QuasarApp/pe-parse
4
0
Fork 0
mirror of https://github.com/QuasarApp/pe-parse.git synced 2025-05-01 06:44:31 +00:00
Code Issues Projects Releases Wiki Activity
261 Commits 3 Branches 0 Tags
Commit Graph

54 Commits

Author SHA1 Message Date
EndrII
f681c21b7b update copyright (pri)
Some checks failed
buildbot/IOSCMakeBuilder Build finished.
Details
buildbot/WindowsCMakeBuilder Build finished.
Details
buildbot/LinuxCMakeBuilderQt6 Build finished.
Details
buildbot/AndroidBuilder_v8Qt6 Build finished.
Details
buildbot/WindowsBuilder Build finished.
Details
buildbot/AndroidBuilder_v7 Build finished.
Details
buildbot/LinuxCMakeBuilder Build finished.
Details
buildbot/DocsGenerator Build finished.
Details
buildbot/LinuxBuilder Build finished.
Details
buildbot/Wasm32Builder Build finished.
Details
buildbot/AndroidBuilder_v8 Build finished.
Details
2021-02-08 15:30:35 +03:00
EndrII
1db16dee63 update copyright 2021-02-08 15:23:28 +03:00
EndrII
801cf27056 fix build on mingw (windows) 2021-02-08 15:22:21 +03:00
EndrII
ff37651b9d fix pro file 2021-02-08 14:39:43 +03:00
EndrII
e0dfc827b3 Merge remote-tracking branch 'main/master' into HEAD 2021-02-08 14:17:51 +03:00
Eric Kilmer
d38c7daa7e
Use 'offsetof' to resolve undefined behavior (#142) 
* Use 'offsetof' to resolve undefined behavior

../pe-parser-library/src/parse.cpp:1821:7: runtime error: member access
within null pointer of type 'typeof (curEnt)' (aka
'peparse::import_dir_entry')

* Fix bad rename
 2020-11-26 12:49:19 -05:00
Eric Kilmer
68297aff83
Fix rotate-left function and caller with large shift number (#143) 
* Fix rotate-left function and caller with large shift number

* Disable MSVC compiler unary minus operator warning
 2020-11-26 12:48:43 -05:00
passthecilantro
327a524de1
Fix #1115 (#139) 
Co-authored-by: William Woodruff <william.woodruff@trailofbits.com>
Co-authored-by: William Woodruff <william@trailofbits.com>
 2020-09-25 15:48:28 -04:00
passthecilantro
a54ea62286
Rename libpe-parser-library -> libpe-parse (#138) 
Co-authored-by: William Woodruff <william@yossarian.net>
 2020-09-23 23:20:49 -04:00
passthecilantro
035679c10b
Disable library warnings by default (#137) 
Fixes #106.
 2020-09-22 21:01:15 -04:00
Nickie S
3996892523
Add ability to parse PE file without backing file (#136) 
* Add ability to parse PE file without backing file

* Add size check

* Fix formatting

* Change buffer size type
 2020-08-06 12:23:32 -04:00
William Woodruff
79a2333a8b
treewide: CI, cmake fixes (#132) 
Massages the pe-parse build into a format that's more accomodating
for vcpkg, in preparation for imminent packaging.
 2020-04-24 13:48:46 -04:00
William Woodruff
8736072cc1
pe-parser-library: Use WinAPI for UTF-16 to UTF-8 (#130) 
* pe-parser-library: Use WinAPI for UTF-16 to UTF-8

If ICU isn't available and we're on C++17 or later, use
the Windows API for Unicode conversion instead of codecvt.
 2020-04-14 10:20:16 -04:00
William Woodruff
8adf31ac97
parse: Sort section list by file offset (#129) 
Closes #128.
 2020-04-08 22:58:30 -04:00
Eric Kilmer
566e4f6f8b
Pass resource by const pointer instead of value (#127) 
* Pass resource by const pointer instead of value

Found/Suggested by LGTM:

This parameter of type resource is 128 bytes - consider passing a const
pointer/reference instead.

