ILMERGE x64 exe output is possible?

[elraz]

I'm trying to merge 3 dlls to 1 dll, I compiled the dlls in x64, and when I use dumpbin to see their header, the header is 0x180000000 as expected, but in the output dll the base header is 0x400000 image base as in x32 exe file.

I did the same thing with an exe file, I try to merge the same 3 dlls to the exe file, before the merge the exe file base header is 0x140000000, as expected, but after the merge, the base image address is 0x400000 and not 0x140000000. Thank you very much.
command :
ILMerge.exe /log /out:%APP_NAME%.%APP_TYPE% orig_%APP_NAME%.%APP_TYPE% /internalize %DLLS% /targetplatform:v4 /wildcards /allowDup /closed /keyfile:"%KEY_FILE_PATH%"

this is the log from the ILmerge: we have exeFile, dll1 ,dll2 ,and dll3.

Starting "Merging dll1.dll dll2.dll dll3.dll to exeFile"

Starting "Merging dll1.dll dll2.dll dll3.dll to exeFile"
3> .
3> ILMerge version 2.12.803.0
3> Copyright (C) Microsoft Corporation 2004-2006. All rights reserved.
3> ILMerge /log /out:exeFile.exe orig_exeFile.exe /internalize dll1.dll dll2.dll dll3.dll /targetplatform:v4 /wildcards /allowDup /closed /keyfile:C:\TBT\Driver\source\folder\BuildTools\keyPair.snk
3> Set platform to 'v4', using directory 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319' for mscorlib.dll
3> Running on Microsoft (R) .NET Framework v2.0.50727
3> mscorlib.dll version = 2.0.0.0
3> The list of input assemblies is:
3> orig_exeFile.exe
3> dll1.dll
3> dll2.dll
3> dll3.dll
3> The number of files matching the pattern orig_exeFile.exe is 1.
3> C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\orig_exeFile.exe
3> Trying to read assembly from the file 'C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\orig_exeFile.exe'.
3> Can not find PDB file. Debug info will not be available for assembly 'orig_exeFile.exe'.
3> Successfully read in assembly.
3> There were no errors reported in exeFile's metadata.
3> The number of files matching the pattern dll1.dll is 1.
3> C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll1.dll
3> Trying to read assembly from the file 'C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll1.dll'.
3> Can not find PDB file. Debug info will not be available for assembly 'dll1.dll'.
3> Successfully read in assembly.
3> There were no errors reported in dll1's metadata.
3> The number of files matching the pattern dll2.dll is 1.
3> C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll2.dll
3> Trying to read assembly from the file 'C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll2.dll'.
3> Can not find PDB file. Debug info will not be available for assembly 'dll2.dll'.
3> Successfully read in assembly.
3> There were no errors reported in dll2's metadata.
3> The number of files matching the pattern dll3.dll is 1.
3> C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll3.dll
3> Trying to read assembly from the file 'C:\TBT\Driver\source\folder\exeFile\bin\x64\Debug\TEMP_MERGE_DIRECTORY\dll3.dll'.
3> Can not find PDB file. Debug info will not be available for assembly 'dll3.dll'.
3> Successfully read in assembly.
3> There were no errors reported in dll3's metadata.
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Runtime'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Runtime'.
3> Resolved assembly reference 'System.Runtime' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Runtime.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'System.Runtime' is referencing assembly 'System.ComponentModel.Composition'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.ComponentModel.Composition'.
3> Resolved assembly reference 'System.ComponentModel.Composition' to 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.ComponentModel.Composition.dll'. (Used referencing Module's directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Collections'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Collections'.
3> Resolved assembly reference 'System.Collections' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Collections.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.IO'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.IO'.
3> Resolved assembly reference 'System.IO' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.IO.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Diagnostics.Debug'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Diagnostics.Debug'.
3> Resolved assembly reference 'System.Diagnostics.Debug' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Diagnostics.Debug.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Threading'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Threading'.
