Comparing.Assemblies

In my upcoming assignment (the one that made me canceled my leave), I was asked to "verify" that a set of assemblies are indeed the compiled product of a set of source codes. *Gee! I'm a walking assembler or what?*

Anyway, here's how it can be done. You will need two tools - fc.exe (to diff files) and ildasm.exe (to disassemble a .NET assembly). You will also need the original source codes.

First, compile the source codes to produce the assembly (.dll or .exe). We will call this our source assembly. The target assembly will be the one already present. Next, use ildasm.exe to disassemble both assemblies and output the result to a file. Example:

ildasm /out=source.txt c:\source\MyAssembly.exe
ildasm /out=target.txt c:\target\MyAssembly.exe

To compare both files, use the fc.exe tool. Example:

fc source.txt target.txt

In the event where both assemblies are indeed produced by the same source codes, the comparison result will only show a minor difference on a comment line. It will be something like:

***** source.txt
.corflags 0x00000001 // ILONLY
// Image base: 0x00250000

***** target.txt
.corflags 0x00000001 // ILONLY
// Image base: 0x009F0000

Take note that the base address will be different on your machine. If no other changes are reported, then it is quite likely that both assemblies come from the same source code.

To compare the differences (i.e line-by-line) at a programming language level, I recommend Reflector and the Reflector.Diff add-in.

Why Not Do A Binary Comparison?

The fc.exe tool has a /b flag to perform binary comparisons. The reason why this will not work is because .NET assemblies are always different whenever they are being recompiled. Therefore, while a binary comparison on an assembly that was originally produced by the same compilation would yield no differences, a binary comparison on an assembly that was compiled on different compilations will reveal differences.


I would like to thank Tom Hollander for bringing up the disassemble and compare idea.