DisasMSIL: a free MSIL disasm engine
DisasMSIL is a free/open disasm engine for the Microsoft Intermediate Language (MSIL). You can use it any context you wish. There are no license restrictions. The only thing I ask you to do is to send me your bug fixes (if any).
Here's a little sample of how to use the disasm engine:
#include
"stdafx.h"
#include <Windows.h>
#include <stdio.h>
#include "DisasMSIL.h"
#define dsize 1703
unsigned char
pData[1703] = {
0x02, 0x7B, 0x0E, 0x00, 0x00, 0x04, 0x6F, 0x40, 0x00, 0x00, 0x0A, 0x72, 0x31,
0x00, 0x00, 0x70,
0x28, 0x41, 0x00, 0x00, 0x0A, 0x2C, 0x2C, 0x02, 0x7B, 0x12, 0x00, 0x00, 0x04,
0x6F, 0x40, 0x00,
........... MSIL CODE SAMPLE .............
};
int _tmain(int
argc, _TCHAR*
argv[])
{
#define MAX_INSTR 100
ILOPCODE_STRUCT ilopar[MAX_INSTR];
DISASMSIL_OFFSET CodeBase
= 0;
BYTE *pCur =
pData;
UINT nSize =
dsize;
UINT nDisasmedInstr;
while (DisasMSIL(pCur,
nSize, CodeBase,
ilopar, MAX_INSTR,
&nDisasmedInstr))
{
//
// print instructions
//
for (UINT
x = 0; x <
nDisasmedInstr; x++)
{
printf("\n%08X %s",
ilopar[x].Offset,
ilopar[x].Mnemonic);
}
//
// end loop?
//
if (nDisasmedInstr
< MAX_INSTR) break;
//
// next instructions
//
DISASMSIL_OFFSET next
= ilopar[nDisasmedInstr
- 1].Offset - CodeBase;
next += ilopar[nDisasmedInstr
- 1].Size;
pCur += next;
nSize -= next;
CodeBase += next;
}
getchar();
return 0;
}
Note: don't rely on the ECMA specification (Partition III: Common Language Infrastructure), since it's incomplete. Some new opcodes were introduced with the .NET Framework 2.0. These new opcodes are signalled in the header file like:
#define
ILOPCODE_LDELEM
0xA3 //
#define ILOPCODE_STELEM
0xA4 //
Introduced with the framework 2.0
#define ILOPCODE_UNBOX_ANY
0xA5 //
To consult the complete list of MSIL opcodes look in the MSDN after the .NET reflection. There you'll find the complete list.
Daniel Pistelli