Clean up after last few commits

This commit is contained in:
Matt Nadareski
2024-11-20 21:18:12 -05:00
parent d7c37f6e0a
commit 558e23a9cd
8 changed files with 43 additions and 55 deletions

View File

@@ -94,41 +94,49 @@ namespace BinaryObjectScanner.FileType
if (wrapper is MSDOS mz)
{
// Standard checks
var subProtections = RunExecutableChecks(file, mz, StaticChecks.MSDOSExecutableCheckClasses, includeDebug);
var subProtections
= RunExecutableChecks(file, mz, StaticChecks.MSDOSExecutableCheckClasses, includeDebug);
protections.Append(file, subProtections.Values);
// Extractable checks
var extractedProtections = HandleExtractableProtections(file, mz, subProtections.Keys, getProtections, includeDebug);
var extractedProtections
= HandleExtractableProtections(file, mz, subProtections.Keys, getProtections, includeDebug);
protections.Append(extractedProtections);
}
else if (wrapper is LinearExecutable lex)
{
// Standard checks
var subProtections = RunExecutableChecks(file, lex, StaticChecks.LinearExecutableCheckClasses, includeDebug);
var subProtections
= RunExecutableChecks(file, lex, StaticChecks.LinearExecutableCheckClasses, includeDebug);
protections.Append(file, subProtections.Values);
// Extractable checks
var extractedProtections = HandleExtractableProtections(file, lex, subProtections.Keys, getProtections, includeDebug);
var extractedProtections
= HandleExtractableProtections(file, lex, subProtections.Keys, getProtections, includeDebug);
protections.Append(extractedProtections);
}
else if (wrapper is NewExecutable nex)
{
// Standard checks
var subProtections = RunExecutableChecks(file, nex, StaticChecks.NewExecutableCheckClasses, includeDebug);
var subProtections
= RunExecutableChecks(file, nex, StaticChecks.NewExecutableCheckClasses, includeDebug);
protections.Append(file, subProtections.Values);
// Extractable checks
var extractedProtections = HandleExtractableProtections(file, nex, subProtections.Keys, getProtections, includeDebug);
var extractedProtections
= HandleExtractableProtections(file, nex, subProtections.Keys, getProtections, includeDebug);
protections.Append(extractedProtections);
}
else if (wrapper is PortableExecutable pex)
{
// Standard checks
var subProtections = RunExecutableChecks(file, pex, StaticChecks.PortableExecutableCheckClasses, includeDebug);
var subProtections
= RunExecutableChecks(file, pex, StaticChecks.PortableExecutableCheckClasses, includeDebug);
protections.Append(file, subProtections.Values);
// Extractable checks
var extractedProtections = HandleExtractableProtections(file, pex, subProtections.Keys, getProtections, includeDebug);
var extractedProtections
= HandleExtractableProtections(file, pex, subProtections.Keys, getProtections, includeDebug);
protections.Append(extractedProtections);
}

View File

@@ -22,8 +22,9 @@ namespace BinaryObjectScanner.Packer
return null;
// Get the resources that have a PKZIP signature
if (pex.ResourceData?.Any(kvp => kvp.Value is byte[] ba
&& ba.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes)) == true)
if (pex.ResourceData != null
&& pex.ResourceData.Values.Any(v => v is byte[] ba
&& ba.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes)))
{
return "Embedded Archive";
}

View File

@@ -22,8 +22,9 @@ namespace BinaryObjectScanner.Packer
return null;
// Get the resources that have an executable signature
if (pex.ResourceData?.Any(kvp => kvp.Value is byte[] ba
&& ba.StartsWith(SabreTools.Models.MSDOS.Constants.SignatureBytes)) == true)
if (pex.ResourceData != null
&& pex.ResourceData.Values.Any(v => v is byte[] ba
&& ba.StartsWith(SabreTools.Models.MSDOS.Constants.SignatureBytes)))
{
return "Embedded Executable";
}

View File

@@ -120,6 +120,10 @@ namespace BinaryObjectScanner.Protection
if (!string.IsNullOrEmpty(match))
return match;
// Get the resident and non-resident name table strings
var nrntStrs = Array.ConvertAll(nex.Model.NonResidentNameTable ?? [],
nrnte => nrnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString));
// Check the imported-name table
// Found in "h3blade.exe" in Redump entry 85077.
bool intMatch = nex.Model.ImportedNameTable?.Values?
@@ -130,10 +134,7 @@ namespace BinaryObjectScanner.Protection
// Check the nonresident-name table
// Found in "CDCOPS.DLL" in Redump entry 85077.
bool nrntMatch = nex.Model.NonResidentNameTable?
.Select(nrnte => nrnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(nrnte.NameString))
.Any(s => s.Contains("CDcops assembly-language DLL")) ?? false;
if (nrntMatch)
if (Array.Exists(nrntStrs, s => s.Contains("CDcops assembly-language DLL")))
return "CD-Cops";
return null;

View File

@@ -1,7 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.IO.Extensions;
using SabreTools.Matching;
@@ -133,12 +132,12 @@ namespace BinaryObjectScanner.Protection
using var stream = File.OpenRead(lightFiles[0]);
byte[] block = stream.ReadBytes(1024);
// Samples: Redump ID 81628
if (Array.TrueForAll(block, b => b == 0))
protections.Add("copy-X");
var matchers = new List<ContentMatchSet>
{
// Checks if the file contains 0x00
// Samples: Redump ID 81628
new(Enumerable.Repeat<byte?>(0x00, 1024).ToArray(), "copy-X"),
// Checks for whatever this data is.
// Samples: Redump ID 84759, Redump ID 107929. Professional discs also have this data, hence the exclusion check.
new(

