public SetDataDirectoryFixup(BuildBlob blob)
{
_blob = blob;
}
public override void Build()
{
if (_info == null)
{
return;
}
var _blob = new BuildBlob();
int pos = 0;
if (PE.Is32Bits)
{
_blob.Write(ref pos, (int)_info.Characteristics);
_blob.Write(ref pos, (int)_info.TimeDateStamp.To_time_t());
_blob.Write(ref pos, (short)_info.MajorVersion);
_blob.Write(ref pos, (short)_info.MinorVersion);
_blob.Write(ref pos, (uint)_info.GlobalFlagsClear);
_blob.Write(ref pos, (uint)_info.GlobalFlagsSet);
_blob.Write(ref pos, (int)_info.CriticalSectionDefaultTimeout);
_blob.Write(ref pos, (int)_info.DeCommitFreeBlockThreshold);
_blob.Write(ref pos, (int)_info.DeCommitTotalFreeThreshold);
_blob.Write(ref pos, (uint)_info.LockPrefixTable);
_blob.Write(ref pos, (int)_info.MaximumAllocationSize);
_blob.Write(ref pos, (int)_info.VirtualMemoryThreshold);
_blob.Write(ref pos, (int)_info.ProcessHeapFlags);
_blob.Write(ref pos, (uint)_info.ProcessAffinityMask);
_blob.Write(ref pos, (short)_info.CSDVersion);
_blob.Write(ref pos, (short)_info.Reserved1);
_blob.Write(ref pos, (uint)_info.EditList);
_blob.Write(ref pos, (uint)_info.SecurityCookie);
_blob.Write(ref pos, (uint)_info.SEHandlerTable);
_blob.Write(ref pos, (uint)_info.SEHandlerCount);
}
else
{
_blob.Write(ref pos, (int)_info.Characteristics);
_blob.Write(ref pos, (int)_info.TimeDateStamp.To_time_t());
_blob.Write(ref pos, (short)_info.MajorVersion);
_blob.Write(ref pos, (short)_info.MinorVersion);
_blob.Write(ref pos, (uint)_info.GlobalFlagsClear);
_blob.Write(ref pos, (uint)_info.GlobalFlagsSet);
_blob.Write(ref pos, (int)_info.CriticalSectionDefaultTimeout);
_blob.Write(ref pos, (long)_info.DeCommitFreeBlockThreshold);
_blob.Write(ref pos, (long)_info.DeCommitTotalFreeThreshold);
_blob.Write(ref pos, (ulong)_info.LockPrefixTable);
_blob.Write(ref pos, (long)_info.MaximumAllocationSize);
_blob.Write(ref pos, (long)_info.VirtualMemoryThreshold);
_blob.Write(ref pos, (ulong)_info.ProcessAffinityMask);
_blob.Write(ref pos, (int)_info.ProcessHeapFlags);
_blob.Write(ref pos, (short)_info.CSDVersion);
_blob.Write(ref pos, (short)_info.Reserved1);
_blob.Write(ref pos, (ulong)_info.EditList);
_blob.Write(ref pos, (ulong)_info.SecurityCookie);
_blob.Write(ref pos, (ulong)_info.SEHandlerTable);
_blob.Write(ref pos, (ulong)_info.SEHandlerCount);
}
// Set data directories
// For compatibility with Windows XP and earlier versions of Windows,
// the size must be 64 for x86 images.
