private void WriteRuntimeStartupStub(Stream peStream)
{
BinaryWriter writer = new BinaryWriter(new MemoryStream(16));
// entry point code, consisting of a jump indirect to _CorXXXMain
if (!_module.Requires64bits)
{
//emit 0's (nops) to pad the entry point code so that the target address is aligned on a 4 byte boundary.
for (uint i = 0, n = (uint)(BitArithmeticUtilities.Align((uint)peStream.Position, 4) - peStream.Position); i < n; i++) writer.WriteByte(0);
writer.WriteUshort(0);
writer.WriteByte(0xff);
writer.WriteByte(0x25); //4
writer.WriteUint(_ntHeader.ImportAddressTable.RelativeVirtualAddress + (uint)_module.BaseAddress); //8
}
else
{
//emit 0's (nops) to pad the entry point code so that the target address is aligned on a 8 byte boundary.
for (uint i = 0, n = (uint)(BitArithmeticUtilities.Align((uint)peStream.Position, 8) - peStream.Position); i < n; i++) writer.WriteByte(0);
writer.WriteUint(0);
writer.WriteUshort(0);
writer.WriteByte(0xff);
writer.WriteByte(0x25); //8
writer.WriteUlong(_ntHeader.ImportAddressTable.RelativeVirtualAddress + _module.BaseAddress); //16
}
writer.BaseStream.WriteTo(peStream);
}
private static void WriteCorHeader(Stream peStream, CorHeader corHeader)
{
BinaryWriter writer = new BinaryWriter(new MemoryStream(72));
writer.WriteUint(72); // Number of bytes in this header 4
writer.WriteUshort(corHeader.MajorRuntimeVersion); // 6
writer.WriteUshort(corHeader.MinorRuntimeVersion); // 8
writer.WriteUint(corHeader.MetadataDirectory.RelativeVirtualAddress); // 12
writer.WriteUint(corHeader.MetadataDirectory.Size); // 16
writer.WriteUint((uint)corHeader.Flags); // 20
writer.WriteUint(corHeader.EntryPointToken); // 24
writer.WriteUint(corHeader.Resources.Size == 0 ? 0u : corHeader.Resources.RelativeVirtualAddress); // 28
writer.WriteUint(corHeader.Resources.Size); // 32
writer.WriteUint(corHeader.StrongNameSignature.Size == 0 ? 0u : corHeader.StrongNameSignature.RelativeVirtualAddress); // 36
writer.WriteUint(corHeader.StrongNameSignature.Size); // 40
writer.WriteUint(corHeader.CodeManagerTable.RelativeVirtualAddress); // 44
writer.WriteUint(corHeader.CodeManagerTable.Size); // 48
writer.WriteUint(corHeader.VTableFixups.RelativeVirtualAddress); // 52
writer.WriteUint(corHeader.VTableFixups.Size); // 56
writer.WriteUint(corHeader.ExportAddressTableJumps.RelativeVirtualAddress); // 60
writer.WriteUint(corHeader.ExportAddressTableJumps.Size); // 64
writer.WriteUlong(0); // 72
writer.BaseStream.WriteTo(peStream);
}
private void WriteImportAddressTable(Stream peStream)
{
BinaryWriter writer = new BinaryWriter(new MemoryStream(16));
bool use32bitAddresses = !_module.Requires64bits;
uint importTableRVA = _ntHeader.ImportTable.RelativeVirtualAddress;
uint ilRVA = importTableRVA + 40;
uint hintRva = ilRVA + (use32bitAddresses ? 12u : 16u);
// Import Address Table
if (use32bitAddresses)
{
writer.WriteUint(hintRva); // 4
writer.WriteUint(0); // 8
}
else
{
writer.WriteUlong(hintRva); // 8
writer.WriteUlong(0); // 16
}
writer.BaseStream.WriteTo(peStream);
}
private void WriteImportTable(Stream peStream)
{
BinaryWriter writer = new BinaryWriter(new MemoryStream(70));
bool use32bitAddresses = !_module.Requires64bits;
uint importTableRVA = _ntHeader.ImportTable.RelativeVirtualAddress;
uint ilRVA = importTableRVA + 40;
uint hintRva = ilRVA + (use32bitAddresses ? 12u : 16u);
uint nameRva = hintRva + 12 + 2;
// Import table
writer.WriteUint(ilRVA); // 4
writer.WriteUint(0); // 8
writer.WriteUint(0); // 12
writer.WriteUint(nameRva); // 16
writer.WriteUint(_ntHeader.ImportAddressTable.RelativeVirtualAddress); // 20
writer.BaseStream.Position += 20; // 40
// Import Lookup table
if (use32bitAddresses)
{
writer.WriteUint(hintRva); // 44
writer.WriteUint(0); // 48
writer.WriteUint(0); // 52
}
else
{
writer.WriteUlong(hintRva); // 48
writer.WriteUlong(0); // 56
}
// Hint table
writer.WriteUshort(0); // Hint 54|58
string entryPointName =
(_module.Kind == ModuleKind.DynamicallyLinkedLibrary || _module.Kind == ModuleKind.WindowsRuntimeMetadata)
? "_CorDllMain" : "_CorExeMain";
foreach (char ch in entryPointName)
{
writer.WriteByte((byte)ch); // 65|69
}
writer.WriteByte(0); // 66|70
writer.BaseStream.WriteTo(peStream);
}
private void WriteHeaders(Stream peStream, out long timestampOffset)
{
IModule module = _module;
NtHeader ntHeader = _ntHeader;
BinaryWriter writer = new BinaryWriter(_headerStream);
// MS-DOS stub (128 bytes)
writer.WriteBytes(s_dosHeader); // TODO: provide an option to suppress the second half of the DOS header?
