mirror of
https://github.com/QuasarApp/pe-parse.git
synced 2025-04-28 13:24:32 +00:00
0d0ca1861c
- CMake: Refactor, added more warnings. - Refactor - Added Windows support - Added a missing include file for linux. - Do not set CMAKE_CXX_STANDARD on Windows - Always initialize the stat struct - CMake: update the required version, request C++11, disable GNU extensions - CMake: Add default switch cases, fix GCC warnings. - Prefer assignment from an empty object when initializing
312 lines
6.4 KiB
C++
312 lines
6.4 KiB
C++
/*
|
|
The MIT License (MIT)
|
|
|
|
Copyright (c) 2013 Andrew Ruef
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
in the Software without restriction, including without limitation the rights
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
The above copyright notice and this permission notice shall be included in
|
|
all copies or substantial portions of the Software.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
THE SOFTWARE.
|
|
*/
|
|
|
|
#include "parse.h"
|
|
|
|
#include <cstring>
|
|
#include <fstream>
|
|
|
|
#ifdef WIN32
|
|
#include <intrin.h>
|
|
#include <windows.h>
|
|
#else
|
|
#include <fcntl.h>
|
|
#include <sys/mman.h>
|
|
#include <sys/stat.h>
|
|
#include <unistd.h>
|
|
#endif
|
|
|
|
namespace {
|
|
|
|
inline std::uint16_t byteSwapUint16(std::uint16_t val) {
|
|
#if defined(_MSC_VER) || defined(_MSC_FULL_VER)
|
|
return _byteswap_ushort(val);
|
|
#else
|
|
return __builtin_bswap16(val);
|
|
#endif
|
|
}
|
|
|
|
inline std::uint32_t byteSwapUint32(std::uint32_t val) {
|
|
#if defined(_MSC_VER) || defined(_MSC_FULL_VER)
|
|
return _byteswap_ulong(val);
|
|
#else
|
|
return __builtin_bswap32(val);
|
|
#endif
|
|
}
|
|
|
|
inline uint64_t byteSwapUint64(std::uint64_t val) {
|
|
#if defined(_MSC_VER) || defined(_MSC_FULL_VER)
|
|
return _byteswap_uint64(val);
|
|
#else
|
|
return __builtin_bswap64(val);
|
|
#endif
|
|
}
|
|
|
|
} // anonymous namespace
|
|
|
|
namespace peparse {
|
|
|
|
extern std::uint32_t err;
|
|
extern std::string err_loc;
|
|
|
|
struct buffer_detail {
|
|
#ifdef WIN32
|
|
HANDLE file;
|
|
HANDLE sec;
|
|
#else
|
|
int fd;
|
|
#endif
|
|
};
|
|
|
|
bool readByte(bounded_buffer *b, std::uint32_t offset, std::uint8_t &out) {
|
|
if (b == nullptr) {
|
|
return false;
|
|
}
|
|
|
|
if (offset >= b->bufLen) {
|
|
return false;
|
|
}
|
|
|
|
std::uint8_t *tmp = (b->buf + offset);
|
|
out = *tmp;
|
|
|
|
return true;
|
|
}
|
|
|
|
bool readWord(bounded_buffer *b, std::uint32_t offset, std::uint16_t &out) {
|
|
if (b == nullptr) {
|
|
return false;
|
|
}
|
|
|
|
if (offset >= b->bufLen) {
|
|
return false;
|
|
}
|
|
|
|
std::uint16_t *tmp = reinterpret_cast<std::uint16_t *>(b->buf + offset);
|
|
if (b->swapBytes) {
|
|
out = byteSwapUint16(*tmp);
|
|
} else {
|
|
out = *tmp;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bool readDword(bounded_buffer *b, std::uint32_t offset, std::uint32_t &out) {
|
|
if (b == nullptr) {
|
|
return false;
|
|
}
|
|
|
|
if (offset >= b->bufLen) {
|
|
return false;
|
|
}
|
|
|
|
std::uint32_t *tmp = reinterpret_cast<std::uint32_t *>(b->buf + offset);
|
|
if (b->swapBytes) {
|
|
out = byteSwapUint32(*tmp);
|
|
} else {
|
|
out = *tmp;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bool readQword(bounded_buffer *b, std::uint32_t offset, std::uint64_t &out) {
|
|
if (b == nullptr) {
|
|
return false;
|
|
}
|
|
|
|
if (offset >= b->bufLen) {
|
|
return false;
|
|
}
|
|
|
|
