summaryrefslogtreecommitdiff
path: root/plugins/pe/pe_def.h
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2024-11-24 07:56:28 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2024-11-24 07:56:28 (GMT)
commit461f42dd8eb8b1932c11364d9d15367eeb294848 (patch)
treefd40ede6c00be9fe33feac4242fc4e5903296d62 /plugins/pe/pe_def.h
parent31c235f145189fe146f9374d6826927de5964a07 (diff)
Restore and improve the support for PE files.
Diffstat (limited to 'plugins/pe/pe_def.h')
-rw-r--r--plugins/pe/pe_def.h55
1 files changed, 28 insertions, 27 deletions
diff --git a/plugins/pe/pe_def.h b/plugins/pe/pe_def.h
index 62b4607..4812897 100644
--- a/plugins/pe/pe_def.h
+++ b/plugins/pe/pe_def.h
@@ -31,6 +31,7 @@
/**
* Références :
*
+ * - https://learn.microsoft.com/en-us/windows/win32/debug/pe-format
* - https://fr.wikipedia.org/wiki/Portable_Executable#En-tête_MZ_sous_MS-DOS
* - https://www.nirsoft.net/kernel_struct/vista/IMAGE_DOS_HEADER.html
*
@@ -42,7 +43,7 @@
/* En-tête DOS */
-typedef struct _image_dos_header
+typedef struct _image_dos_header_t
{
uint16_t e_magic; /* Numéro magique */
uint16_t e_cblp; /* Octets de la dernière page */
@@ -64,7 +65,7 @@ typedef struct _image_dos_header
uint16_t e_res2[10]; /* Mots réservés */
uint32_t e_lfanew; /* Décalage de bon en-tête */
-} image_dos_header;
+} image_dos_header_t;
/* Archtectures supportées */
@@ -123,7 +124,7 @@ typedef struct _image_dos_header
#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 /* Octets inv. ; obsolète */
/* Première en-tête du "vrai" format */
-typedef struct _image_file_header
+typedef struct _image_file_header_t
{
uint16_t machine; /* Type de machine visée */
uint16_t number_of_sections; /* Nombre de sections */
@@ -133,7 +134,7 @@ typedef struct _image_file_header
uint16_t size_of_optional_header; /* Taille de l'en-tête n°2 */
uint16_t characteristics; /* Propriétés de l'image */
-} image_file_header;
+} image_file_header_t;
@@ -148,12 +149,12 @@ typedef struct _image_file_header
*/
/* Zone de données Windows */
-typedef struct _image_data_directory
+typedef struct _image_data_directory_t
{
uint32_t virtual_address; /* Adresse de la table */
uint32_t size; /* Taille de la table */
-} image_data_directory;
+} image_data_directory_t;
// Directory Entries
#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory
@@ -182,7 +183,7 @@ typedef struct _image_data_directory
/* Seconde en-tête, optionnelle */
-typedef struct _image_optional_header_32
+typedef struct _image_optional_header_32_t
{
uint16_t magic; /* Type de binaire manipulé */
uint8_t major_linker_version; /* Version majeure du linker */
@@ -214,11 +215,11 @@ typedef struct _image_optional_header_32
uint32_t size_of_heap_commit; /* Taille de tas au démarrage */
uint32_t loader_flags; /* Champ obslète */
uint32_t number_of_rva_and_sizes; /* Nombre d'entrées suivantes */
- image_data_directory data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
+ image_data_directory_t data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
-} image_optional_header_32;
+} image_optional_header_32_t;
-typedef struct _image_optional_header_64
+typedef struct _image_optional_header_64_t
{
uint16_t magic; /* Type de binaire manipulé */
@@ -250,16 +251,16 @@ typedef struct _image_optional_header_64
uint64_t size_of_heap_commit; /* Taille de tas au démarrage */
uint32_t loader_flags; /* Champ obslète */
uint32_t number_of_rva_and_sizes; /* Nombre d'entrées suivantes */
- image_data_directory data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
+ image_data_directory_t data_directory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
-} image_optional_header_64;
+} image_optional_header_64_t;
-typedef union _image_optional_header
+typedef union _image_optional_header_t
{
- image_optional_header_32 header_32; /* Version 32 bits */
- image_optional_header_64 header_64; /* Version 64 bits */
+ image_optional_header_32_t header_32; /* Version 32 bits */
+ image_optional_header_64_t header_64; /* Version 64 bits */
-} image_optional_header;
+} image_optional_header_t;
@@ -302,13 +303,13 @@ typedef union _image_optional_header
/* Résumé global */
-typedef struct _image_nt_headers
+typedef struct _image_nt_headers_t
{
uint32_t signature; /* Numéro magique */
- image_file_header file_header; /* En-tête n°1 */
- image_optional_header optional_header; /* En-tête n°2 */
+ image_file_header_t file_header; /* En-tête n°1 */
+ image_optional_header_t optional_header;/* En-tête n°2 */
-} image_nt_headers;
+} image_nt_headers_t;
@@ -322,7 +323,7 @@ typedef struct _image_nt_headers
#define IMAGE_SIZEOF_SHORT_NAME 8
/* Description d'une section */
-typedef struct _image_section_header
+typedef struct _image_section_header_t
{
char name[IMAGE_SIZEOF_SHORT_NAME]; /* Nom de la section */
@@ -331,7 +332,7 @@ typedef struct _image_section_header
uint32_t physical_address; /* Adresse physique */
uint32_t virtual_size; /* Taille en mémoire */
- } misc;
+ };
uint32_t virtual_address; /* Adresse en mémoire */
uint32_t size_of_raw_data; /* Taille de données définies */
@@ -342,7 +343,7 @@ typedef struct _image_section_header
uint16_t number_of_line_numbers; /* Quantité de numéros de ligne*/
uint32_t characteristics; /* Caractéristiques */
-} image_section_header;
+} image_section_header_t;
/* Détails des caractéristiques d'une image (champ 'characteristics') */
#define IMAGE_SCN_UNKNOWN_0 0x00000000 /* Réservé */
@@ -400,7 +401,7 @@ typedef struct _image_section_header
*/
/* Répertoire des importations */
-typedef struct _image_export_directory
+typedef struct _image_export_directory_t
{
uint32_t characteristics; /* Zéro !? */
uint32_t time_date_stamp; /* Date de création du fichier */
@@ -414,7 +415,7 @@ typedef struct _image_export_directory
uint32_t address_of_names; /* Liste de RVA de noms */
uint32_t address_of_name_ordinals; /* Liste de RVA d'ordinaux */
-} image_export_directory;
+} image_export_directory_t;
/**
@@ -427,7 +428,7 @@ typedef struct _image_export_directory
*/
/* Point de départ de la chaîne des importations */
-typedef struct _image_import_descriptor
+typedef struct _image_import_descriptor_t
{
uint32_t original_first_thunk;
uint32_t time_date_stamp;
@@ -435,7 +436,7 @@ typedef struct _image_import_descriptor
uint32_t module_name;
uint32_t first_thunk;
-} image_import_descriptor;
+} image_import_descriptor_t;