mirror of
https://github.com/QuasarApp/pe-parse.git
synced 2025-05-05 00:19:32 +00:00
some definitions
This commit is contained in:
parent
214b9c0329
commit
3e1b2ea8d2
parser-library
@ -36,6 +36,21 @@ const boost::uint32_t NT_MAGIC = 0x00004550;
|
||||
const boost::uint16_t NUM_DIR_ENTRIES = 16;
|
||||
const boost::uint16_t NT_OPTIONAL_32_MAGIC = 0x10B;
|
||||
const boost::uint16_t NT_SHORT_NAME_LEN = 8;
|
||||
const boost::uint16_t DIR_EXPORT = 0;
|
||||
const boost::uint16_t DIR_IMPORT = 1;
|
||||
const boost::uint16_t DIR_RESOURCE = 2;
|
||||
const boost::uint16_t DIR_EXCEPTION = 3;
|
||||
const boost::uint16_t DIR_SECURITY = 4;
|
||||
const boost::uint16_t DIR_BASERELOC = 5;
|
||||
const boost::uint16_t DIR_DEBUG = 6;
|
||||
const boost::uint16_t DIR_ARCHITECTURE = 7;
|
||||
const boost::uint16_t DIR_GLOBALPTR = 8;
|
||||
const boost::uint16_t DIR_TLS = 9;
|
||||
const boost::uint16_t DIR_LOAD_CONFIG = 10;
|
||||
const boost::uint16_t DIR_BOUND_IMPORT = 11;
|
||||
const boost::uint16_t DIR_IAT = 12;
|
||||
const boost::uint16_t DIR_DELAY_IMPORT = 13;
|
||||
const boost::uint16_t DIR_COM_DESCRIPTOR = 14;
|
||||
|
||||
struct dos_header {
|
||||
boost::uint16_t e_magic;
|
||||
|
@ -36,6 +36,12 @@ struct section {
|
||||
image_section_header sec;
|
||||
};
|
||||
|
||||
struct exportent {
|
||||
RVA exportAddr;
|
||||
string symbolName;
|
||||
string moduleName;
|
||||
};
|
||||
|
||||
struct reloc {
|
||||
RVA shiftedAddr;
|
||||
RVA shiftedTo;
|
||||
@ -43,6 +49,7 @@ struct reloc {
|
||||
|
||||
struct parsed_pe_internal {
|
||||
list<section> secs;
|
||||
list<exportent> exports;
|
||||
};
|
||||
|
||||
bool getSections( bounded_buffer *b,
|
||||
@ -301,8 +308,6 @@ parsed_pe *ParsePEFromFile(const char *filePath) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
//now, we need to do some actual PE parsing and file carving.
|
||||
|
||||
//get header information
|
||||
bounded_buffer *remaining = NULL;
|
||||
if(getHeader(p->fileBuffer, p->peHeader, remaining) == false) {
|
||||
|
@ -71,8 +71,8 @@ void IterImpRVAString(parsed_pe *pe, iterRVAStr cb, void *cbd);
|
||||
typedef void (*iterReloc)(void *, RVA);
|
||||
void IterRelocs(parsed_pe *pe, iterReloc cb, void *cbd);
|
||||
|
||||
//iterate over the exports by RVA
|
||||
typedef void (*iterRVA)(void *, RVA);
|
||||
//iterate over the exports
|
||||
typedef void (*iterRVA)(void *, RVA, std::string &, std::string &);
|
||||
void IterExpRVA(parsed_pe *pe, iterRVA cb, void *cbd);
|
||||
|
||||
//iterate over sections
|
||||
|
Loading…
x
Reference in New Issue
Block a user