public PortableExecutableInfo(string path)
{
this.imagePath = path;
using (Stream stream = OpenImage())
{
using (BinaryParser br = new BinaryParser(stream))
{
dosHeader = DosHeader.Parse(br);
br.SkipTo(dosHeader.CoffHeaderOffset);
coffHeader = br.ReadRecord <CoffHeader>();
peHeader = PEHeader.Parse(br);
sections = new List <PESection>();
for (int i = 0; i < coffHeader.NumberOfSections; i++)
{
sections.Add(br.ReadRecord <PESection>());
}
}
}
}
public PortableExecutableInfo(string path)
{
this.imagePath = path;
using(Stream stream = OpenImage())
{
using (BinaryParser br = new BinaryParser(stream))
{
dosHeader = DosHeader.Parse(br);
br.SkipTo(dosHeader.CoffHeaderOffset);
coffHeader = br.ReadRecord<CoffHeader>();
peHeader = PEHeader.Parse(br);
sections = new List<PESection>();
for (int i = 0; i < coffHeader.NumberOfSections; i++)
{
sections.Add(br.ReadRecord<PESection>());
}
}
}
}
public static PEHeader Parse(BinaryParser br)
{
PEHeaderType signature = (PEHeaderType)br.ReadUInt16();
if (!Enum.IsDefined(typeof(PEHeaderType), signature))
{
InvalidPEFileException.ThrowInvalidPEHeader();
}
PEHeader hdr = new PEHeader();
hdr.Type = signature;
hdr.LinkerVersion = new Version(br.ReadByte(), br.ReadByte());
hdr.SizeOfCode = br.ReadUInt32();
hdr.SizeOfInitializedData = br.ReadUInt32();
hdr.SizeOfUninitializedData = br.ReadUInt32();
hdr.AddressOfEntryPoint = br.ReadUInt32();
hdr.BaseOfCode = br.ReadUInt32();
if (signature == PEHeaderType.PE64)
{
hdr.ImageBase = br.ReadUInt64();
}
else
{
hdr.BaseOfData = br.ReadUInt32();
hdr.ImageBase = br.ReadUInt32();
}
hdr.SectionAlignment = br.ReadUInt32();
hdr.FileAlignment = br.ReadUInt32();
hdr.OperatingSystemVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.ImageVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.SubsystemVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.Win32VersionValue = br.ReadUInt32();
hdr.SizeOfImage = br.ReadUInt32();
hdr.SizeOfHeaders = br.ReadUInt32();
hdr.Checksum = br.ReadUInt32();
hdr.Subsystem = (PESubsystem)br.ReadUInt16();
hdr.DllCharacteristics = (PEDllCharacteristics)br.ReadUInt16();
if (signature == PEHeaderType.PE64)
{
hdr.SizeOfStackReserve = br.ReadUInt64();
hdr.SizeOfStackCommit = br.ReadUInt64();
hdr.SizeOfHeapReserve = br.ReadUInt64();
hdr.SizeOfHeapCommit = br.ReadUInt64();
}
else
{
hdr.SizeOfStackReserve = br.ReadUInt32();
hdr.SizeOfStackCommit = br.ReadUInt32();
hdr.SizeOfHeapReserve = br.ReadUInt32();
hdr.SizeOfHeapCommit = br.ReadUInt32();
}
hdr.LoaderFlags = br.ReadUInt32();
hdr.DataDirectories = new PEDataDirectory[br.ReadUInt32()];
for (int i = 0; i < hdr.DataDirectories.Length; i++)
{
hdr.DataDirectories[i] = br.ReadRecord <PEDataDirectory>();
}
return(hdr);
}
public static PEHeader Parse(BinaryParser br)
{
PEHeaderType signature = (PEHeaderType)br.ReadUInt16();
if (!Enum.IsDefined(typeof(PEHeaderType), signature))
{
InvalidPEFileException.ThrowInvalidPEHeader();
}
PEHeader hdr = new PEHeader();
hdr.Type = signature;
hdr.LinkerVersion = new Version(br.ReadByte(), br.ReadByte());
hdr.SizeOfCode = br.ReadUInt32();
hdr.SizeOfInitializedData = br.ReadUInt32();
hdr.SizeOfUninitializedData = br.ReadUInt32();
hdr.AddressOfEntryPoint = br.ReadUInt32();
hdr.BaseOfCode = br.ReadUInt32();
if (signature == PEHeaderType.PE64)
{
hdr.ImageBase = br.ReadUInt64();
}
else
{
hdr.BaseOfData = br.ReadUInt32();
hdr.ImageBase = br.ReadUInt32();
}
hdr.SectionAlignment = br.ReadUInt32();
hdr.FileAlignment = br.ReadUInt32();
hdr.OperatingSystemVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.ImageVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.SubsystemVersion = new Version(br.ReadUInt16(), br.ReadUInt16());
hdr.Win32VersionValue = br.ReadUInt32();
hdr.SizeOfImage = br.ReadUInt32();
hdr.SizeOfHeaders = br.ReadUInt32();
hdr.Checksum = br.ReadUInt32();
hdr.Subsystem = (PESubsystem)br.ReadUInt16();
hdr.DllCharacteristics = (PEDllCharacteristics)br.ReadUInt16();
if (signature == PEHeaderType.PE64)
{
hdr.SizeOfStackReserve = br.ReadUInt64();
hdr.SizeOfStackCommit = br.ReadUInt64();
hdr.SizeOfHeapReserve = br.ReadUInt64();
hdr.SizeOfHeapCommit = br.ReadUInt64();
}
else
{
hdr.SizeOfStackReserve = br.ReadUInt32();
hdr.SizeOfStackCommit = br.ReadUInt32();
hdr.SizeOfHeapReserve = br.ReadUInt32();
hdr.SizeOfHeapCommit = br.ReadUInt32();
}
hdr.LoaderFlags = br.ReadUInt32();
hdr.DataDirectories = new PEDataDirectory[br.ReadUInt32()];
for (int i = 0; i < hdr.DataDirectories.Length; i++)
{
hdr.DataDirectories[i] = br.ReadRecord<PEDataDirectory>();
}
return hdr;
}