// PE Signature (4 bytes)
writer.WriteUint(0x00004550); /* "PE\0\0" */
// COFF Header 20 bytes
writer.WriteUshort((ushort)module.Machine);
writer.WriteUshort((ushort)ntHeader.NumberOfSections);
timestampOffset = (uint)(writer.BaseStream.Position + peStream.Position);
writer.WriteUint(ntHeader.TimeDateStamp);
writer.WriteUint(ntHeader.PointerToSymbolTable);
writer.WriteUint(0); // NumberOfSymbols
writer.WriteUshort((ushort)(!module.Requires64bits ? 224 : 240)); // SizeOfOptionalHeader
// ushort characteristics = 0x0002|0x0004|0x0008; // executable | no COFF line nums | no COFF symbols (as required by the standard)
ushort characteristics = 0x0002; // executable (as required by the Linker team).
if (module.Kind == ModuleKind.DynamicallyLinkedLibrary || module.Kind == ModuleKind.WindowsRuntimeMetadata)
{
characteristics |= 0x2000;
}
if (module.Requires32bits)
{
characteristics |= 0x0100; // 32 bit machine (The standard says to always set this, the linker team says otherwise)
//The loader team says that this is not used for anything in the OS.
}
else
{
characteristics |= 0x0020; // large address aware (the standard says never to set this, the linker team says otherwise).
//The loader team says that this is not overridden for managed binaries and will be respected if set.
}
writer.WriteUshort(characteristics);
// PE Header (224 bytes if 32 bits, 240 bytes if 64 bit)
if (!module.Requires64bits)
{
writer.WriteUshort(0x10B); // Magic = PE32 // 2
}
else
{
writer.WriteUshort(0x20B); // Magic = PE32+ // 2
}
writer.WriteByte(module.LinkerMajorVersion); // 3
writer.WriteByte(module.LinkerMinorVersion); // 4
writer.WriteUint(ntHeader.SizeOfCode); // 8
writer.WriteUint(ntHeader.SizeOfInitializedData); // 12
writer.WriteUint(ntHeader.SizeOfUninitializedData); // 16
writer.WriteUint(ntHeader.AddressOfEntryPoint); // 20
writer.WriteUint(ntHeader.BaseOfCode); // 24
if (!module.Requires64bits)
{
writer.WriteUint(ntHeader.BaseOfData); // 28
writer.WriteUint((uint)module.BaseAddress); // 32
}
else
{
writer.WriteUlong(module.BaseAddress); // 32
}
writer.WriteUint(0x2000); // SectionAlignment 36
writer.WriteUint(module.FileAlignment); // 40
writer.WriteUshort(4); // MajorOperatingSystemVersion 42
writer.WriteUshort(0); // MinorOperatingSystemVersion 44
writer.WriteUshort(0); // MajorImageVersion 46
writer.WriteUshort(0); // MinorImageVersion 48
writer.WriteUshort(module.MajorSubsystemVersion); // MajorSubsystemVersion 50
writer.WriteUshort(module.MinorSubsystemVersion); // MinorSubsystemVersion 52
writer.WriteUint(0); // Win32VersionValue 56
writer.WriteUint(ntHeader.SizeOfImage); // 60
writer.WriteUint(ntHeader.SizeOfHeaders); // 64
writer.WriteUint(0); // CheckSum 68
switch (module.Kind)
{
case ModuleKind.ConsoleApplication:
case ModuleKind.DynamicallyLinkedLibrary:
case ModuleKind.WindowsRuntimeMetadata:
writer.WriteUshort(3); // 70
break;
case ModuleKind.WindowsApplication:
writer.WriteUshort(2); // 70
break;
default:
writer.WriteUshort(0); //
break;
}
writer.WriteUshort(module.DllCharacteristics);
if (!module.Requires64bits)
