OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef COURGETTE_IMAGE_INFO_H_ |
| 6 #define COURGETTE_IMAGE_INFO_H_ |
| 7 |
| 8 #include <string> |
| 9 #include <vector> |
| 10 |
| 11 #include "base/basictypes.h" |
| 12 |
| 13 namespace courgette { |
| 14 |
| 15 // A Relative Virtual Address is the address in the image file after it is |
| 16 // loaded into memory relative to the image load address. |
| 17 typedef uint32 RVA; |
| 18 |
| 19 // PE file section header. This struct has the same layout as the |
| 20 // IMAGE_SECTION_HEADER structure from WINNT.H |
| 21 // http://msdn.microsoft.com/en-us/library/ms680341(VS.85).aspx |
| 22 // |
| 23 #pragma pack(push, 1) // Supported by MSVC and GCC. Ensures no gaps in packing. |
| 24 struct Section { |
| 25 char name[8]; |
| 26 uint32 virtual_size; |
| 27 uint32 virtual_address; |
| 28 uint32 size_of_raw_data; |
| 29 uint32 file_offset_of_raw_data; |
| 30 uint32 pointer_to_relocations; // Always zero in an image. |
| 31 uint32 pointer_to_line_numbers; // Always zero in an image. |
| 32 uint16 number_of_relocations; // Always zero in an image. |
| 33 uint16 number_of_line_numbers; // Always zero in an image. |
| 34 uint32 characteristics; |
| 35 }; |
| 36 #pragma pack(pop) |
| 37 |
| 38 COMPILE_ASSERT(sizeof(Section) == 40, section_is_40_bytes); |
| 39 |
| 40 // Returns the name of a section, solving the problem that the name is not |
| 41 // always properly NUL-terminated. Used only for debugging. |
| 42 std::string SectionName(const Section* section); |
| 43 |
| 44 // ImageDataDirectory has same layout as IMAGE_DATA_DIRECTORY structure from |
| 45 // WINNT.H |
| 46 // http://msdn.microsoft.com/en-us/library/ms680305(VS.85).aspx |
| 47 // |
| 48 class ImageDataDirectory { |
| 49 public: |
| 50 ImageDataDirectory() : address_(0), size_(0) {} |
| 51 RVA address_; |
| 52 uint32 size_; |
| 53 }; |
| 54 |
| 55 COMPILE_ASSERT(sizeof(ImageDataDirectory) == 8, |
| 56 image_data_directory_is_8_bytes); |
| 57 |
| 58 // |
| 59 // PEInfo holds information about a single Windows 'Portable Executable' format |
| 60 // file in the on-disk format. |
| 61 // |
| 62 // Imagine you had concatenated a bunch of 'original' files into one 'big' |
| 63 // file and read the big file into memory. You could find the executables |
| 64 // from the original files by calling PEInfo::Init with different addresses. |
| 65 // If PEInfo::TryParseHeader returns true, then Init was passed the address |
| 66 // of the first byte of one of the original executables, and PEIinfo::length |
| 67 // will tell how long the file was. |
| 68 // |
| 69 class PEInfo { |
| 70 public: |
| 71 PEInfo(); |
| 72 |
| 73 // ok() may always be called but returns 'true' only after ParseHeader |
| 74 // succeeds. |
| 75 bool ok() const { return failure_reason_ == NULL; } |
| 76 |
| 77 // Initialize with buffer. This just sets up the region of memory that |
| 78 // potentially contains the bytes from an executable file. The caller |
| 79 // continues to own 'start'. |
| 80 void Init(const void* start, size_t length); |
| 81 |
| 82 // Returns 'true' if the buffer appears to point to a Windows 32 bit |
| 83 // executable, 'false' otherwise. If ParseHeader() succeeds, other member |
| 84 // functions may be called. |
| 85 bool ParseHeader(); |
| 86 |
| 87 // Returns 'true' if the base relocation table can be parsed. |
| 88 // Output is a vector of the RVAs corresponding to locations within executable |
| 89 // that are listed in the base relocation table. |
| 90 bool ParseRelocs(std::vector<RVA> *addresses); |
| 91 |
| 92 // Returns the length of the image. Valid only if ParseHeader succeeded. |
| 93 uint32 length() const { return file_length_; } |
| 94 |
| 95 bool has_text_section() const { return has_text_section_; } |
| 96 |
| 97 uint32 size_of_code() const { return size_of_code_; } |
| 98 |
| 99 bool is_32bit() const { return !is_PE32_plus_; } |
| 100 |
| 101 // Most addresses are represented as 32-bit RVAs. The one address we can't |