* Fix pepy

* resource by reference

* Change other iter* functions to be consistent pass by const reference
 2020-04-06 10:48:33 -04:00
William Woodruff
164666cb5b
parse: Fix small memory leak (#124) 2020-04-04 23:36:28 -04:00
William Woodruff
2bf8ad917e
parse: Fix DIR_SECURITY data directory retrieval (#122) 
* parse: Fix DIR_SECURITY data directory retrieval

Fixes #121.

* parse: Fix variables

* parse: Add MSDN link for DIR_SECURITY special case
 2020-03-30 10:04:57 -04:00
William Woodruff
c0208d643f
CMakeLists: Fix message() (#119) 2020-03-27 17:33:33 -04:00
William Woodruff
84d990dd53
nt-headers: Add IMAGE_DLLCHARACTERISTICS constants (#118) 
* nt-headers: Add IMAGE_DLLCHARACTERISTICS constants

Like the other Win32 constants, these are guarded by
_PEPARSE_WINDOWS_CONFLICTS.

* nt-headers: Add comment
 2020-03-27 14:48:51 -04:00
William Woodruff
14849a5e66
CMake: Set minimum to 3.12 (#117) 2020-03-27 11:50:36 -04:00
William Woodruff
a27dca9321
CMake: Set minimum to 3.11 (#116) 
This was incorrectly set to 3.7, despite
add_compile_definitions appearing in 3.11.
 2020-03-27 11:42:49 -04:00
Eric Kilmer
50ff34288a
Fix finding version file (#114) 2020-03-26 10:11:13 -04:00
William Woodruff
1dc2c53566
Release 1.0 prep work (#113) 
Co-authored-by: Eric Kilmer <eric.d.kilmer@gmail.com>
 2020-03-17 13:38:56 -04:00
William Woodruff
4b2aa738cb
parse: Handle a potential nullptr from splitBuffer (#110) 
Identified by #109: when parsing the PE sections, we incorrectly
trust that the offset range given to us by each section is valid.

We pass this range to splitBuffer expectly a valid bounded_buffer.

splitBuffer correctly determines that the range is invalid, and
returns a nullptr to indicate failure.

We fail to check for that nullptr in getSections, resulting in
an eventual segfault by null dereference when we attempt to
reference the invalid section.

This commit adds a check for that nullptr and causes getSections
to return false. This is then propagated as an invalid
section error.

Example:

```bash
/app/pe-parse # /usr/bin/dump-pe /tmp/test1.exe
Error: 3 (Invalid section)
Location: ParsePEFromFile:2380
```

Fixes #109.
 2020-03-09 12:47:16 -04:00
a.yankovich
d7fa0b2d4b Merge remote-tracking branch 'rem/master' 2019-12-23 18:37:16 +03:00
Stefan Siegfried
bd68ba418f Populate Rich header version strings (#94) 2019-11-16 17:45:55 +01:00
Jonas Kvinge
ea3970c9a0 Fix PEPARSE_INCLUDE_DIR for cross-compiling (#101) 2019-11-09 19:19:34 -05:00
William Woodruff
fe719c9b87
pe-parser-library, dump-pe: Windows.h accommodations (#99) 
Makes it easier to use pe-parse in a translation unit where
Windows.h is also included.
 2019-10-27 21:36:27 -04:00
William Woodruff
67a09499bf
parse: Fix unsafe cast (#96) 
* parse: Fix unsafe cast

* parse: Fix uninitialized warning

This is a false positive from cl.exe's /W4: We only
use this variable in a branch where it ends up initialized.
 2019-10-24 01:15:56 -04:00
William Woodruff
40987e1f7e
pe-parser-library: Fix GetDataDirectoryEntry (#95) 
* pe-parser-library: Fix GetDataDirectoryEntry

Avoids UB.

* pe-parser-library: clang-format

* pe-parser-library: Use ref
 2019-10-21 19:51:41 -04:00
William Woodruff
b3ab75577d
parse: Remove debug print 2019-10-21 12:18:18 -04:00
William Woodruff
2c775e5d6a
Directory entry retrieval (#90) 
* pe-parser-library: Directory entry extraction

Also runs clang-format on all library files.

