diff --git a/BinaryObjectScanner/FileType/Executable.cs b/BinaryObjectScanner/FileType/Executable.cs
index 107ce486..50c6d21a 100644
--- a/BinaryObjectScanner/FileType/Executable.cs
+++ b/BinaryObjectScanner/FileType/Executable.cs
@@ -143,34 +143,29 @@ namespace BinaryObjectScanner.FileType
// Only use generic content checks if we're in debug mode
if (includeDebug)
{
- var subProtections = RunContentChecks(file, stream, includeDebug);
- if (subProtections != null)
- protections.AddRange(subProtections.Values);
+ var contentProtections = RunContentChecks(file, stream, includeDebug);
+ protections.AddRange(contentProtections.Values);
}
if (wrapper is MSDOS mz)
{
- var subProtections = RunMSDOSExecutableChecks(file, stream, mz, includeDebug);
- if (subProtections != null)
- protections.AddRange(subProtections.Values);
+ var subProtections = RunExecutableChecks(file, mz, MSDOSExecutableCheckClasses, includeDebug);
+ protections.AddRange(subProtections.Values);
}
else if (wrapper is LinearExecutable lex)
{
- var subProtections = RunLinearExecutableChecks(file, stream, lex, includeDebug);
- if (subProtections != null)
- protections.AddRange(subProtections.Values);
+ var subProtections = RunExecutableChecks(file, lex, LinearExecutableCheckClasses, includeDebug);
+ protections.AddRange(subProtections.Values);
}
else if (wrapper is NewExecutable nex)
{
- var subProtections = RunNewExecutableChecks(file, stream, nex, includeDebug);
- if (subProtections != null)
- protections.AddRange(subProtections.Values);
+ var subProtections = RunExecutableChecks(file, nex, NewExecutableCheckClasses, includeDebug);
+ protections.AddRange(subProtections.Values);
}
else if (wrapper is PortableExecutable pex)
{
- var subProtections = RunPortableExecutableChecks(file, stream, pex, includeDebug);
- if (subProtections != null)
- protections.AddRange(subProtections.Values);
+ var subProtections = RunExecutableChecks(file, pex, PortableExecutableCheckClasses, includeDebug);
+ protections.AddRange(subProtections.Values);
}
return string.Join(";", [.. protections]);
@@ -184,14 +179,17 @@ namespace BinaryObjectScanner.FileType
/// Name of the source file of the stream, for tracking
/// Stream to scan the contents of
/// True to include debug data, false otherwise
- /// Set of protections in file, null on error
- public IDictionary? RunContentChecks(string? file, Stream stream, bool includeDebug)
+ /// Set of protections in file, empty on error
+ public IDictionary RunContentChecks(string? file, Stream stream, bool includeDebug)
{
+ // Create the output dictionary
+ var protections = new CheckDictionary();
+
// If we have an invalid file
if (string.IsNullOrEmpty(file))
- return null;
+ return protections;
else if (!File.Exists(file))
- return null;
+ return protections;
// Read the file contents
byte[] fileContent = [];
@@ -199,17 +197,14 @@ namespace BinaryObjectScanner.FileType
{
fileContent = stream.ReadBytes((int)stream.Length);
if (fileContent == null)
- return null;
+ return protections;
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
- return null;
+ return protections;
}
- // Create the output dictionary
- var protections = new CheckDictionary();
-
// Iterate through all checks
ContentCheckClasses.IterateWithAction(checkClass =>
{
@@ -233,124 +228,25 @@ namespace BinaryObjectScanner.FileType
}
///
- /// Handle a single file based on all linear executable check implementations
+ /// Handle a single file based on all executable check implementations
///
/// Name of the source file of the executable, for tracking
- /// Executable to scan
+ /// Executable to scan
+ /// Set of checks to use
/// True to include debug data, false otherwise
- /// Set of protections in file, null on error
- public IDictionary, string> RunLinearExecutableChecks(string file, Stream stream, LinearExecutable lex, bool includeDebug)
+ /// Set of protections in file, empty on error
+ public IDictionary RunExecutableChecks(string file, T exe, List checks, bool includeDebug)
+ where T : WrapperBase
+ where U : IExecutableCheck
{
// Create the output dictionary
- var protections = new CheckDictionary>();
+ var protections = new CheckDictionary();
// Iterate through all checks
- LinearExecutableCheckClasses.IterateWithAction(checkClass =>
+ checks.IterateWithAction(checkClass =>
{
// Get the protection for the class, if possible
- var protection = checkClass.CheckExecutable(file, lex, includeDebug);
- if (string.IsNullOrEmpty(protection))
- return;
-
- // If we are filtering on game engines
- if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
- return;
-
- // If we are filtering on packers
- if (CheckIfPacker(checkClass) && !IncludePackers)
- return;
-