| 102 // do this with is the image base address. 'image_base' is valid only for |
| 103 // 32-bit executables. 'image_base_64' is valid for 32- and 64-bit executable. |
| 104 uint32 image_base() const { return static_cast<uint32>(image_base_); } |
| 105 uint64 image_base_64() const { return image_base_; } |
| 106 |
| 107 const ImageDataDirectory& base_relocation_table() const { |
| 108 return base_relocation_table_; |
| 109 } |
| 110 |
| 111 bool IsValidRVA(RVA rva) const { return rva < size_of_image_; } |
| 112 |
| 113 // Returns description of the RVA, e.g. ".text+0x1243". For debugging only. |
| 114 std::string DescribeRVA(RVA rva) const; |
| 115 |
| 116 // Returns a pointer into the memory copy of the file format. |
| 117 // FileOffsetToPointer(0) returns a pointer to the start of the file format. |
| 118 const uint8* FileOffsetToPointer(uint32 offset) const { |
| 119 return start_ + offset; |
| 120 } |
| 121 |
| 122 // Finds the first section at file_offset or above. |
| 123 const Section* FindNextSection(uint32 file_offset) const; |
| 124 // Returns Section containing the relative virtual address, or NULL if none. |
| 125 const Section* RVAToSection(RVA rva) const; |
| 126 |
| 127 // There are 2 'coordinate systems' for reasoning about executables. |
| 128 // FileOffset - the the offset within a single .EXE or .DLL *file*. |
| 129 // RVA - relative virtual address (offset within *loaded image*) |
| 130 // FileOffsetToRVA and RVAToFileOffset convert between these representations. |
| 131 |
| 132 RVA FileOffsetToRVA(uint32 offset) const; |
| 133 |
| 134 static const int kNoOffset = -1; |
| 135 // Returns kNoOffset if there is no file offset corresponding to 'rva'. |
| 136 int RVAToFileOffset(RVA rva) const; |
| 137 |
| 138 // Returns same as FileOffsetToPointer(RVAToFileOffset(rva)) except that NULL |
| 139 // is returned if there is no file offset corresponding to 'rva'. |
| 140 const uint8* RVAToPointer(RVA rva) const; |
| 141 |
| 142 protected: |
| 143 // |
| 144 // Fields that are always valid. |
| 145 // |
| 146 const char* failure_reason_; |
| 147 |
| 148 // |
| 149 // Basic information that is always valid after Init. |
| 150 // |
| 151 const uint8* start_; // In current memory, base for 'file offsets'. |
| 152 const uint8* end_; // In current memory. |
| 153 unsigned int length_; // In current memory. |
| 154 |
| 155 // |
| 156 // Information that is valid after successful ParseHeader. |
| 157 // |
| 158 bool is_PE32_plus_; // PE32_plus is for 64 bit executables. |
| 159 uint32 file_length_; |
| 160 |
| 161 // Location and size of IMAGE_OPTIONAL_HEADER in the buffer. |
| 162 const uint8 *optional_header_; |
| 163 uint16 size_of_optional_header_; |
| 164 uint16 offset_of_data_directories_; |
| 165 |
| 166 uint16 machine_type_; |
| 167 uint16 number_of_sections_; |
| 168 const Section *sections_; |
| 169 bool has_text_section_; |
| 170 |
| 171 uint32 size_of_code_; |
| 172 uint32 size_of_initialized_data_; |
| 173 uint32 size_of_uninitialized_data_; |
| 174 RVA base_of_code_; |
| 175 RVA base_of_data_; |
| 176 |
| 177 uint64 image_base_; // range limited to 32 bits for 32 bit executable |
| 178 uint32 size_of_image_; |
| 179 int number_of_data_directories_; |
| 180 |
| 181 ImageDataDirectory export_table_; |
| 182 ImageDataDirectory import_table_; |
| 183 ImageDataDirectory resource_table_; |
| 184 ImageDataDirectory exception_table_; |
| 185 ImageDataDirectory base_relocation_table_; |
| 186 ImageDataDirectory bound_import_table_; |
| 187 ImageDataDirectory import_address_table_; |
| 188 ImageDataDirectory delay_import_descriptor_; |
| 189 ImageDataDirectory clr_runtime_header_; |
| 190 |
| 191 private: |
| 192 bool ReadDataDirectory(int index, ImageDataDirectory* dir); |
| 193 bool Bad(const char *reason); |
| 194 |
| 195 DISALLOW_COPY_AND_ASSIGN(PEInfo); |
| 196 }; |
| 197 |
| 198 } // namespace |
| 199 #endif // COURGETTE_IMAGE_INFO_H_ |
OLD | NEW |