0.2.0.370 (2021-01-04)

PEAnatomist.exe SHA256: 8E6D8EF4D5691A8FFC22377C45FC00E3CE90FD7F47E1F8D2CDBA914885477BEF

  • Minor optimization and cleaning of list sorting code
  • Background color of resource properties dialog and hexview changed to standard for the used control
  • Cleaning headers, unifying declared data types, dividing code into independent modules
  • Fix display error for the symbols CV_COMPILESYM and CV_COMPILESYM3
  • Update register names and CodeView symbols from VS 16.8 and 16.9Preview
  • Add display of the COFF symbol referenced by the CLR token in the COFF symbol table
  • Add display of CLR token in CodeView symbols
  • Fix error displaying RT_STRING resource as text in rare cases
  • Fix error in defining COFF-symbol of exception handler in x64 OBJ-files
  • The used data types from CoreCLR 5 have been updated
  • Fix a crash when displaying the contents of the metadata tables of some obfuscated or compressed .NET files
  • Change .NET metadata streams description - stream RVA is displayed now
  • Fix matching RVA to offset for some alignment and section parameter combinations in PE files compiled by MinGW
  • Fix displaying a DelayImport table with incorrect content (regression starting 0.1.8)
  • Fix matching RVA to offset in case of forced loading of PE without sections
  • Add .NET Vtable Fixups display
  • Fix a rare error with displaying the name of some Codeview types in the pivot table (an incorrect name could be displayed if in fact it was of zero length)
  • Add decoding of MSVC ILStore symbol table (.cil$gl) in OBJ files (x86, x64, ARMThumb, ARM64) for VS16.8
  • Change the appearance of the main window in the absence of a loaded file
  • Add description for selected symbol in the MSVC ILStore symbol table
  • Add correction of indexes in the MSVC ILStore table of types in case of using PCH
  • Add description of types by their index in all supported MSVC ILStore tables
  • Add description of MSVC ILStore symbols referenced by selected symbol from table .cil$gl
  • Add parsing of CHPE configuration header and DynamicDataRelocations table for hybrid x64-over-ARM64 images (arm64x) from InsiderPreview 21277
  • Add x64 ExceptionsData table for hybrid x64-over-ARM64 images (arm64x)
  • Add parsing of ARM64 unwind codes for SIMD registers
  • Fix detection of the ARM64 unwind chain
  • New view of the settings dialog, division of settings into new categories
  • Add formatting settings for text copied to the clipboard from program tables
  • Fix error reading CodeView C13 subsections in some cases (most often it appeared on CodeView created by early versions of tools from VS2002 and VS2003)
  • Add search settings: remembering the last query and saving the selected starting position of the search
  • Add search options for text: match only from the beginning of a string, inversion of search results (i.e. search for strings where the desired text is absent)
  • Fix error displaying the "Parent Offset" parameter in the CodeView symbols S_DEFRANGE_REGISTER_REL and S_DEFRANGE_REGISTER_REL_INDIR
  • Fix error of reading MSVC ILStore type table when there are nested tables
  • Add support for decoding MSVC ILStore symbol table for all public versions of VisualStudio (7-16.9Preview2)
  • Add the ability to select all found lines for text search
  • Prevent unclosed search dialog from being used after destroying its associated ListView
  • Configuration file format has been changed to text view

Releases list