- protections.Append(checkClass, protection);
- });
-
- return protections;
- }
-
- ///
- /// Handle a single file based on all MS-DOS executable check implementations
- ///
- /// Name of the source file of the executable, for tracking
- /// Executable to scan
- /// True to include debug data, false otherwise
- /// Set of protections in file, null on error
- public IDictionary, string> RunMSDOSExecutableChecks(string file, Stream stream, MSDOS mz, bool includeDebug)
- {
- // Create the output dictionary
- var protections = new CheckDictionary>();
-
- // Iterate through all checks
- MSDOSExecutableCheckClasses.IterateWithAction(checkClass =>
- {
- // Get the protection for the class, if possible
- var protection = checkClass.CheckExecutable(file, mz, includeDebug);
- if (string.IsNullOrEmpty(protection))
- return;
-
- // If we are filtering on game engines
- if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
- return;
-
- // If we are filtering on packers
- if (CheckIfPacker(checkClass) && !IncludePackers)
- return;
-
- protections.Append(checkClass, protection);
- });
-
- return protections;
- }
-
- ///
- /// Handle a single file based on all new executable check implementations
- ///
- /// Name of the source file of the executable, for tracking
- /// Executable to scan
- /// True to include debug data, false otherwise
- /// Set of protections in file, null on error
- public IDictionary, string> RunNewExecutableChecks(string file, Stream stream, NewExecutable nex, bool includeDebug)
- {
- // Create the output dictionary
- var protections = new CheckDictionary>();
-
- // Iterate through all checks
- NewExecutableCheckClasses.IterateWithAction(checkClass =>
- {
- // Get the protection for the class, if possible
- var protection = checkClass.CheckExecutable(file, nex, includeDebug);
- if (string.IsNullOrEmpty(protection))
- return;
-
- // If we are filtering on game engines
- if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
- return;
-
- // If we are filtering on packers
- if (CheckIfPacker(checkClass) && !IncludePackers)
- return;
-
- protections.Append(checkClass, protection);
- });
-
- return protections;
- }
-
- ///
- /// Handle a single file based on all portable executable check implementations
- ///
- /// Name of the source file of the executable, for tracking
- /// Executable to scan
- /// True to include debug data, false otherwise
- /// Set of protections in file, null on error
- public IDictionary, string> RunPortableExecutableChecks(string file, Stream stream, PortableExecutable pex, bool includeDebug)
- {
- // Create the output dictionary
- var protections = new CheckDictionary>();
-
- // Iterate through all checks
- PortableExecutableCheckClasses.IterateWithAction(checkClass =>
- {
- // Get the protection for the class, if possible
- var protection = checkClass.CheckExecutable(file, pex, includeDebug);
+ var protection = checkClass.CheckExecutable(file, exe, includeDebug);
if (string.IsNullOrEmpty(protection))
return;
diff --git a/BinaryObjectScanner/Scanner.cs b/BinaryObjectScanner/Scanner.cs
index 730aa658..ccb5a992 100644
--- a/BinaryObjectScanner/Scanner.cs
+++ b/BinaryObjectScanner/Scanner.cs
@@ -403,7 +403,7 @@ namespace BinaryObjectScanner
if (wrapper is MSDOS mz)
{
- var subProtections = executable.RunMSDOSExecutableChecks(fileName, stream, mz, _options.IncludeDebug);
+ var subProtections = executable.RunExecutableChecks(fileName, mz, Executable.MSDOSExecutableCheckClasses, _options.IncludeDebug);
if (subProtections == null)
return protections;
@@ -417,7 +417,7 @@ namespace BinaryObjectScanner
}
else if (wrapper is LinearExecutable lex)
{
- var subProtections = executable.RunLinearExecutableChecks(fileName, stream, lex, _options.IncludeDebug);
+ var subProtections = executable.RunExecutableChecks(fileName, lex, Executable.LinearExecutableCheckClasses, _options.IncludeDebug);
if (subProtections == null)
return protections;
@@ -431,7 +431,7 @@ namespace BinaryObjectScanner
}
else if (wrapper is NewExecutable nex)
{
- var subProtections = executable.RunNewExecutableChecks(fileName, stream, nex, _options.IncludeDebug);
+ var subProtections = executable.RunExecutableChecks(fileName, nex, Executable.NewExecutableCheckClasses, _options.IncludeDebug);
if (subProtections == null)
return protections;
@@ -445,7 +445,7 @@ namespace BinaryObjectScanner
}
else if (wrapper is PortableExecutable pex)
{
- var subProtections = executable.RunPortableExecutableChecks(fileName, stream, pex, _options.IncludeDebug);
+ var subProtections = executable.RunExecutableChecks(fileName, pex, Executable.PortableExecutableCheckClasses, _options.IncludeDebug);
if (subProtections == null)
return protections;