From 724247d321598a50bb9223997c3f297c444228d7 Mon Sep 17 00:00:00 2001
From: Jack Williams <jacwil014@gmail.com>
Date: Tue, 16 Oct 2018 14:37:48 -0700
Subject: [PATCH] Goodness for dump-pe utility (#80)
---
dump-pe/main.cpp | 60 +++++++++++++++------------------
pe-parser-library/src/parse.cpp | 3 +-
2 files changed, 29 insertions(+), 34 deletions(-)
diff --git a/dump-pe/main.cpp b/dump-pe/main.cpp
index 2a42851..9560089 100644
--- a/dump-pe/main.cpp
+++ b/dump-pe/main.cpp
@@ -23,6 +23,7 @@ THE SOFTWARE.
*/
#include <iostream>
+#include <iomanip>
#include <sstream>
#include <cstring>
@@ -40,7 +41,7 @@ int printExps(void *N, VA funcAddr, std::string &mod, std::string &func) {
std::cout << "!";
std::cout << func;
std::cout << ": 0x";
- std::cout << to_string<decltype(address)>(address, std::hex);
+ std::cout << std::hex << address;
std::cout << "\n";
return 0;
}
@@ -53,8 +54,7 @@ int printImports(void *N,
auto address = static_cast<std::uint32_t>(impAddr);
- std::cout << "0x" << to_string<decltype(address)>(address, std::hex);
- std::cout << " " << modName << "!" << symName;
+ std::cout << "0x" << std::hex << address << " " << modName << "!" << symName;
std::cout << "\n";
return 0;
}
@@ -93,7 +93,7 @@ int printRelocs(void *N, VA relocAddr, reloc_type type) {
break;
}
- std::cout << " VA: 0x" << to_string<VA>(relocAddr, std::hex) << "\n";
+ std::cout << " VA: 0x" << std::hex << relocAddr << "\n";
return 0;
}
@@ -108,8 +108,7 @@ int printSymbols(void *N,
static_cast<void>(N);
std::cout << "Symbol Name: " << strName << "\n";
- std::cout << "Symbol Value: 0x"
- << to_string<std::uint32_t>(value, std::hex) << "\n";
+ std::cout << "Symbol Value: 0x" << std::hex << value << "\n";
std::cout << "Symbol Section Number: ";
switch (sectionNumber) {
@@ -234,22 +233,21 @@ int printRsrc(void *N, resource r) {
if (r.type_str.length())
std::cout << "Type (string): " << r.type_str << "\n";
else
- std::cout << "Type: 0x"
- << to_string<std::uint32_t>(r.type, std::hex) << "\n";
+ std::cout << "Type: 0x" << std::hex << r.type << "\n";
+
if (r.name_str.length())
std::cout << "Name (string): " << r.name_str << "\n";
else
- std::cout << "Name: 0x"
- << to_string<std::uint32_t>(r.name, std::hex) << "\n";
+ std::cout << "Name: 0x" << std::hex << r.name << "\n";
+
if (r.lang_str.length())
std::cout << "Lang (string): " << r.lang_str << "\n";
else
- std::cout << "Lang: 0x"
- << to_string<std::uint32_t>(r.lang, std::hex) << "\n";
- std::cout << "Codepage: 0x"
- << to_string<std::uint32_t>(r.codepage, std::hex) << "\n";
- std::cout << "RVA: " << to_string<std::uint32_t>(r.RVA, std::dec) << "\n";
- std::cout << "Size: " << to_string<std::uint32_t>(r.size, std::dec) << "\n";
+ std::cout << "Lang: 0x" << std::hex << r.lang << "\n";
+
+ std::cout << "Codepage: 0x" << std::hex << r.codepage << "\n";
+ std::cout << "RVA: " << std::dec << r.RVA << "\n";
+ std::cout << "Size: " << std::dec << r.size << "\n";
return 0;
}
@@ -262,25 +260,21 @@ int printSecs(void *N,
static_cast<void>(s);
std::cout << "Sec Name: " << secName << "\n";
- std::cout << "Sec Base: 0x"
- << to_string<std::uint64_t>(secBase, std::hex) << "\n";
+ std::cout << "Sec Base: 0x" << std::hex << secBase << "\n";
if (data)
- std::cout << "Sec Size: "
- << to_string<std::uint64_t>(data->bufLen, std::dec) << "\n";
+ std::cout << "Sec Size: " << std::dec << data->bufLen << "\n";
else
std::cout << "Sec Size: 0" << "\n";
return 0;
}
-#define DUMP_FIELD(x) \
- std::cout << "" #x << ": 0x"; \
- std::cout << to_string<std::uint32_t>( \
- static_cast<std::uint32_t>(p->peHeader.nt.x), std::hex) \
+#define DUMP_FIELD(x) \
+ std::cout << "" #x << ": 0x"; \
+ std::cout << std::hex << static_cast<std::uint64_t>(p->peHeader.nt.x) \
<< "\n";
-#define DUMP_DEC_FIELD(x) \
- std::cout << "" #x << ": "; \
- std::cout << to_string<std::uint32_t>( \
- static_cast<std::uint32_t>(p->peHeader.nt.x), std::dec) \
+#define DUMP_DEC_FIELD(x) \
+ std::cout << "" #x << ": "; \
+ std::cout << std::dec << static_cast<std::uint64_t>(p->peHeader.nt.x) \
<< "\n";
int main(int argc, char *argv[]) {
@@ -377,12 +371,14 @@ int main(int argc, char *argv[]) {
if (GetEntryPoint(p, entryPoint)) {
std::cout << "First 8 bytes from entry point (0x";
- std::cout << to_string<VA>(entryPoint, std::hex);
- std::cout << "):" << "\n";
+ std::cout << std::hex << entryPoint << "):" << "\n";
for (std::size_t i = 0; i < 8; i++) {
std::uint8_t b;
- ReadByteAtVA(p, i + entryPoint, b);
- std::cout << " 0x" << to_string<std::uint32_t>(b, std::hex);
+ if (!ReadByteAtVA(p, i + entryPoint, b)) {
+ std::cout << " ERR";
+ } else {
+ std::cout << " 0x" << std::hex << static_cast<int>(b);
+ }
}
std::cout << "\n";
diff --git a/pe-parser-library/src/parse.cpp b/pe-parser-library/src/parse.cpp
index 3210712..04b4ad2 100644
--- a/pe-parser-library/src/parse.cpp
+++ b/pe-parser-library/src/parse.cpp
@@ -356,8 +356,7 @@ bool parse_resource_table(bounded_buffer *sectionData,
return false;
}
}
- }
- else {
+ } else {
/* .rsrc can accomodate up to 2**31 levels, but Windows only uses 3 by convention.
* As such, any depth above 3 indicates potentially unchecked recusion.
* See: https://docs.microsoft.com/en-us/windows/desktop/debug/pe-format#the-rsrc-section