/// <summary>Get the file-address of an RVA (Relative Virtual Address). This function is only needed when dealing with unmapped images</summary>
/// <param name="rva">RVA to get a file-address for</param>
/// <returns>The appropriate file address that corresponds to the RVA, or throws an EntryPointException if no sections contain this RVA</returns>
public uint GetPtrFromRVA(uint rva)
{
// Essentially, this function is to account for the differing alignments between files and memory pages.
// File alignment is usually around 512, and page alignment about 4K (4096). This means that any RVA values
// we obtain while reading the disk-image will not necessarily point to valid locations within the file.
// fortunately, this difference is easily accounted for thanks to Matt Pietrek's genius. RawData pointers are
// file aligned, and virtual-addresses are memory page aligned. Simply find the enclosing section and the delta
// between files/memory and you've got a valid file-pointer.
IMAGE_SECTION_HEADER pSecHd = GetEnclosingSectionHeader(rva);
return(rva - (pSecHd.VirtualAddress - pSecHd.PointerToRawData));
}
public uint GetPtrFromRVA(uint rva)
{
IMAGE_SECTION_HEADER enclosingSectionHeader = this.GetEnclosingSectionHeader(rva);
return(rva - (enclosingSectionHeader.VirtualAddress - enclosingSectionHeader.PointerToRawData));
}