PE.Fixups.Add(
new PEBuilder.SetDataDirectoryFromBlobRVAFixup(
DataDirectories.LoadConfigTable, _blob, 0, 64));
// Add _blobs
BuildSection section = PE.GetSection(_sectionName);
section.Blobs.Add(_blob, _blobPriority);
}
public WriteVAFixup(BuildBlob blob, int pos, BuildBlob rvaBlob)
: this(blob, pos, rvaBlob, 0)
{
}
public override void Build()
{
if (_table == null || _table.Count == 0)
{
return;
}
_blob = new BuildBlob();
_iatBlob = new BuildBlob();
// Calculate
int lookupTableSize = 0;
int hintNameTableSize = 0;
int lookupEntrySize = PE.Is32Bits ? 4 : 8;
for (int i = 0; i < _table.Count; i++)
{
var module = _table[i];
for (int j = 0; j < module.Count; j++)
{
var entry = module[j];
lookupTableSize += lookupEntrySize;
if (!string.IsNullOrEmpty(entry.Name))
{
hintNameTableSize += 2; // hint
hintNameTableSize += entry.Name.Length + 1;
}
}
lookupTableSize += lookupEntrySize; // null
}
int iatPos = 0;
int lookupTablePos = (_table.Count + 1) * 20; // header + null
int hintNameTablePos = lookupTablePos + lookupTableSize;
int dllNamePos = hintNameTablePos + hintNameTableSize;
// Write
int headerPos = 0;
for (int i = 0; i < _table.Count; i++)
{
var module = _table[i];
// Header
PE.Fixups.Add(new WriteRVAFixup(_blob, headerPos, lookupTablePos));
_blob.Write(ref headerPos, (uint)0); // ImportLookupTableRVA
_blob.Write(ref headerPos, (uint)0); // TimeDateStamp
_blob.Write(ref headerPos, (int)module.ForwarderChain); // ForwarderChain
PE.Fixups.Add(new WriteRVAFixup(_blob, headerPos, dllNamePos));
_blob.Write(ref headerPos, (uint)0); // Name
PE.Fixups.Add(new WriteRVAFixup(_blob, _iatBlob, headerPos, iatPos));
_blob.Write(ref headerPos, (uint)0); // ImportAddressTableRVA
// DllName
string dllName = (module.DllName ?? "") + '\0';
_blob.Write(ref dllNamePos, dllName, Encoding.ASCII);
// ImportLookupTable / ImportAddressTable
for (int j = 0; j < module.Count; j++)
{
var entry = module[j];
if (PE.Is32Bits)
{
if (!string.IsNullOrEmpty(entry.Name))
{
// Import by name.
PE.Fixups.Add(
new WriteHintNameRVAFixup(
_blob, _iatBlob, lookupTablePos, iatPos, hintNameTablePos));
_blob.Write(ref lookupTablePos, (uint)0);
_iatBlob.Write(ref iatPos, (uint)0);
// Hint/Name
_blob.Write(ref hintNameTablePos, (ushort)entry.Ordinal);
string name = entry.Name + '\0';
_blob.Write(ref hintNameTablePos, name, Encoding.ASCII);
}
else
{
// Import by ordinal.
uint ordinal = (uint)entry.Ordinal | 0x80000000;
_blob.Write(ref lookupTablePos, (uint)ordinal);
_iatBlob.Write(ref iatPos, (uint)ordinal);
}
}
else
{
if (!string.IsNullOrEmpty(entry.Name))
{
// Import by name.
PE.Fixups.Add(
new WriteHintNameRVAFixup(
_blob, _iatBlob, lookupTablePos, iatPos, hintNameTablePos));
_blob.Write(ref lookupTablePos, (ulong)0);
_iatBlob.Write(ref iatPos, (ulong)0);
// Hint/Name
_blob.Write(ref hintNameTablePos, (ushort)entry.Ordinal);
string name = entry.Name + '\0';
_blob.Write(ref hintNameTablePos, name, Encoding.ASCII);
}
else
{
// Import by ordinal.
ulong ordinal = (uint)entry.Ordinal | 0x8000000000000000;
_blob.Write(ref lookupTablePos, (ulong)ordinal);
_iatBlob.Write(ref iatPos, (ulong)ordinal);
}
}
}
if (PE.Is32Bits)
{
// Null ImportLookupTable / ImportAddressTable
_blob.Write(ref lookupTablePos, 0, 4);
_iatBlob.Write(ref iatPos, 0, 4);
}
else
{
// Null ImportLookupTable / ImportAddressTable
_blob.Write(ref lookupTablePos, 0, 8);
_iatBlob.Write(ref iatPos, 0, 8);
}
}
// Null header
_blob.Write(ref headerPos, 0, 20);
// Set data directories
PE.Fixups.Add(
new PEBuilder.SetDataDirectoryFromBlobRVAFixup(
DataDirectories.ImportTable, _blob));
PE.Fixups.Add(
new PEBuilder.SetDataDirectoryFromBlobRVAFixup(
DataDirectories.IAT, _iatBlob));
// Add _blobs
BuildSection section = PE.GetSection(_sectionName);
section.Blobs.Add(_blob, _blobPriority);
BuildSection iatSection = PE.GetSection(_iatSectionName);