View File

@@ -64,13 +64,9 @@ namespace BinaryObjectScanner.Protection
];
int endDosStub = (int)(pex.Model.Stub?.Header?.NewExeHeaderAddr ?? 0);
int position = -1;
#if NET20
bool containsCheck = Extensions.FirstPosition(pex.StubExecutableData ?? [], check, out position);
#else
bool containsCheck = pex.StubExecutableData?.FirstPosition(check, out position) ?? false;
#endif
// Check the executable tables
bool containsCheck = pex.StubExecutableData?.FirstPosition(check, out position) ?? false;
bool containsCheck2 = Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "GetModuleHandleA")
&& Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "GetProcAddress")
&& Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "LoadLibraryA")
@@ -94,11 +90,7 @@ namespace BinaryObjectScanner.Protection
0x45, 0x4C, 0x33, 0x32, 0x2E, 0x64, 0x6C, 0x6C,
0x00, 0xEB, 0x79, 0x01, null, null, null, null,
];
#if NET20
containsCheck2 = Extensions.FirstPosition(pex.GetFirstSectionData(".text") ?? [], check2, out position2);
#else
containsCheck2 = pex.GetFirstSectionData(".text")?.FirstPosition(check2, out position2) ?? false;
#endif
}
else
{
@@ -169,11 +161,7 @@ namespace BinaryObjectScanner.Protection
0x55, 0x6E, 0x6B, 0x6F, 0x77, 0x6E, 0x00, 0x55,
0x6E, 0x6B, 0x6F, 0x77, 0x6E
];
#if NET20
if (!Extensions.FirstPosition(sectionContent, check, out int position))
#else
if (!sectionContent.FirstPosition(check, out int position))
#endif
return "(Build unknown)";
string year, month, day;

View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -160,17 +159,11 @@ namespace BinaryObjectScanner.Protection
if (fileContent == null)
return null;
string version, strBuild = string.Empty;
string version;
int index = positions[0] - 12;
// Version 6-7 with Build Number in plain text
#if NET20 || NET35 || NET40
byte[] temp = new byte[4];
Array.Copy(fileContent, index, temp, 0, 4);
if (temp.SequenceEqual(new byte[] { 0x0A, 0x0D, 0x0A, 0x0D }))
#else
if (new ArraySegment<byte>(fileContent, index, 4).SequenceEqual(new byte[] { 0x0A, 0x0D, 0x0A, 0x0D }))
#endif
if (fileContent[index] == 0x0A && fileContent[index + 1] == 0x0D && fileContent[index + 2] == 0x0A && fileContent[index + 3] == 0x0D)
{
index = positions[0] - 12 - 6;
@@ -198,7 +191,7 @@ namespace BinaryObjectScanner.Protection
index -= 5;
}
strBuild = Encoding.ASCII.GetString(fileContent, index, 6).Trim();
string strBuild = Encoding.ASCII.GetString(fileContent, index, 6).Trim();
if (!int.TryParse(strBuild, out int intBuild))
strBuild = $"[Build {strBuild}]";
else

View File

@@ -162,15 +162,16 @@ namespace BinaryObjectScanner.Protection
var id2 = new ArraySegment<byte>(fileContent, position + 16, 4);
#endif
if (id1.SequenceEqual(new byte[] { 0x00, 0x00, 0x00 }) && id2.SequenceEqual(new byte[] { 0x00, 0x10, 0x00, 0x00 }))
if (id1.SequenceEqual(new byte[] { 0x00, 0x00, 0x00 })
&& id2.SequenceEqual(new byte[] { 0x00, 0x10, 0x00, 0x00 }))
{
return "v1";
else if (id1.SequenceEqual(new byte[] { 0x2E, 0x6F, 0x26 }) && id2.SequenceEqual(new byte[] { 0xDB, 0xC5, 0x20, 0x3A })) // new byte[] { 0xDB, 0xC5, 0x20, 0x3A, 0xB9 }
return "v2"; // TODO: Verify against other SolidShield 2 discs
if (id1.SequenceEqual(new byte[] { 0x00, 0x00, 0x00 }) && id2.SequenceEqual(new byte[] { 0x00, 0x10, 0x00, 0x00 }))
return "v1";
else if (id1.SequenceEqual(new byte[] { 0x2E, 0x6F, 0x26 }) && id2.SequenceEqual(new byte[] { 0xDB, 0xC5, 0x20, 0x3A })) // new byte[] { 0xDB, 0xC5, 0x20, 0x3A, 0xB9 }
}
else if (id1.SequenceEqual(new byte[] { 0x2E, 0x6F, 0x26 })
&& id2.SequenceEqual(new byte[] { 0xDB, 0xC5, 0x20, 0x3A })) // [0xDB, 0xC5, 0x20, 0x3A, 0xB9]
{
return "v2"; // TODO: Verify against other SolidShield 2 discs
}
return string.Empty;
}
@@ -209,11 +210,7 @@ namespace BinaryObjectScanner.Protection
0x6C, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F,
0x6E, 0x00, 0x00, 0x00, 0x00
];
#if NET20
if (Extensions.FirstPosition(fileContent, check2, out int position2))
#else
if (fileContent.FirstPosition(check2, out int position2))
#endif
{
position2--; // TODO: Verify this subtract
return $"2 + Tagès {fileContent[position2 + 0x38]}.{fileContent[position2 + 0x38 + 4]}.{fileContent[position2 + 0x38 + 8]}.{fileContent[position + 0x38 + 12]}";