1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
/***************************************************************/
/* perk: PE Resource Kit */
/* Copyright (C) 2015--2017 Z. Gilboa */
/* Released under GPLv2 and GPLv3; see COPYING.PERK. */
/***************************************************************/
#include <stdio.h>
#include <perk/perk.h>
#include <perk/perk_consts.h>
#include <perk/perk_structs.h>
#include <perk/perk_output.h>
#include "perk_driver_impl.h"
#include "perk_hdrdump_impl.h"
#include "perk_dprintf_impl.h"
#include "perk_errinfo_impl.h"
#define PE_ADDR &meta->r_idata[idx]
#define PE_RAW_STRUCT import_hdr
#define PE_OUTPUT(x) PE_OUTPUT_TABLE(x)
static int pe_hdrdump_import_hdr_impl(
const struct pe_driver_ctx * dctx,
const struct pe_image_meta * meta,
int32_t idx)
{
int bits;
uint64_t faddr;
uint64_t vaddr;
char * ch;
char hdr[64];
char buf[8192];
if ((bits = pe_image_bits(meta)) < 0)
return PERK_CUSTOM_ERROR(
dctx,PERK_ERR_UNSUPPORTED_ABI);
/* import header */
sprintf(
hdr,
"struct pe_raw_import_hdr [%d]",
idx);
faddr = (char *)(PE_ADDR) - (char *)meta->r_image.map_addr;
vaddr = meta->m_opt.oh_mem.coh_image_base + meta->m_idata[idx].ih_virtual_addr;
ch = buf;
ch += pe_output_hex_header(
ch,hdr,
faddr,vaddr,bits);
ch += PE_OUTPUT(ih_import_lookup_tbl_rva);
ch += PE_OUTPUT(ih_time_date_stamp);
ch += PE_OUTPUT(ih_forwarder_chain);
ch += PE_OUTPUT(ih_name_rva);
ch += PE_OUTPUT(ih_import_addr_tbl_rva);
ch += pe_output_hex_footer(ch);
/* import name for all but the null header */
if (idx == meta->m_stats.t_nimplibs) {
(void)0;
} else if (meta->m_idata[idx].ih_name_rva) {
sprintf(
hdr,
"struct pe_raw_import_name [%d]",
idx);
faddr = meta->m_idata[idx].ih_name - (char *)meta->r_image.map_addr;
vaddr = meta->m_idata[idx].ih_name_rva;
ch += pe_output_hex_header(
ch,hdr,
faddr,vaddr,bits);
ch += pe_output_raw_element(
ch,
meta->m_idata[idx].ih_name,
"ih_name",0,
strlen(meta->m_idata[idx].ih_name) + 1);
ch += pe_output_hex_footer(ch);
}
*ch = 0;
/* fdout */
if (pe_dprintf(pe_driver_fdout(dctx),"%s",buf) < 0)
return PERK_FILE_ERROR(dctx);
return 0;
}
int pe_hdrdump_import_tbl(
const struct pe_driver_ctx * dctx,
const struct pe_image_meta * meta)
{
int idx;
if (meta->m_stats.t_nimplibs == 0)
return 0;
for (idx=0; idx<=meta->m_stats.t_nimplibs; idx++)
if (pe_hdrdump_import_hdr_impl(dctx,meta,idx) < 0)
return PERK_NESTED_ERROR(dctx);
return 0;
}
|
