Parent Directory
| 
Revision Log
| 
Patch
--- trunk/Win32/Sojaner.MemoryScanner/PEReader.cs 2012/06/21 21:35:08 413
+++ trunk/Win32/Sojaner.MemoryScanner/PEReader.cs 2012/06/22 08:21:18 414
@@ -1,4 +1,16 @@
-#define ENABLE_LOGGING
+#region Logging Defines
+// include this any class or method that required logging, and comment-out what is not needed
+#define LOGGING_ENABLED
+#region Enabled logging levels
+#define LOGGING_ENABLE_INFO
+#define LOGGING_ENABLE_WARN
+#define LOGGING_ENABLE_DEBUG
+#define LOGGING_ENABLE_VERBOSEDEBUG
+#define LOGGING_ENABLE_ERROR
+#define LOGGING_ENABLE_VERBOSEERROR
+#define LOGGING_ENABLE_PROFILER
+#endregion
+#endregion
using System;
using System.Collections.Generic;
using System.Linq;
@@ -727,44 +739,6 @@
internal readonly IList<IMAGE_SECTION_HEADER> _sectionHeaders = new List<IMAGE_SECTION_HEADER>();
internal readonly IMAGE_SECTION_DATA _SectionData = new IMAGE_SECTION_DATA();
#endregion
- #region logging implementation
- private static class log
- {
- public static class verbose
- {
- public static class debug
- {
- public static void writeline(string format, params object[] args)
- {
-#if ENABLE_LOGGING
- logger.VerboseDebug.WriteLine(format, args);
-#endif
- }
- public static void write(string format, params object[] args)
- {
-#if ENABLE_LOGGING
- logger.VerboseDebug.Write(format, args);
-#endif
- }
- }
- public static class error
- {
- public static void writeline(string format, params object[] args)
- {
-#if ENABLE_LOGGING
- logger.VerboseError.WriteLine(format, args);
-#endif
- }
- public static void write(string format, params object[] args)
- {
-#if ENABLE_LOGGING
- logger.VerboseError.Write(format, args);
-#endif
- }
- }
- }
- }
- #endregion
public PEReader(Process p)
@@ -776,7 +750,7 @@
{
try
{
- log.verbose.debug.writeline("Reading PE Format from: {0}", filename);
+ logger.VerboseDebug.WriteLine("Reading PE Format from: {0}", filename);
BinaryReader reader = new BinaryReader(fs);
// Reset reader position, just in case
reader.BaseStream.Seek(0, SeekOrigin.Begin);
@@ -806,17 +780,17 @@
// Read optional headers
if (Is32bitAssembly())
{
- log.verbose.debug.writeline("\tDetected a 32Bit PE Executable");
+ logger.VerboseDebug.WriteLine("\tDetected a 32Bit PE Executable");
Load32bitOptionalHeaders(reader);
}
else
{
- log.verbose.debug.writeline("\tDetected a 64Bit PE Executable");
+ logger.VerboseDebug.WriteLine("\tDetected a 64Bit PE Executable");
Load64bitOptionalHeaders(reader);
}
// Read section data
- log.verbose.debug.writeline("\tTotal Section Headers: {0}", _sectionHeaders.Count);
+ logger.VerboseDebug.WriteLine("\tTotal Section Headers: {0}", _sectionHeaders.Count);
ulong image_base = 0;
ulong p_image_base = (ulong)p.MainModule.BaseAddress.ToInt64();
if (Is32bitAssembly())
@@ -840,13 +814,13 @@
foreach (IMAGE_SECTION_HEADER header in _sectionHeaders)
{
int section_index = _sectionHeaders.IndexOf(header) + 1;
- log.verbose.debug.writeline("\tSection Header: {0} of {1}", section_index, _sectionHeaders.Count);
- log.verbose.debug.writeline("\t\tName: {0}", header.Name);
- log.verbose.debug.writeline("\t\tVirtual Address: 0x{0:x8}", header.VirtualAddress);
- log.verbose.debug.writeline("\t\tPhysical Address: 0x{0:x8}", header.Misc.PhysicalAddress);
- log.verbose.debug.writeline("\t\tVirtual Size: 0x{0:x8}", header.Misc.VirtualSize);
- log.verbose.debug.writeline("\t\tRaw Data Size: 0x{0:x8}", header.SizeOfRawData);
- log.verbose.debug.writeline("\t\tPointer To Raw Data: 0x{0:x8}", header.PointerToRawData);
+ logger.VerboseDebug.WriteLine("\tSection Header: {0} of {1}", section_index, _sectionHeaders.Count);
+ logger.VerboseDebug.WriteLine("\t\tName: {0}", header.Name);
+ logger.VerboseDebug.WriteLine("\t\tVirtual Address: 0x{0:x8}", header.VirtualAddress);
+ logger.VerboseDebug.WriteLine("\t\tPhysical Address: 0x{0:x8}", header.Misc.PhysicalAddress);
+ logger.VerboseDebug.WriteLine("\t\tVirtual Size: 0x{0:x8}", header.Misc.VirtualSize);
+ logger.VerboseDebug.WriteLine("\t\tRaw Data Size: 0x{0:x8}", header.SizeOfRawData);
+ logger.VerboseDebug.WriteLine("\t\tPointer To Raw Data: 0x{0:x8}", header.PointerToRawData);
// Skip to beginning of a section
@@ -865,8 +839,8 @@
}
if (ErrorInfo != null)
{
- log.verbose.error.writeline("Error Reading PE Format from: {0}", filename);
- log.verbose.error.writeline(ErrorInfo.ToString());
+ logger.VerboseDebug.WriteLine("Error Reading PE Format from: {0}", filename);
+ logger.VerboseDebug.WriteLine(ErrorInfo.ToString());
}
}
| ViewVC Help | |
| Powered by ViewVC 1.1.22 |