iatSection.Blobs.Add(_iatBlob, _iatBlobPriority);
}
public WriteRVAFixup(BuildBlob blob, int pos, int offset)
: this(blob, blob, pos, offset)
{
}
public WriteRVAFixup(BuildBlob blob, int pos, int offset)
{
_blob = blob;
_pos = pos;
_offset = offset;
}
public override void Build()
{
if (_table == null || _table.Count == 0)
{
return;
}
_blob = new BuildBlob();
// Calculate
int iatSize = 0;
int namePointerTableSize = 0;
int namePointerSize = PE.Is32Bits ? 4 : 8;
int hintNameTableSize = 0;
for (int i = 0; i < _table.Count; i++)
{
var module = _table[i];
for (int j = 0; j < module.Count; j++)
{
var entry = module[j];
iatSize += 4;
namePointerTableSize += namePointerSize;
if (!string.IsNullOrEmpty(entry.Name))
{
hintNameTableSize += 2; // hint
hintNameTableSize += entry.Name.Length + 1;
}
}
iatSize += 4; // null IAT
namePointerTableSize += namePointerSize; // null
}
int iatPos = (_table.Count + 1) * 32; // header + null;
int namePointerTablePos = iatPos + iatSize;
int hintNameTablePos = namePointerTablePos + namePointerTableSize;
int dllNamePos = hintNameTablePos + hintNameTableSize;
// Write
int headerPos = 0;
for (int i = 0; i < _table.Count; i++)
{
var module = _table[i];
// Header
_blob.Write(ref headerPos, (uint)0); // Attributes
PE.Fixups.Add(new WriteRVAFixup(_blob, headerPos, dllNamePos));
_blob.Write(ref headerPos, (uint)0); // Name
_blob.Write(ref headerPos, (uint)module.ModuleHandleRVA); // ModuleHandle
PE.Fixups.Add(new WriteRVAFixup(_blob, headerPos, iatPos));
_blob.Write(ref headerPos, (uint)0); // DelayImportAddressTable
PE.Fixups.Add(new WriteRVAFixup(_blob, headerPos, namePointerTablePos));
_blob.Write(ref headerPos, (uint)0); // DelayImportNameTable
_blob.Write(ref headerPos, (uint)0); // BoundDelayImportTable
_blob.Write(ref headerPos, (uint)0); // UnloadDelayImportTable
_blob.Write(ref headerPos, (uint)0); // TimeDateStamp
// DllName
string dllName = (module.DllName ?? "") + '\0';
_blob.Write(ref dllNamePos, dllName, Encoding.ASCII);
// DelayImportNameTable
for (int j = 0; j < module.Count; j++)
{
var entry = module[j];
_blob.Write(ref iatPos, (uint)entry.FuncRVA);
if (PE.Is32Bits)
{
if (!string.IsNullOrEmpty(entry.Name))
{
// DelayImport by name.
PE.Fixups.Add(
new WriteHintNameRVAFixup(
_blob, namePointerTablePos, hintNameTablePos));
_blob.Write(ref namePointerTablePos, (uint)0);
// Hint/Name
_blob.Write(ref hintNameTablePos, (ushort)entry.Ordinal);
string name = entry.Name + '\0';
_blob.Write(ref hintNameTablePos, name, Encoding.ASCII);
}
else
{
// DelayImport by ordinal.
uint ordinal = (uint)entry.Ordinal | 0x80000000;
_blob.Write(ref namePointerTablePos, (uint)ordinal);
}
}
else
{
if (!string.IsNullOrEmpty(entry.Name))
{
// DelayImport by name.
PE.Fixups.Add(
new WriteHintNameRVAFixup(
_blob, namePointerTablePos, hintNameTablePos));
_blob.Write(ref namePointerTablePos, (ulong)0);
// Hint/Name
_blob.Write(ref hintNameTablePos, (ushort)entry.Ordinal);
string name = entry.Name + '\0';
_blob.Write(ref hintNameTablePos, name, Encoding.ASCII);
}
else
{
// DelayImport by ordinal.
ulong ordinal = (uint)entry.Ordinal | 0x8000000000000000;
_blob.Write(ref namePointerTablePos, (ulong)ordinal);
}
}
}
// Null IAT
_blob.Write(ref iatPos, 0, 4);
// Null DelayImportNameTable
if (PE.Is32Bits)
{
_blob.Write(ref namePointerTablePos, 0, 4);
}
else
{
_blob.Write(ref namePointerTablePos, 0, 8);
}
}
// Null header
_blob.Write(ref headerPos, 0, 32);
// Set data directories
PE.Fixups.Add(
new PEBuilder.SetDataDirectoryFromBlobRVAFixup(
DataDirectories.DelayImportDescriptor, _blob));
// Add blobs
BuildSection section = PE.GetSection(_sectionName);
section.Blobs.Add(_blob, _blobPriority);
}
public WriteHintNameRVAFixup(BuildBlob blob, int pos, int hintNameTablePos)
{
_blob = blob;
_pos = pos;
_hintNameTablePos = hintNameTablePos;
}
