如何检查exe是否设置为LARGEADDRESSAWARE

时间:2012-01-29 15:51:33

标签: c# memory virtual-address-space address-space

我正在开发一个C#程序,它将加载文件并获取诸如加载文件创建日期,修改日期,大小等信息。我需要知道的另一件事是加载的文件(executable.exe)是否已链接带有LARGEADDRESSAWARE标志。 FileInfo类不提供此信息。

有没有人知道如何在C#中找出给定的executable.exe是否与LARGEADDRESSAWARE标志链接(处理大于2 GB的地址)?

3 个答案:

答案 0 :(得分:22)

以下是一些检查Large Address Aware标志的代码。您所要做的就是传递一个指向可执行文件开头的流。

IsLargeAware("some.exe");

static bool IsLargeAware(string file)
{
    using (var fs = File.OpenRead(file))
    {
        return IsLargeAware(fs);
    }
}
/// <summary>
/// Checks if the stream is a MZ header and if it is large address aware
/// </summary>
/// <param name="stream">Stream to check, make sure its at the start of the MZ header</param>
/// <exception cref=""></exception>
/// <returns></returns>
static bool IsLargeAware(Stream stream)
{
    const int IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x20;

    var br = new BinaryReader(stream);

    if (br.ReadInt16() != 0x5A4D)       //No MZ Header
        return false;

    br.BaseStream.Position = 0x3C;
    var peloc = br.ReadInt32();         //Get the PE header location.

    br.BaseStream.Position = peloc;
    if (br.ReadInt32() != 0x4550)       //No PE header
        return false;

    br.BaseStream.Position += 0x12;
    return (br.ReadInt16() & IMAGE_FILE_LARGE_ADDRESS_AWARE) == IMAGE_FILE_LARGE_ADDRESS_AWARE;
}

答案 1 :(得分:15)

/LARGEADDRESSAWARE州的MSDN documentation

  

如果某个应用程序与/ LARGEADDRESSAWARE链接,则DUMPBIN / HEADERS将显示相应的信息。

如果您正在寻找以编程方式执行此操作的方法,则可以从应用程序调用dumpbin并解析输出。

更新

还有一篇很好的博文here,可以更深入地讨论这个问题。

答案 2 :(得分:1)

从上面的Will的回答我在我的x86安装包中使用了以下内容:

    static bool LargeAware(string file) {
        using (var fs = File.Open(file, FileMode.Open, FileAccess.ReadWrite, FileShare.None)) {
            bool b = LargeAware(fs);
            fs.Close();
            return b;
        }
    }

    const int IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x20;
    static bool LargeAware(Stream stream) {

        var br = new BinaryReader(stream);
        var bw = new BinaryWriter(stream);

        if (br.ReadInt16() != 0x5A4D)       //No MZ Header
            return false;

        br.BaseStream.Position = 0x3C;
        var peloc = br.ReadInt32();         //Get the PE header location.

        br.BaseStream.Position = peloc;
        if (br.ReadInt32() != 0x4550)       //No PE header
            return false;

        br.BaseStream.Position += 0x12;
        long nFilePos = (int)br.BaseStream.Position;
        Int16 nLgaInt = br.ReadInt16();
        bool bIsLGA = (nLgaInt & IMAGE_FILE_LARGE_ADDRESS_AWARE) == IMAGE_FILE_LARGE_ADDRESS_AWARE;
        if (bIsLGA)
            return true;
        nLgaInt |= IMAGE_FILE_LARGE_ADDRESS_AWARE;
        long nFilePos1 = bw.Seek((int)nFilePos, SeekOrigin.Begin);
        bw.Write(nLgaInt);
        bw.Flush();
        long nFilePos2 = br.BaseStream.Seek(nFilePos, SeekOrigin.Begin);
        nLgaInt = br.ReadInt16();
        bIsLGA = (nLgaInt & IMAGE_FILE_LARGE_ADDRESS_AWARE) == IMAGE_FILE_LARGE_ADDRESS_AWARE;
        return bIsLGA;
    }
相关问题
最新问题