diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2024-11-24 07:56:28 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2024-11-24 07:56:28 (GMT) |
commit | 461f42dd8eb8b1932c11364d9d15367eeb294848 (patch) | |
tree | fd40ede6c00be9fe33feac4242fc4e5903296d62 /plugins/pe/pe_def.h | |
parent | 31c235f145189fe146f9374d6826927de5964a07 (diff) |
Restore and improve the support for PE files.
Diffstat (limited to 'plugins/pe/pe_def.h')
-rw-r--r-- | plugins/pe/pe_def.h | 55 |
1 files changed, 28 insertions, 27 deletions
diff --git a/plugins/pe/pe_def.h b/plugins/pe/pe_def.h index 62b4607..4812897 100644 --- a/plugins/pe/pe_def.h +++ b/plugins/pe/pe_def.h @@ -31,6 +31,7 @@ /** * Références : * + * - https://learn.microsoft.com/en-us/windows/win32/debug/pe-format * - https://fr.wikipedia.org/wiki/Portable_Executable#En-tête_MZ_sous_MS-DOS * - https://www.nirsoft.net/kernel_struct/vista/IMAGE_DOS_HEADER.html * @@ -42,7 +43,7 @@ /* En-tête DOS */ -typedef struct _image_dos_header +typedef struct _image_dos_header_t { uint16_t e_magic; /* Numéro magique */ uint16_t e_cblp; /* Octets de la dernière page */ @@ -64,7 +65,7 @@ typedef struct _image_dos_header uint16_t e_res2[10]; /* Mots réservés */ uint32_t e_lfanew; /* Décalage de bon en-tête */ -} image_dos_header; +} image_dos_header_t; /* Archtectures supportées */ @@ -123,7 +124,7 @@ typedef struct _image_dos_header #define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 /* Octets inv. ; obsolète */ /* Première en-tête du "vrai" format */ -typedef struct _image_file_header +typedef struct _image_file_header_t { uint16_t machine; /* Type de machine visée */ uint16_t number_of_sections; /* Nombre de sections */ @@ -133,7 +134,7 @@ typedef struct _image_file_header uint16_t size_of_optional_header; /* Taille de l'en-tête n°2 */ uint16_t characteristics; /* Propriétés de l'image */ -} image_file_header; +} image_file_header_t; @@ -148,12 +149,12 @@ typedef struct _image_file_header */ /* Zone de données Windows */ -typedef struct _image_data_directory +typedef struct _image_data_directory_t { uint32_t virtual_address; /* Adresse de la table */ uint32_t size; /* Taille de la table */ -} image_data_directory; +} image_data_directory_t; // Directory Entries #define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory @@ -182,7 +183,7 @@ typedef struct _image_data_directory /* Seconde en-tête, optionnelle */ -typedef struct _image_optional_header_32 +typedef struct _image_optional_header_32_t { uint16_t magic; /* Type de binaire manipulé */ uint8_t major_linker_version; /* Version majeure du linker */ @@ -214,11 +215,11 @@ typedef struct _image_optional_header_32 uint32_t size_of_heap_commit; /* Taille de tas au démarrage */ uint32_t loader_flags; /* Champ obslète */ uint32_t number_of_rva_and_sizes; /* Nombre d'entrées suivantes */ - image_data_directory data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; + image_data_directory_t data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; -} image_optional_header_32; +} image_optional_header_32_t; -typedef struct _image_optional_header_64 +typedef struct _image_optional_header_64_t { uint16_t magic; /* Type de binaire manipulé */ @@ -250,16 +251,16 @@ typedef struct _image_optional_header_64 uint64_t size_of_heap_commit; /* Taille de tas au démarrage */ uint32_t loader_flags; /* Champ obslète */ uint32_t number_of_rva_and_sizes; /* Nombre d'entrées suivantes */ - image_data_directory data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; + image_data_directory_t data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; -} image_optional_header_64; +} image_optional_header_64_t; -typedef union _image_optional_header +typedef union _image_optional_header_t { - image_optional_header_32 header_32; /* Version 32 bits */ - image_optional_header_64 header_64; /* Version 64 bits */ + image_optional_header_32_t header_32; /* Version 32 bits */ + image_optional_header_64_t header_64; /* Version 64 bits */ -} image_optional_header; +} image_optional_header_t; @@ -302,13 +303,13 @@ typedef union _image_optional_header /* Résumé global */ -typedef struct _image_nt_headers +typedef struct _image_nt_headers_t { uint32_t signature; /* Numéro magique */ - image_file_header file_header; /* En-tête n°1 */ - image_optional_header optional_header; /* En-tête n°2 */ + image_file_header_t file_header; /* En-tête n°1 */ + image_optional_header_t optional_header;/* En-tête n°2 */ -} image_nt_headers; +} image_nt_headers_t; @@ -322,7 +323,7 @@ typedef struct _image_nt_headers #define IMAGE_SIZEOF_SHORT_NAME 8 /* Description d'une section */ -typedef struct _image_section_header +typedef struct _image_section_header_t { char name[IMAGE_SIZEOF_SHORT_NAME]; /* Nom de la section */ @@ -331,7 +332,7 @@ typedef struct _image_section_header uint32_t physical_address; /* Adresse physique */ uint32_t virtual_size; /* Taille en mémoire */ - } misc; + }; uint32_t virtual_address; /* Adresse en mémoire */ uint32_t size_of_raw_data; /* Taille de données définies */ @@ -342,7 +343,7 @@ typedef struct _image_section_header uint16_t number_of_line_numbers; /* Quantité de numéros de ligne*/ uint32_t characteristics; /* Caractéristiques */ -} image_section_header; +} image_section_header_t; /* Détails des caractéristiques d'une image (champ 'characteristics') */ #define IMAGE_SCN_UNKNOWN_0 0x00000000 /* Réservé */ @@ -400,7 +401,7 @@ typedef struct _image_section_header */ /* Répertoire des importations */ -typedef struct _image_export_directory +typedef struct _image_export_directory_t { uint32_t characteristics; /* Zéro !? */ uint32_t time_date_stamp; /* Date de création du fichier */ @@ -414,7 +415,7 @@ typedef struct _image_export_directory uint32_t address_of_names; /* Liste de RVA de noms */ uint32_t address_of_name_ordinals; /* Liste de RVA d'ordinaux */ -} image_export_directory; +} image_export_directory_t; /** @@ -427,7 +428,7 @@ typedef struct _image_export_directory */ /* Point de départ de la chaîne des importations */ -typedef struct _image_import_descriptor +typedef struct _image_import_descriptor_t { uint32_t original_first_thunk; uint32_t time_date_stamp; @@ -435,7 +436,7 @@ typedef struct _image_import_descriptor uint32_t module_name; uint32_t first_thunk; -} image_import_descriptor; +} image_import_descriptor_t; |