the protection for the class, if possible
var extractedProtections = Handler.HandleExtractable(extractable, fileName, stream, this);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
});
var extractedProtections = HandleExtractableProtections(subProtections.Keys, fileName, stream);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
}
else if (wrapper is NewExecutable nex)
{
@@ -424,14 +419,9 @@ namespace BurnOutSharp
AppendToDictionary(protections, fileName, subProtections.Values.ToArray());
// If we have any extractable packers
var extractables = subProtections.Keys.Where(c => c is IExtractable).Select(c => c as IExtractable);
Parallel.ForEach(extractables, extractable =>
{
// Get the protection for the class, if possible
var extractedProtections = Handler.HandleExtractable(extractable, fileName, stream, this);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
});
var extractedProtections = HandleExtractableProtections(subProtections.Keys, fileName, stream);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
}
else if (wrapper is PortableExecutable pex)
{
@@ -443,19 +433,43 @@ namespace BurnOutSharp
AppendToDictionary(protections, fileName, subProtections.Values.ToArray());
// If we have any extractable packers
var extractables = subProtections.Keys.Where(c => c is IExtractable).Select(c => c as IExtractable);
Parallel.ForEach(extractables, extractable =>
{
// Get the protection for the class, if possible
var extractedProtections = Handler.HandleExtractable(extractable, fileName, stream, this);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
});
var extractedProtections = HandleExtractableProtections(subProtections.Keys, fileName, stream);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
}
return protections;
}
/// <summary>
/// Handle extractable protections, such as executable packers
/// </summary>
/// <param name="classes">Set of classes returned from Exectuable scans</param>
/// <param name="fileName">Name of the source file of the stream, for tracking</param>
/// <param name="stream">Stream to scan the contents of</param>
/// <returns>Set of protections found from extraction, null on error</returns>
private ConcurrentDictionary<string, ConcurrentQueue<string>> HandleExtractableProtections(IEnumerable<object> classes, string fileName, Stream stream)
{
// If we have an invalid set of classes
if (classes?.Any() != true)
return null;
// Create the output dictionary
var protections = new ConcurrentDictionary<string, ConcurrentQueue<string>>();
// If we have any extractable packers
var extractables = classes.Where(c => c is IExtractable).Select(c => c as IExtractable);
Parallel.ForEach(extractables, extractable =>
{
// Get the protection for the class, if possible
var extractedProtections = Handler.HandleExtractable(extractable, fileName, stream, this);
if (extractedProtections != null)
AppendToDictionary(protections, extractedProtections);
});
return protections;
}
#endregion
}
}