3> Resolved assembly reference 'System.Threading' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Threading.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Runtime.InteropServices'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Runtime.InteropServices'.
3> Resolved assembly reference 'System.Runtime.InteropServices' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Runtime.InteropServices.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Runtime.Extensions'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Runtime.Extensions'.
3> Resolved assembly reference 'System.Runtime.Extensions' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Runtime.Extensions.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Text.Encoding'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Text.Encoding'.
3> Resolved assembly reference 'System.Text.Encoding' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Text.Encoding.dll'. (Used framework directory.)
3> AssemblyResolver: Assembly 'dll2' is referencing assembly 'System.Linq'.
3> AssemblyResolver: Attempting referencing assembly's directory.
3> AssemblyResolver: Did not find assembly in referencing assembly's directory.
3> AssemblyResolver: Attempting input directory.
3> AssemblyResolver: Did not find assembly in input directory.
3> AssemblyResolver: Attempting user-supplied directories.
3> AssemblyResolver: No user-supplied directories.
3> AssemblyResolver: Attempting framework directory.
3> Can not find PDB file. Debug info will not be available for assembly 'System.Linq'.
3> Resolved assembly reference 'System.Linq' to 'C:\Windows\Microsoft.NET\Framework64\v2.0.50727..\v4.0.30319\System.Linq.dll'. (Used framework directory.)
3> In order to close the target assembly, the number of assemblies to be added to the input is 0.
3> Checking to see that all of the input assemblies have a compatible PeKind.
3> exeFile.PeKind = ILonly, Requires64bits, AMD
3> dll1.PeKind = ILonly, Requires64bits, AMD
3> dll2.PeKind = ILonly, Requires64bits, AMD
3> dll3.PeKind = ILonly, Requires64bits, AMD
3> All input assemblies have a compatible PeKind value.
3> Using assembly 'exeFile' for assembly-level attributes for the target assembly.
3> Merging assembly 'exeFile' into target assembly.
3> Merging assembly 'dll1' into target assembly.
3> Merging assembly 'dll2' into target assembly.
3> Merging assembly 'dll3' into target assembly.
3> Copying 2 Win32 Resources from assembly 'exeFile' into target assembly.
3> Transferring entry point 'exeFile.Program.Main' from assembly 'exeFile' to assembly 'exeFile'.
3> ILMerge: Signing assembly with the key file 'C:\TBT\Driver\source\folder\BuildTools\keyPair.snk'.
3> There were no errors reported in the target assembly's metadata.
3> ILMerge: Writing target assembly 'exeFile.exe'.
3> ILMerge: Signed assembly 'exeFile.exe' with a strong name.
3> Location for referenced module 'advapi32.dll' is ''
3> Location for referenced module 'kernel32.dll' is ''
3> Location for referenced module 'WTSAPI32.DLL' is ''
3> Location for referenced module 'setupapi.dll' is ''
3> Location for referenced module 'CfgMgr32.dll' is ''
3> Location for referenced assembly 'mscorlib' is 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll'
3> There were no errors reported in mscorlib's metadata.
3> Location for referenced assembly 'System.ServiceProcess' is 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.ServiceProcess.dll'
3> There were no errors reported in System.ServiceProcess's metadata.
3> Location for referenced assembly 'System' is 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\system.dll'
3> There were no errors reported in System's metadata.
3> Location for referenced assembly 'System.Core' is 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.Core.dll'
3> There were no errors reported in System.Core's metadata.
3> Location for referenced assembly 'System.Configuration.Install' is 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\System.Configuration.Install.dll'
3> There were no errors reported in System.Configuration.Install's metadata.
3> ILMerge: Done.

[mike-barnett]

I'm not sure I understand your problem. ILMerge is for completely managed IL assemblies. So those (afaik) should be independent of being 32-bit or 64-bit. Does the merged assembly run correctly? You can also use ILMerge on just a single input assembly to investigate these kinds of issues. If you can provide me with a single assembly (or its source) that shows the problem, then I can look into it.