{
writer.WriteUint((uint)module.SizeOfStackReserve); // 76
writer.WriteUint((uint)module.SizeOfStackCommit); // 80
writer.WriteUint((uint)module.SizeOfHeapReserve); // 84
writer.WriteUint((uint)module.SizeOfHeapCommit); // 88
}
else
{
writer.WriteUlong(module.SizeOfStackReserve); // 80
writer.WriteUlong(module.SizeOfStackCommit); // 88
writer.WriteUlong(module.SizeOfHeapReserve); // 96
writer.WriteUlong(module.SizeOfHeapCommit); // 104
}
writer.WriteUint(0); // LoaderFlags 92|108
writer.WriteUint(16); // numberOfDataDirectories 96|112
writer.WriteUint(ntHeader.ExportTable.RelativeVirtualAddress); // 100|116
writer.WriteUint(ntHeader.ExportTable.Size); // 104|120
writer.WriteUint(ntHeader.ImportTable.RelativeVirtualAddress); // 108|124
writer.WriteUint(ntHeader.ImportTable.Size); // 112|128
writer.WriteUint(ntHeader.ResourceTable.RelativeVirtualAddress); // 116|132
writer.WriteUint(ntHeader.ResourceTable.Size); // 120|136
writer.WriteUint(ntHeader.ExceptionTable.RelativeVirtualAddress); // 124|140
writer.WriteUint(ntHeader.ExceptionTable.Size); // 128|144
writer.WriteUint(ntHeader.CertificateTable.RelativeVirtualAddress); // 132|148
writer.WriteUint(ntHeader.CertificateTable.Size); // 136|152
writer.WriteUint(ntHeader.BaseRelocationTable.RelativeVirtualAddress); // 140|156
writer.WriteUint(ntHeader.BaseRelocationTable.Size); // 144|160
writer.WriteUint(ntHeader.DebugTable.RelativeVirtualAddress); // 148|164
writer.WriteUint(ntHeader.DebugTable.Size); // 152|168
writer.WriteUint(ntHeader.CopyrightTable.RelativeVirtualAddress); // 156|172
writer.WriteUint(ntHeader.CopyrightTable.Size); // 160|176
writer.WriteUint(ntHeader.GlobalPointerTable.RelativeVirtualAddress); // 164|180
writer.WriteUint(ntHeader.GlobalPointerTable.Size); // 168|184
writer.WriteUint(ntHeader.ThreadLocalStorageTable.RelativeVirtualAddress); // 172|188
writer.WriteUint(ntHeader.ThreadLocalStorageTable.Size); // 176|192
writer.WriteUint(ntHeader.LoadConfigTable.RelativeVirtualAddress); // 180|196
writer.WriteUint(ntHeader.LoadConfigTable.Size); // 184|200
writer.WriteUint(ntHeader.BoundImportTable.RelativeVirtualAddress); // 188|204
writer.WriteUint(ntHeader.BoundImportTable.Size); // 192|208
writer.WriteUint(ntHeader.ImportAddressTable.RelativeVirtualAddress); // 196|212
writer.WriteUint(ntHeader.ImportAddressTable.Size); // 200|216
writer.WriteUint(ntHeader.DelayImportTable.RelativeVirtualAddress); // 204|220
writer.WriteUint(ntHeader.DelayImportTable.Size); // 208|224
writer.WriteUint(ntHeader.CliHeaderTable.RelativeVirtualAddress); // 212|228
writer.WriteUint(ntHeader.CliHeaderTable.Size); // 216|232
writer.WriteUlong(0); // 224|240
// Section Headers
WriteSectionHeader(_textSection, writer);
WriteSectionHeader(_rdataSection, writer);
WriteSectionHeader(_sdataSection, writer);
WriteSectionHeader(_coverSection, writer);
WriteSectionHeader(_resourceSection, writer);
WriteSectionHeader(_relocSection, writer);
WriteSectionHeader(_tlsSection, writer);
writer.BaseStream.WriteTo(peStream);
_headerStream = _emptyStream;
}
