76 lines
2.0 KiB
C
76 lines
2.0 KiB
C
/* This file is part of REWise.
|
|
*
|
|
* REWise is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* REWise is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef H_REWISE_PEFILE
|
|
#define H_REWISE_PEFILE
|
|
|
|
#include <stdint.h>
|
|
|
|
// https://github.com/lumbytyci/PExplorer/blob/master/src/pefile.h
|
|
// https://chuongdong.com/reverse%20engineering/2020/08/15/PE-Parser/
|
|
// https://learn.microsoft.com/en-us/windows/win32/debug/pe-format
|
|
// https://wiki.osdev.org/MZ
|
|
// https://wiki.osdev.org/PE
|
|
|
|
typedef struct {
|
|
uint16_t signature; // Should be 'MZ'
|
|
uint16_t extra;
|
|
uint16_t pages;
|
|
uint16_t relocationItems;
|
|
uint16_t headerSize;
|
|
uint16_t minimumAllocation;
|
|
uint16_t maximumAllocation;
|
|
uint16_t initialSs;
|
|
uint16_t initialSp;
|
|
uint16_t checksum;
|
|
uint16_t initialIp;
|
|
uint16_t initialCs;
|
|
uint16_t relocationTable;
|
|
uint16_t overlay;
|
|
uint16_t overlayInformation;
|
|
} MsDosHeader;
|
|
|
|
|
|
typedef struct {
|
|
uint32_t signature;
|
|
uint16_t machine;
|
|
uint16_t numberOfSections;
|
|
uint32_t timeDateStamp;
|
|
uint32_t pointerToSymbolTable;
|
|
uint32_t numberOfSymbols;
|
|
uint16_t optionalHeaderSize;
|
|
uint16_t characteristics;
|
|
} PeFileHeader;
|
|
|
|
|
|
typedef struct {
|
|
char name[8];
|
|
uint32_t virtualSize;
|
|
uint32_t virtualAddress;
|
|
uint32_t rawDataSize;
|
|
uint32_t rawDataLocation;
|
|
uint32_t relocationsLocation;
|
|
uint32_t lineNumbersLocation;
|
|
uint16_t numberOfRelocations;
|
|
uint16_t numberOfLineNumbers;
|
|
uint32_t characteristics;
|
|
} PeImageSectionHeader;
|
|
|
|
|
|
long pefileGetOverlayOffset(const char * filePath);
|
|
|
|
#endif
|