DisasMSIL and CFF Explorer

Today I wrote a free/open disasm engine for Microsoft’s Intermediate Language (MSIL).

http://ntcore.com/Files/disasmsil.htm

You can use it any context you wish. There are no license restrictions. The only thing I ask you to do is to send me your bug fixes (if any).

I also added the MSIL disasm engine to the CFF Explorer which is now able to disassemble the methods’ code directly from the MetaData tables.

2 thoughts on “DisasMSIL and CFF Explorer”

  1. Daniel, actually ldelem, stelem and unbox.any are defined in the ISO/IEC 23271:2006 (E) version of the standard. I have the 5 partition in one PDF version of the standard and the three opcodes are defined there.

    There are however some opcodes, which are not defined officially. These are primarily all Annotation opcodes, if you google them you’ll find them. I’ve included their definitions in my SharpOS JIT compiler code for completeness:

    ann.call = 0x0C7
    ann.catch = 0x0C8
    ann.dead = 0x0C9
    ann.hoisted = 0x0CA
    ann.hoistedcall = 0x0CB
    ann.lab = 0x0CC
    ann.def = 0x0CD
    ann.ref.s = 0x0CE
    ann.phi = 0x0CF

    These were defined in beta 1 of .NET and have since either disappeared or did not make it into the standard.

    I suppose they are still used somehow and somewhere.

  2. Michael, at some point during my life I too had that ISO document (that’s how I added the opcodes back then), but now, after 2 years, I’m unable to find it. Every link on the internet points at the doc where these opcodes are missing. I spent like an hour looking for the up-to-date version. I’m pretty embaressed to say that I couldn’t find it.

    You’re right, I just checked in the Rotor source code and these opcodes are present as annotation opcodes. I really appreciate your contribution. I’ll add them in a couple of days. Even if they’re not used any longer, one never knows..

    Thanks again.

Leave a Reply

Your email address will not be published. Required fields are marked *