# Wednesday, 20 June 2012
« Ten Years of IKVM.NET | Main | Why ASP.NET Medium Trust Isn't »
MS12-038 and IKDASM

Past patch Tuesday Microsoft released MS12-038 that updated System.Windows.Forms.dll. It fixes a vulnerability in clipboard handling.

To compare the unpatched and patched versions of the assembly, I added an option to ikdasm to supress some of the irrelevant differences. For example, it replaces all uses of the '<PrivateImplementationDetails>{nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn}' class (that the C# compiler generates) where nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn is the module version GUID with the literal string (i.e. it replaces the GUID digits with n-characters). Another change is that some metadata items are sorted by name. Specifically, property and event accessors and custom attributes tend to be ordered differently between different builds.

It's likely that I'll add more in the future.

The option is named -diffmode. Usage is straight forward:

    ikdasm -diffmode -out:System.Windows.Forms.il System.Windows.Forms.dll

Updated ikdasm sources are available here: ikdasm-v0.2.zip

Wednesday, 20 June 2012 15:07:38 (W. Europe Daylight Time, UTC+02:00)  #    Comments [1]
Wednesday, 20 June 2012 23:36:27 (W. Europe Daylight Time, UTC+02:00)
I have wished for this in .NET Reflector.

Would be interesting to see the result of said diff in another blog post... with explaining commentary!
Home page

I apologize for the lameness of this, but the comment spam was driving me nuts. In order to be able to post a comment, you need to answer a simple question. Hopefully this question is easy enough not to annoy serious commenters, but hard enough to keep the spammers away.

Anti-Spam Question: What method on java.lang.System returns an object's original hashcode (i.e. the one that would be returned by java.lang.Object.hashCode() if it wasn't overridden)? (case is significant)

Comment (HTML not allowed)  

Live Comment Preview