public OSRel(byte[] file, int address)
{
offset = ByteConverter.ToUInt16(file, address);
type = file[address + 2];
section = file[address + 3];
addend = ByteConverter.ToUInt32(file, address + 4);
}
public static uint?SetupEXE(ref byte[] exefile)
{
if (ByteConverter.ToUInt16(exefile, 0) != 0x5A4D)
{
return(null);
}
int ptr = ByteConverter.ToInt32(exefile, 0x3c);
if (ByteConverter.ToInt32(exefile, (int)ptr) != 0x4550) //PE\0\0
{
return(null);
}
ptr += 4;
UInt16 numsects = ByteConverter.ToUInt16(exefile, (int)ptr + 2);
ptr += 0x14;
int PEHead = ptr;
uint imageBase = ByteConverter.ToUInt32(exefile, ptr + 28);
byte[] result = new byte[ByteConverter.ToUInt32(exefile, ptr + 56)];
Array.Copy(exefile, result, ByteConverter.ToUInt32(exefile, ptr + 60));
ptr += 0xe0;
for (int i = 0; i < numsects; i++)
{
Array.Copy(exefile, ByteConverter.ToInt32(exefile, ptr + (int)SectOffs.FAddr), result, ByteConverter.ToInt32(exefile, ptr + (int)SectOffs.VAddr), ByteConverter.ToInt32(exefile, ptr + (int)SectOffs.FSize));
ptr += (int)SectOffs.Size;
}
exefile = result;
return(imageBase);
}
public static bool CheckBigEndianInt16(byte[] file, int address)
{
bool bigEndState = ByteConverter.BigEndian;
ByteConverter.BigEndian = true;
bool isBigEndian = BitConverter.ToUInt16(file, address) > ByteConverter.ToUInt16(file, address);
ByteConverter.BigEndian = bigEndState;
return(isBigEndian);
}
public static uint GetNewSectionAddress(byte[] exefile)
{
int ptr = ByteConverter.ToInt32(exefile, 0x3c);
ptr += 4;
UInt16 numsects = ByteConverter.ToUInt16(exefile, (int)ptr + 2);
ptr += 0x14;
ptr += 0xe0;
ptr += (int)SectOffs.Size * (numsects - 1);
return(HelperFunctions.Align(ByteConverter.ToUInt32(exefile, ptr + (int)SectOffs.VAddr) + ByteConverter.ToUInt32(exefile, ptr + (int)SectOffs.VSize)));
}
public static void CreateNewSection(ref byte[] exefile, string name, byte[] data, bool isCode)
{
int ptr = ByteConverter.ToInt32(exefile, 0x3c);
ptr += 4;
UInt16 numsects = ByteConverter.ToUInt16(exefile, ptr + 2);
int sectnumptr = ptr + 2;
ptr += 0x14;
int PEHead = ptr;
ptr += 0xe0;
int sectptr = ptr;
ptr += (int)SectOffs.Size * numsects;
ByteConverter.GetBytes((ushort)(numsects + 1)).CopyTo(exefile, sectnumptr);
Array.Clear(exefile, ptr, 8);
Encoding.ASCII.GetBytes(name).CopyTo(exefile, ptr);
UInt32 vaddr = HelperFunctions.Align(ByteConverter.ToUInt32(exefile, ptr - (int)SectOffs.Size + (int)SectOffs.VAddr) + ByteConverter.ToUInt32(exefile, ptr - (int)SectOffs.Size + (int)SectOffs.VSize));
ByteConverter.GetBytes(vaddr).CopyTo(exefile, ptr + (int)SectOffs.VAddr);
UInt32 faddr = HelperFunctions.Align(ByteConverter.ToUInt32(exefile, ptr - (int)SectOffs.Size + (int)SectOffs.FAddr) + ByteConverter.ToUInt32(exefile, ptr - (int)SectOffs.Size + (int)SectOffs.FSize));
ByteConverter.GetBytes(faddr).CopyTo(exefile, ptr + (int)SectOffs.FAddr);
ByteConverter.GetBytes(isCode ? 0x60000020 : 0xC0000040).CopyTo(exefile, ptr + (int)SectOffs.Flags);
int diff = (int)HelperFunctions.Align((uint)data.Length);
ByteConverter.GetBytes(diff).CopyTo(exefile, ptr + (int)SectOffs.VSize);
ByteConverter.GetBytes(diff).CopyTo(exefile, ptr + (int)SectOffs.FSize);
if (isCode)
{
ByteConverter.GetBytes(Convert.ToUInt32(ByteConverter.ToUInt32(exefile, PEHead + 4) + diff)).CopyTo(exefile, PEHead + 4);
}
else
{
ByteConverter.GetBytes(Convert.ToUInt32(ByteConverter.ToUInt32(exefile, PEHead + 8) + diff)).CopyTo(exefile, PEHead + 8);
}
ByteConverter.GetBytes(Convert.ToUInt32(ByteConverter.ToUInt32(exefile, PEHead + 0x38) + diff)).CopyTo(exefile, PEHead + 0x38);
Array.Resize(ref exefile, exefile.Length + diff);
data.CopyTo(exefile, vaddr);
}
public override ushort ReadUInt16()
{
return(ByteConverter.ToUInt16(ReadBytes(sizeof(ushort)), 0));
}