[elraz]

hi Mike, thank you for the fast response i will try to explain batter what i'm trying to do. i have 3 dlls , that compiled as x64 , i want to merge them into exe file, that also been compiled as x64. my problem is after im doing the merge the exe file is a represented as a 0x400000 in is base image instead of 0x140000000 (before the merge he was 0x140000000). i think the merge went well, i didn't saw any error, and in the end i saw Merge ended successfully. unfortunately , i cant give you the dlls or the source, but i can give you the output form the dumpbin , if i can assist in any other way, please let me know, thank you very much ‫בתאריך יום ד׳, 6 במאי 2020 ב-18:03 מאת ‪Mike Barnett‬‏ <‪ [email protected]‬‏>:‬

I'm not sure I understand your problem. ILMerge is for completely managed IL assemblies. So those (afaik) should be independent of being 32-bit or 64-bit. Does the merged assembly run correctly? You can also use ILMerge on just a single input assembly to investigate these kinds of issues. If you can provide me with a single assembly (or its source) that shows the problem, then I can look into it. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#84 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AK5TOCG5R7ZB3OBCEGPR6PDRQF34RANCNFSM4M2EHPOQ> .

Dump of file ThunderboltDesktopDeviceAdapter.dll PE signature found File Type: DLL FILE HEADER VALUES 8664 machine (x64) 2 number of sections 5EB159E5 time date stamp Tue May 5 15:19:49 2020 0 file pointer to symbol table 0 number of symbols F0 size of optional header 2022 characteristics Executable Application can handle large (>2GB) addresses DLL OPTIONAL HEADER VALUES 20B magic # (PE32+) 48.00 linker version 4400 size of code 600 size of initialized data 0 size of uninitialized data 0 entry point 2000 base of code 180000000 image base (0000000180000000 to 0000000180009FFF) 2000 section alignment 200 file alignment 4.00 operating system version 0.00 image version 6.00 subsystem version 0 Win32 version A000 size of image 200 size of headers 53B0 checksum 3 subsystem (Windows CUI) 8560 DLL characteristics High Entropy Virtual Addresses Dynamic base NX compatible No structured exception handler Terminal Server Aware 400000 size of stack reserve 4000 size of stack commit 100000 size of heap reserve 2000 size of heap commit 0 loader flags 10 number of directories 0 [ 0] RVA [size] of Export Directory 0 [ 0] RVA [size] of Import Directory 8000 [ 440] RVA [size] of Resource Directory 0 [ 0] RVA [size] of Exception Directory 0 [ 0] RVA [size] of Certificates Directory 0 [ 0] RVA [size] of Base Relocation Directory 627C [ 1C] RVA [size] of Debug Directory 0 [ 0] RVA [size] of Architecture Directory 0 [ 0] RVA [size] of Global Pointer Directory 0 [ 0] RVA [size] of Thread Storage Directory 0 [ 0] RVA [size] of Load Configuration Directory 0 [ 0] RVA [size] of Bound Import Directory 0 [ 0] RVA [size] of Import Address Table Directory 0 [ 0] RVA [size] of Delay Import Directory 2000 [ 48] RVA [size] of COM Descriptor Directory 0 [ 0] RVA [size] of Reserved Directory SECTION HEADER #1 .text name 43B4 virtual size 2000 virtual address (0000000180002000 to 00000001800063B3) 4400 size of raw data 200 file pointer to raw data (00000200 to 000045FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 60000020 flags Code Execute Read Debug Directories Time Type Size RVA Pointer -------- ------- -------- -------- -------- 5EB159E5 cv 11C 00006298 4498 Format: RSDS, {B23F7E30-90DB-4987-9EE3-1619E6C14863}, 1, C:\TBT\Driver\source\tbt_sw-windows-source\Tools\ThunderboltDesktopDeviceAdapter\obj\x64\Debug\ThunderboltDesktopDeviceAdapter.pdb SECTION HEADER #2 .rsrc name 440 virtual size 8000 virtual address (0000000180008000 to 000000018000843F) 600 size of raw data 4600 file pointer to raw data (00004600 to 00004BFF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 40000040 flags Initialized Data Read Only Summary 2000 .rsrc 6000 .text Dump of file DeviceAdapterInterface.dll PE signature found File Type: DLL FILE HEADER VALUES 8664 machine (x64) 2 number of sections CF1F98AB time date stamp 0 file pointer to symbol table 0 number of symbols F0 size of optional header 2022 characteristics Executable Application can handle large (>2GB) addresses DLL OPTIONAL HEADER VALUES 20B magic # (PE32+) 48.00 linker version 1400 size of code 400 size of initialized data 0 size of uninitialized data 0 entry point 2000 base of code 180000000 image base (0000000180000000 to 0000000180005FFF) 2000 section alignment 200 file alignment 4.00 operating system version 0.00 image version 4.00 subsystem version 0 Win32 version 6000 size of image 200 size of headers 5C28 checksum 3 subsystem (Windows CUI) 8540 DLL characteristics Dynamic base NX compatible No structured exception handler Terminal Server Aware 400000 size of stack reserve 4000 size of stack commit 100000 size of heap reserve 2000 size of heap commit 0 loader flags 10 number of directories 0 [ 0] RVA [size] of Export Directory 0 [ 0] RVA [size] of Import Directory 4000 [ 3A8] RVA [size] of Resource Directory 0 [ 0] RVA [size] of Exception Directory 0 [ 0] RVA [size] of Certificates Directory 0 [ 0] RVA [size] of Base Relocation Directory 3158 [ 54] RVA [size] of Debug Directory 0 [ 0] RVA [size] of Architecture Directory 0 [ 0] RVA [size] of Global Pointer Directory 0 [ 0] RVA [size] of Thread Storage Directory 0 [ 0] RVA [size] of Load Configuration Directory 0 [ 0] RVA [size] of Bound Import Directory 0 [ 0] RVA [size] of Import Address Table Directory 0 [ 0] RVA [size] of Delay Import Directory 2000 [ 48] RVA [size] of COM Descriptor Directory 0 [ 0] RVA [size] of Reserved Directory SECTION HEADER #1 .text name 126B virtual size 2000 virtual address (0000000180002000 to 000000018000326A) 1400 size of raw data 200 file pointer to raw data (00000200 to 000015FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 60000020 flags Code Execute Read Debug Directories Time Type Size RVA Pointer -------- ------- -------- -------- -------- D530E955 cv 98 000031AC 13AC Format: RSDS, {FC81DC6D-ECA5-4ED5-9209-8323C8563493}, 1, C:\TBT\Driver\source\tbt_sw-windows-source\Tools\DeviceAdapterInterface\obj\x64\Debug\netstandard1.2\DeviceAdapterInterface.pdb 00000000 pdbhash 27 00003244 1444 SHA256: 6D DC 81 FC A5 EC D5 8E 52 09 83 23 C8 56 34 93 55 E9 30 55 1A 48 F2 64 24 B2 64 84 B6 0B B4 BD 00000000 repro 0 00000000 0 SECTION HEADER #2 .rsrc name 3A8 virtual size 4000 virtual address (0000000180004000 to 00000001800043A7) 400 size of raw data 1600 file pointer to raw data (00001600 to 000019FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 40000040 flags Initialized Data Read Only Summary 2000 .rsrc 2000 .text Dump of file TbtControlCenterToastLauncher.exe PE signature found File Type: EXECUTABLE IMAGE FILE HEADER VALUES 8664 machine (x64) 2 number of sections C57724F8 time date stamp 0 file pointer to symbol table 0 number of symbols F0 size of optional header 22 characteristics Executable Application can handle large (>2GB) addresses OPTIONAL HEADER VALUES 20B magic # (PE32+) 48.00 linker version 2600 size of code 4A00 size of initialized data 0 size of uninitialized data 0 entry point 2000 base of code 140000000 image base (0000000140000000 to 000000014000BFFF) 2000 section alignment 200 file alignment 4.00 operating system version 0.00 image version 6.00 subsystem version 0 Win32 version C000 size of image 200 size of headers 83DF checksum 2 subsystem (Windows GUI) 8560 DLL characteristics High Entropy Virtual Addresses Dynamic base NX compatible No structured exception handler Terminal Server Aware 400000 size of stack reserve 4000 size of stack commit 100000 size of heap reserve 2000 size of heap commit 0 loader flags 10 number of directories 0 [ 0] RVA [size] of Export Directory 0 [ 0] RVA [size] of Import Directory 6000 [ 4950] RVA [size] of Resource Directory 0 [ 0] RVA [size] of Exception Directory 0 [ 0] RVA [size] of Certificates Directory 0 [ 0] RVA [size] of Base Relocation Directory 4530 [ 38] RVA [size] of Debug Directory 0 [ 0] RVA [size] of Architecture Directory 0 [ 0] RVA [size] of Global Pointer Directory 0 [ 0] RVA [size] of Thread Storage Directory 0 [ 0] RVA [size] of Load Configuration Directory 0 [ 0] RVA [size] of Bound Import Directory 0 [ 0] RVA [size] of Import Address Table Directory 0 [ 0] RVA [size] of Delay Import Directory 2000 [ 48] RVA [size] of COM Descriptor Directory 0 [ 0] RVA [size] of Reserved Directory SECTION HEADER #1 .text name 25FB virtual size 2000 virtual address (0000000140002000 to 00000001400045FA) 2600 size of raw data 200 file pointer to raw data (00000200 to 000027FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 60000020 flags Code Execute Read Debug Directories Time Type Size RVA Pointer -------- ------- -------- -------- -------- CA8BCDC8 cv 93 00004568 2768 Format: RSDS, {C8DC3AFA-EB53-435C-8EA7-624AB90889EE}, 1, C:\TBT\Driver\source\tbt_sw-windows-source\TbtControlCenterToastLauncher\obj\x64\Release\TbtControlCenterToastLauncher.pdb 00000000 repro 0 00000000 0 SECTION HEADER #2 .rsrc name 4950 virtual size 6000 virtual address (0000000140006000 to 000000014000A94F) 4A00 size of raw data 2800 file pointer to raw data (00002800 to 000071FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 40000040 flags Initialized Data Read Only Summary 6000 .rsrc 4000 .text Dump of file ThunderboltUwdProxy.dll PE signature found File Type: DLL FILE HEADER VALUES 8664 machine (x64) 2 number of sections 967B2C04 time date stamp 0 file pointer to symbol table 0 number of symbols F0 size of optional header 2022 characteristics Executable Application can handle large (>2GB) addresses DLL OPTIONAL HEADER VALUES 20B magic # (PE32+) 48.00 linker version 1DC00 size of code 400 size of initialized data 0 size of uninitialized data 0 entry point 2000 base of code 180000000 image base (0000000180000000 to 0000000180021FFF) 2000 section alignment 200 file alignment 4.00 operating system version 0.00 image version 4.00 subsystem version 0 Win32 version 22000 size of image 200 size of headers 2BBFD checksum 3 subsystem (Windows CUI) 8540 DLL characteristics Dynamic base NX compatible No structured exception handler Terminal Server Aware 400000 size of stack reserve 4000 size of stack commit 100000 size of heap reserve 2000 size of heap commit 0 loader flags 10 number of directories 0 [ 0] RVA [size] of Export Directory 0 [ 0] RVA [size] of Import Directory 20000 [ 390] RVA [size] of Resource Directory 0 [ 0] RVA [size] of Exception Directory 0 [ 0] RVA [size] of Certificates Directory 0 [ 0] RVA [size] of Base Relocation Directory 1FAB4 [ 38] RVA [size] of Debug Directory 0 [ 0] RVA [size] of Architecture Directory 0 [ 0] RVA [size] of Global Pointer Directory 0 [ 0] RVA [size] of Thread Storage Directory 0 [ 0] RVA [size] of Load Configuration Directory 0 [ 0] RVA [size] of Bound Import Directory 0 [ 0] RVA [size] of Import Address Table Directory 0 [ 0] RVA [size] of Delay Import Directory 2000 [ 48] RVA [size] of COM Descriptor Directory 0 [ 0] RVA [size] of Reserved Directory SECTION HEADER #1 .text name 1DB7E virtual size 2000 virtual address (0000000180002000 to 000000018001FB7D) 1DC00 size of raw data 200 file pointer to raw data (00000200 to 0001DDFF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 60000020 flags Code Execute Read Debug Directories Time Type Size RVA Pointer -------- ------- -------- -------- -------- B20452DB cv 92 0001FAEC 1DCEC Format: RSDS, {0E702CF9-53B3-49BE-B690-7294034A9DDD}, 1, C:\TBT\Driver\source\tbt_sw-windows-source\Tools\ThunderboltUwdProxy\obj\x64\Debug\netstandard1.2\ThunderboltUwdProxy.pdb 00000000 repro 0 00000000 0 SECTION HEADER #2 .rsrc name 390 virtual size 20000 virtual address (0000000180020000 to 000000018002038F) 400 size of raw data 1DE00 file pointer to raw data (0001DE00 to 0001E1FF) 0 file pointer to relocation table 0 file pointer to line numbers 0 number of relocations 0 number of line numbers 40000040 flags Initialized Data Read Only Summary 2000 .rsrc 1E000 .text