std::uint64_t *tmp = reinterpret_cast<std::uint64_t *>(b->buf + offset);
|
|
if (b->swapBytes) {
|
|
out = byteSwapUint64(*tmp);
|
|
} else {
|
|
out = *tmp;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bounded_buffer *readFileToFileBuffer(const char *filePath) {
|
|
#ifdef WIN32
|
|
HANDLE h = CreateFileA(filePath,
|
|
GENERIC_READ,
|
|
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
|
|
nullptr,
|
|
OPEN_EXISTING,
|
|
FILE_ATTRIBUTE_NORMAL,
|
|
nullptr);
|
|
if (h == INVALID_HANDLE_VALUE) {
|
|
return nullptr;
|
|
}
|
|
|
|
DWORD fileSize = GetFileSize(h, nullptr);
|
|
|
|
if (fileSize == INVALID_FILE_SIZE) {
|
|
CloseHandle(h);
|
|
return nullptr;
|
|
}
|
|
|
|
#else
|
|
// only where we have mmap / open / etc
|
|
int fd = open(filePath, O_RDONLY);
|
|
|
|
if (fd == -1) {
|
|
PE_ERR(PEERR_OPEN);
|
|
return nullptr;
|
|
}
|
|
#endif
|
|
|
|
// make a buffer object
|
|
bounded_buffer *p = new (std::nothrow) bounded_buffer();
|
|
if (p == nullptr) {
|
|
PE_ERR(PEERR_MEM);
|
|
return nullptr;
|
|
}
|
|
|
|
memset(p, 0, sizeof(bounded_buffer));
|
|
buffer_detail *d = new (std::nothrow) buffer_detail();
|
|
|
|
if (d == nullptr) {
|
|
delete p;
|
|
PE_ERR(PEERR_MEM);
|
|
return nullptr;
|
|
}
|
|
memset(d, 0, sizeof(buffer_detail));
|
|
p->detail = d;
|
|
|
|
// only where we have mmap / open / etc
|
|
#ifdef WIN32
|
|
p->detail->file = h;
|
|
|
|
HANDLE hMap = CreateFileMapping(h, nullptr, PAGE_READONLY, 0, 0, nullptr);
|
|
|
|
if (hMap == nullptr) {
|
|
CloseHandle(h);
|
|
PE_ERR(PEERR_MEM);
|
|
return nullptr;
|
|
}
|
|
|
|
p->detail->sec = hMap;
|
|
|
|
LPVOID ptr = MapViewOfFile(hMap, FILE_MAP_READ, 0, 0, 0);
|
|
|
|
if (ptr == nullptr) {
|
|
PE_ERR(PEERR_MEM);
|
|
return nullptr;
|
|
}
|
|
|
|
p->buf = (::uint8_t *) ptr;
|
|
p->bufLen = fileSize;
|
|
#else
|
|
p->detail->fd = fd;
|
|
|
|
struct stat s;
|
|
memset(&s, 0, sizeof(struct stat));
|
|
|
|
if (fstat(fd, &s) != 0) {
|
|
close(fd);
|
|
delete d;
|
|
delete p;
|
|
PE_ERR(PEERR_STAT);
|
|
return nullptr;
|
|
}
|
|
|
|
void *maddr = mmap(nullptr,
|
|
static_cast<std::size_t>(s.st_size),
|
|
PROT_READ,
|
|
MAP_SHARED,
|
|
fd,
|
|
0);
|
|
|
|
if (maddr == MAP_FAILED) {
|
|
close(fd);
|
|
delete d;
|
|
delete p;
|
|
PE_ERR(PEERR_MEM);
|
|
return nullptr;
|
|
}
|
|
|
|
p->buf = reinterpret_cast<std::uint8_t *>(maddr);
|
|
p->bufLen = static_cast<std::uint32_t>(s.st_size);
|
|
#endif
|
|
p->copy = false;
|
|
p->swapBytes = false;
|
|
|
|
return p;
|
|
}
|
|
|
|
// split buffer inclusively from from to to by offset
|
|
bounded_buffer *
|
|
splitBuffer(bounded_buffer *b, std::uint32_t from, std::uint32_t to) {
|
|
if (b == nullptr) {
|
|
return nullptr;
|
|
}
|
|
|
|
// safety checks
|
|
if (to < from || to > b->bufLen) {
|
|
return nullptr;
|
|
}
|
|
|
|
// make a new buffer
|
|
auto newBuff = new (std::nothrow) bounded_buffer();
|
|
if (newBuff == nullptr) {
|
|
return nullptr;
|
|
}
|
|
|
|
newBuff->copy = true;
|
|
newBuff->buf = b->buf + from;
|
|
newBuff->bufLen = (to - from);
|
|
|
|
return newBuff;
|
|
}
|
|
|
|
void deleteBuffer(bounded_buffer *b) {
|
|
if (b == nullptr) {
|
|
return;
|
|
}
|
|
|
|
if (!b->copy) {
|
|
#ifdef WIN32
|
|
UnmapViewOfFile(b->buf);
|
|
CloseHandle(b->detail->sec);
|
|
CloseHandle(b->detail->file);
|
|
#else
|
|
munmap(b->buf, b->bufLen);
|
|
close(b->detail->fd);
|
|
#endif
|
|
}
|
|
|
|
delete b->detail;
|
|
delete b;
|
|
}
|
|
|
|
std::uint64_t bufLen(bounded_buffer *b) {
|
|
return b->bufLen;
|
|
}
|
|
} // namespace peparse
|