A Linked List Sample
Before proceeding to examine obfuscated IL code, let us proceed to another,
slightly more complicated sample. This one (like pretty much every .NET pro-
gram you’ll ever meet) actually uses a few objects, so it’s a more relevant
example of what a real program might look like. Let’s start by disassembling
this program’s Mainentry point, printed in Listing 12.2..method public hidebysig static void Main() cil managed
{
.entrypoint
.maxstack 2
.locals init (class LinkedList V_0,
int32 V_1,
class StringItem V_2)
IL_0000: newobj instance void LinkedList::.ctor()
IL_0005: stloc.0
IL_0006: ldc.i4.1
IL_0007: stloc.1
IL_0008: br.s IL_002bIL_000a: ldstr “item”
IL_000f: ldloc.1
IL_0010: box [mscorlib]System.Int32
IL_0015: call string [mscorlib]System.String::Concat(
object, object)
IL_001a: newobj instance void StringItem::.ctor(string)
IL_001f: stloc.2
IL_0020: ldloc.0
IL_0021: ldloc.2
IL_0022: callvirt instance void LinkedList::AddItem(class ListItem)
IL_0027: ldloc.1
IL_0028: ldc.i4.1
IL_0029: add
IL_002a: stloc.1
IL_002b: ldloc.1
IL_002c: ldc.i4.s 10
IL_002e: ble.s IL_000aIL_0030: ldloc.0
IL_0031: callvirt instance void LinkedList::Dump()
IL_0036: ret
} // end of method App::MainListing 12.2 A simple program that instantiates and fills a linked list object.436 Chapter 12