[mike-barnett]

Sorry, that really doesn't help. I meant that it would be helpful if you could create a toy (and very tiny) single assembly that showed the same problem. I'm still unclear on how it is 64-bit. ILMerge should work on totally managed code in which case it doesn't matter what bit-width it was compiled for.

[elraz]

what is unclear? that what is a 64 bit? the exe or the dlls? what is the best way to know? if not according to the the dumpbin header and the base address? according to this , [image: image.png] the merge itself work, and the exe is working and all good, my problem is that the exe after the compilation generated dumpbin output with 0x400000 header ‫בתאריך יום ד׳, 6 במאי 2020 ב-20:42 מאת ‪Mike Barnett‬‏ <‪ [email protected]‬‏>:‬

…

Sorry, that really doesn't help. I meant that it would be helpful if you could create a toy (and very tiny) single assembly that showed the same problem. I'm still unclear on how it is 64-bit. ILMerge should work on totally managed code in which case it doesn't matter what bit-width it was compiled for. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#84 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AK5TOCEDXLJ7H56KQQQ5OTTRQGOSDANCNFSM4M2EHPOQ> .

[hrumhurum]

Probably the topic starter talks about PE32+ executable file format which is a 64-bit version of 32-bit PE.

While .NET assemblies are usually architecture agnostic, they may be both produced in PE or PE32+ formats depending on C# compiler settings.

For example, when user selects x64 platform in a C# project settings via Project -> Context Menu -> Properties ->Build -> Platform target in Visual Studio, the output assembly gets produced in PE32+ executable file format. Interestingly enough, both Any CPU and x86 platform targets use the usual (32-bit) PE format. It is only the x64 target that does PE32+ (64 bits): https://stackoverflow.com/a/32981918/2102379

P.S. It's only my guess, but it seems that original poster implies that ILMerge breaks x64 managed assemblies by creating the output in PE format instead of PE32+.

[mike-barnett]

What I need is a repro where I can see why ILMerge is not preserving the corflags properly. What I see is that if I compile the following code class C {} with "csc /t:library /platform:x64", I get a PE32+ assembly with CorFlags 0x1 (ILONLY: 1, 32BITREQ: 0, 32BITPREF: 0). When I run that assembly through ILMerge, the value of the CorFlags does not change.

[elraz]

l

can you do the same flow, but now, take a dump using the dumpbin?
https://docs.microsoft.com/en-us/cpp/build/reference/dumpbin-reference?view=vs-2019
using the developer command prompt
dumpbin test.dll /HEADERS /OUT:test.txt
do this before the merge, and after the merge and see what is the base image offset?

[elraz]

I did addition test with the CorFlags

dll 1
Version : v4.0.30319
CLR Header: 2.5
PE : PE32+
CorFlags : 0x9
ILONLY : 1
32BITREQ : 0
32BITPREF : 0
Signed : 1

dll2
Version : v4.0.30319
CLR Header: 2.5
PE : PE32+
CorFlags : 0x9
ILONLY : 1
32BITREQ : 0
32BITPREF : 0
Signed : 1

dll3
Version : v4.0.30319
CLR Header: 2.5
PE : PE32+
CorFlags : 0x9
ILONLY : 1
32BITREQ : 0
32BITPREF : 0
Signed : 1

exefile
Before Merge:
140000000 image base

Version : v4.0.30319
CLR Header: 2.5
PE : PE32+
CorFlags : 0x1
ILONLY : 1
32BITREQ : 0
32BITPREF : 0
Signed : 1

the imerge command :call "%ILMERGE_DIR%\ILMerge.exe" /out:%APP_NAME%.%APP_TYPE% orig_%APP_NAME%.%APP_TYPE% /internalize %DLLS% /targetplatform:v4 /wildcards /allowDup /closed /keyfile:"%KEY_FILE_PATH%"
After Merge:

400000 image base
Version : v4.0.30319
CLR Header: 2.5
PE : PE32+
CorFlags : 0x9
ILONLY : 1
32BITREQ : 0
32BITPREF : 0
Signed : 1

you can notice that in the ext file the PE didn't change, but the CorFlags changed from 0x1 to 0x9

[mike-barnett]

It looks to me as if the dlls are strongly named (hence their CorFlags is 0x9) while your exe is delay-signed. And the output is fully signed, so it is also 0x9. See Kirill's answer in this SO post for details on the interpretation of the CorFlags.

