3

I'm trying to implement managed debugger looking at MDBG sample.

MDBG is capable of resolving function names within given scope, but it's not taking in consideration base classes.

MDBG is doing this:

    /// <summary>
    /// Resolves a Function from a Module, Class Name, and Function Name.
    /// </summary>
    /// <param name="mdbgModule">The Module that has the Function.</param>
    /// <param name="className">The name of the Class that has the Function.</param>
    /// <param name="functionName">The name of the Function.</param>
    /// <returns>The MDbgFunction that matches the given parameters.</returns>
    public MDbgFunction ResolveFunctionName(MDbgModule mdbgModule, string className, string functionName) {
        ...
        foreach (MethodInfo mi in t.GetMethods()) {
            if (mi.Name.Equals(functionName)) {
                func = mdbgModule.GetFunction((mi as MetadataMethodInfo).MetadataToken);
                break;
            }
        }
        return func;
    }

While the Type.GetMethods() is overriden and has this implementation, using IMetaDataImport.EnumMethods:

     public override MethodInfo[] GetMethods(BindingFlags bindingAttr) {
        ArrayList al = new ArrayList();
        IntPtr hEnum = new IntPtr();

        int methodToken;
        try {
            while (true) {
                int size;
                m_importer.EnumMethods(ref hEnum, (int) m_typeToken, out methodToken, 1, out size);
                if (size == 0) {
                    break;
                }
                al.Add(new MetadataMethodInfo(m_importer, methodToken));
            }
        }
        finally {
            m_importer.CloseEnum(hEnum);
        }
        return (MethodInfo[]) al.ToArray(typeof (MethodInfo));
    }

The problem is that m_importer.EnumMethods() Enumerates MethodDef tokens representing methods of the specified type, but I'm interested in all methods from the class hierarchy.

How can I get all the Methods defined in class hierarchy? (Obviously, common methods like reflection cannot be used, since I'm analyzing type defined in other process)

My limited knowledge of interop and deep CLR/CIL structure creates impediments for finding the right way to go here.

Any advice/suggestion is welcome!

Regards,

3615
  • 3,787
  • 3
  • 20
  • 35

1 Answers1

3

GetTypeProps will return the metadata token of the base type in ptkExtends, you can use that to walk up the inheritance tree and collect the methods from each as you go.

Be aware, however, that the metadata token might not be a TypeDef. It could be a TypeRef (requiring you to resolve the type) or a TypeSpec (requiring you to parse the type signature and extract an appropriate TypeDef/TypeRef).

Brian Reichle
  • 2,798
  • 2
  • 30
  • 34
  • Thank you! Now I understand a bit better what I should do, but it's not yet totally clear. I can see how MDBG handles TypeRef and TypeDef, using GetTypeRefProps/GetTypeDefProps method. But how should I parse TypeSpec signature? – 3615 Jul 26 '16 at 12:28
  • Use [GetTypeSpecFromToken](https://msdn.microsoft.com/en-us/library/windows/desktop/hh870637(v=vs.85).aspx) to get the signature blob. The format of the signature is defined in [ECMA-335](http://www.ecma-international.org/publications/standards/Ecma-335.htm) Partition II Section 23.2.14. – Brian Reichle Jul 26 '16 at 12:48
  • Thank you again! I will need some time to try it out and then I'll get back with some results.. – 3615 Jul 26 '16 at 13:32
  • Well, I have to report, that I'm still stuck. I was able to call GetTypeSpecFromToken and retrieve signature blob pointer and size. But I cannot figure out how to parse it, even I've read tons of articles about signatures. Could you provide/point me to some example? Currently I got an IntPtr: (byte*)ppvSig 0x0000002a55990650. and the length pcbSig 0x06. Calling System.Runtime.InteropServices.Marshal.ReadByte(ppvSig, from 0 to 5) I've received some bytes of data: 15 12 3C 01 12 36 24. But I cannot figure out how that could help me... – 3615 Jul 27 '16 at 11:51
  • And according to [this](http://www.codeproject.com/Articles/42649/NET-file-format-Signatures-under-the-hood-Part) article's 3.3 Compressed integer, value is also encoded. There is some standard way to decode it? Or I should implement the mentioned algoritm? (sigh) Oh my... – 3615 Jul 27 '16 at 12:06
  • I've asked a specific question about this [here](http://stackoverflow.com/questions/38615100/how-to-get-typedef-from-typespec). – 3615 Jul 27 '16 at 14:00