* dump-pe: Refactor, clang-format

* pe-parser-library: Use enum for directory kinds

* travis: Refactor

* travis: Fixup stages

* travis: Fix matrix

* examples, pe-parser-library, pepy: clang-format

* travis: Use minimal for lint

* travis: Use find

* clang-format: Remove old option

* travis: More experimentation

* travis: Move addons

* travis: Remove coverity

* travis: Hackery

* travis: Move addons up

* .travis: clang-format-8

* examples: clang-format

* travis: Fix homebrew

* CONTRIBUTING: Add contrib guidelines

* travis: Build python ext, reenable coverity

Remove old build files.

* travis: Re-add coverity secret

* travis: Build with coverity in a separate dir
 2019-10-21 09:00:54 -04:00
a.yankovich
b69a5fdcbb Merge remote-tracking branch 'r/master' 2019-10-16 12:01:56 +03:00
Stefan Siegfried
1544c61c38 Initial impl. of Rich header parser. (#89) 
* Initial impl. of Rich header parser. Closes trailofbits/pe-parse#83

* Fix const correctness per @woodruffw PR review
 2019-10-14 15:57:54 -04:00
Jack Williams
6ee67f63e1 Icu and codecvt 2 (#88) 
* Support for Windows codecvt and icu4c

* Add dependency for Travis

* Update README

* Fix codecvt build for linux

* Fix linux builds

* Fix copyright
 2019-09-16 20:59:24 -04:00
redfast00
fece2ae3de Fix 'type qualifiers ignored on cast result type' warning (#85) 2019-08-29 14:19:24 -04:00
Andrei
7138bb218a Merge branch 'master' of https://github.com/QuasarApp/pe-parse.git; branch 'master' of https://github.com/QuasarApp/pe-parse 2019-04-07 00:00:06 +03:00
Andrei
bdfc248244 fix git ignore 2019-04-06 23:59:48 +03:00
EndrII
2674c08364 remove worning log 2019-04-06 14:39:14 +03:00
a.yankovich
cc1c28adc3 remove qt dependencies 2019-03-25 15:34:26 +03:00
a.yankovich
e2aa74a854 qmake support added 2019-03-25 15:27:06 +03:00
EndrII
59c4c1c0de added support for qmake 2019-03-23 20:39:36 +03:00
Jack Williams
724247d321 Goodness for dump-pe utility (#80) 2018-10-16 17:37:48 -04:00
Jack Williams
a8f7da7a2b More Windows compatibility (#75) 
* Attempt to make setup.py more platform independent

* Fix markdown

* Fix cmake config for pre-Windows 10 installations

* Fix Travis build
 2018-09-27 10:05:12 -04:00
Jack Williams
766b183a1b Explicit use of std namespace, prefer std::vector over std::list, never use std::endl (#74) 2018-09-24 11:10:29 -04:00
William Woodruff
78869e5337
cmake: Bump minimum version to 3.7 (#78) 2018-09-21 17:29:29 -04:00
William Woodruff
697714b379
parse: Limit resource table recursion to 3 levels (#77) 2018-09-21 11:06:08 -04:00
William Woodruff
0f740c43ab
buffer, parse: Fix overread on {d,q,}words 
When read 2, 4, or 8 bytes from a bounded_buffer, we only
checked to see if the offset, not the whole span, was in bounds.

This results in an arbitrary memory read of up to 1, 3, or 7 bytes
when the offset is aligned with the very end of the buffer.
 2018-09-20 10:57:22 -04:00
Jack Williams
6fa093aa42 Minor update to machine and subsytem constants (#72) 2018-09-05 15:22:05 +02:00
Jack Williams
2664eec5f6 Add machine and subsytem to-string methods (#71) 
* Add machine and subsytem enums and to-string methods

* Minor fix
 2018-08-31 17:44:22 +02:00