Also, I did do "dumpbin" to see the difference in the headers. I agree that they are different (in many places, not just in the base image offset), but I am not sure that it makes any functional difference. If you see a problem where the output of ILMerge does not behave properly compared to the behavior of the unmerged assemblies, then please let me know.

[SerjKh]

@mike-barnett, @hrumhurum
Hi Mike,

Thank you for taking the time to look into this issue!

I work with Elraz and also interested in resolving this. It is a demand from our security team, that our assemblies will have base address above the 0x140000000 boundary. Their justification is a follows:

Having a preferred base address below this boundary triggers a compatibility mode in Address Space Layout Randomization (ASLR) on recent versions of Windows that reduces the number of possible locations to which ASLR may relocate the binary

I prepared a sample solution to show you the problem. See:
ILMerge_BaseAddress_Issue_Sample_Project.zip

You need to build it and look at the SampleSolution\ConsoleApp2\bin\x64\Debug\MergedConsolApp2.exe PE headers.

Here is the relevant snapshot from Visual Studio Terminal:

---

dumpbin /headers .\ConsoleApp2\bin\x64\Debug\ConsoleApp2.exe
Microsoft (R) COFF/PE Dumper Version 14.26.28806.0
Copyright (C) Microsoft Corporation. All rights reserved.

Dump of file .\ConsoleApp2\bin\x64\Debug\ConsoleApp2.exe

PE signature found

File Type: EXECUTABLE IMAGE

FILE HEADER VALUES
8664 machine (x64)
2 number of sections
F8F801FF time date stamp
0 file pointer to symbol table
0 number of symbols
F0 size of optional header
22 characteristics
Executable
Application can handle large (>2GB) addresses

OPTIONAL HEADER VALUES
20B magic # (PE32+)
48.00 linker version
800 size of code
600 size of initialized data
0 size of uninitialized data
0 entry point
2000 base of code
140000000 image base (0000000140000000 to 0000000140005FFF)
...

---

dumpbin /headers .\ConsoleApp2\bin\x64\Debug\ConsoleApp2.exe
Microsoft (R) COFF/PE Dumper Version 14.26.28806.0
Copyright (C) Microsoft Corporation. All rights reserved.

Dump of file .\ConsoleApp2\bin\x64\Debug\ConsoleApp2.exe

PE signature found

File Type: EXECUTABLE IMAGE

FILE HEADER VALUES
8664 machine (x64)
2 number of sections
F8F801FF time date stamp
0 file pointer to symbol table
0 number of symbols
F0 size of optional header
22 characteristics
Executable
Application can handle large (>2GB) addresses

OPTIONAL HEADER VALUES
20B magic # (PE32+)
48.00 linker version
800 size of code
600 size of initialized data
0 size of uninitialized data
0 entry point
2000 base of code
140000000 image base (0000000140000000 to 0000000140005FFF)

---

dumpbin /headers .\ConsoleApp2\bin\x64\Debug\MergedConsolApp2.exe
Microsoft (R) COFF/PE Dumper Version 14.26.28806.0
Copyright (C) Microsoft Corporation. All rights reserved.

Dump of file .\ConsoleApp2\bin\x64\Debug\MergedConsolApp2.exe

PE signature found

File Type: EXECUTABLE IMAGE

FILE HEADER VALUES
8664 machine (x64)
3 number of sections
5EF3610A time date stamp Wed Jun 24 17:19:54 2020
0 file pointer to symbol table
0 number of symbols
F0 size of optional header
22 characteristics
Executable
Application can handle large (>2GB) addresses

OPTIONAL HEADER VALUES
20B magic # (PE32+)
8.00 linker version
800 size of code
800 size of initialized data
0 size of uninitialized data
26BE entry point (00000000004026BE)
2000 base of code
400000 image base (0000000000400000 to 0000000000407FFF)