diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2021-04-05 22:59:31 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2021-04-05 23:11:48 (GMT) |
| commit | b0347ca45a08ac63bc6dd6f244b046c6d19a6cdd (patch) | |
| tree | 9af1ec9901ddcf696bd3297633faf9fb46712396 /plugins/pe/rich.h | |
| parent | cf0b5d5f07e8102f2c9a04012bf29cabda9d85e4 (diff) | |
Build a partial working support for the PE format.
Diffstat (limited to 'plugins/pe/rich.h')
| -rw-r--r-- | plugins/pe/rich.h | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/plugins/pe/rich.h b/plugins/pe/rich.h new file mode 100644 index 0000000..c8fb677 --- /dev/null +++ b/plugins/pe/rich.h @@ -0,0 +1,61 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * rich.h - prototypes pour la lecture des informations enrichies d'un format PE + * + * Copyright (C) 2020 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _PLUGINS_PE_RICH_H +#define _PLUGINS_PE_RICH_H + + +#include <stdint.h> + + +#include "format.h" + + + +/* Extrait si elles existant les informations enrichies du PE. */ +void extract_pe_rich_header(GPeFormat *); + +/* Décrit la zone couverte par l'en-tête enrichi du format. */ +bool g_pe_format_get_rich_header_area(const GPeFormat *, mrange_t *); + +/* Présente l'empreinte d'un en-tête enrichi du format chargé. */ +bool g_pe_format_get_rich_header_checksum(const GPeFormat *, uint32_t *); + +/* Présente l'en-tête enrichi du format chargé. */ +uint64_t *g_pe_format_get_rich_header(const GPeFormat *, size_t *); + +/* Identifiants apportés par le compilateur */ +typedef struct _comp_id_t +{ + uint16_t minor_cv; /* Version mineure du compilo */ + uint16_t prod_id; /* Identifiant du type d'objet */ + uint32_t count; /* Nombre d'objets en cause */ + +} comp_id_t; + +/* Présente les identifiants contenues dans l'en-tête enrichi. */ +comp_id_t *g_pe_format_get_comp_ids(const GPeFormat *, size_t *); + + + +#endif /* _PLUGINS_PE_RICH_H */ |