private Operand AbsoluteOperand(string fmt, ref int i)
{
if (i < fmt.Length)
{
if (fmt[i] == 'x')
{
++i;
return(new Operand(PrimitiveType.Byte)
{
Mode = AddressMode.AbsoluteX,
Register = Registers.x,
Offset = rdr.Read(PrimitiveType.Word16)
});
}
else if (fmt[i] == 'y')
{
++i;
return(new Operand(PrimitiveType.Byte)
{
Mode = AddressMode.AbsoluteY,
Register = Registers.y,
Offset = rdr.Read(PrimitiveType.Word16)
});
}
}
return(new Operand(PrimitiveType.Byte)
{
Mode = AddressMode.Absolute,
Register = null,
Offset = rdr.Read(PrimitiveType.Word16)
});
}
public CodeFormatter VisitPrimitive(PrimitiveType pt)
{
if (pt.Size > 8)
{
var bytes = rdr.ReadBytes(pt.Size);
FormatRawBytes(bytes);
}
else
{
rdr.Read(pt).Accept(codeFormatter);
}
return(codeFormatter);
}
public void VisitPointer(Pointer ptr)
{
var c = rdr.Read(PrimitiveType.Create(Domain.Pointer, ptr.BitSize));
var addr = Address.FromConstant(c);
if (!program.SegmentMap.IsValidAddress(addr))
{
return;
}
scanner.EnqueueUserGlobalData(addr, ptr.Pointee, null);
}
public CodeFormatter VisitPointer(Pointer ptr)
{
var c = rdr.Read(PrimitiveType.Create(Domain.Pointer, ptr.BitSize));
var addr = Address.FromConstant(c);
// Check if it is pointer to function
if (program.Procedures.TryGetValue(addr, out Procedure proc))
{
codeFormatter.InnerFormatter.WriteHyperlink(proc.Name, proc);
return(codeFormatter);
}
int offset = c.ToInt32();
if (offset == 0)
{
codeFormatter.WriteNull();
}
else
{
var field = globals.Fields.AtOffset(offset);
if (field == null)
{
// We've discovered a global variable! Create it!
//$REVIEW: what about colissions and the usual merge crap?
var dt = ptr.Pointee;
//$REVIEW: that this is a pointer to a C-style null
// terminated string is a wild-assed guess of course.
// It could be a pascal string, or a raw area of bytes.
// Depend on user for this, or possibly platform.
if (dt is PrimitiveType pt && pt.Domain == Domain.Character)
{
dt = StringType.NullTerminated(pt);
}
globals.Fields.Add(offset, dt);
// add field to queue.
field = globals.Fields.AtOffset(offset);
queue.Enqueue(field);
}
codeFormatter.InnerFormatter.Write("&g_{0}", field.Name);
}
return(codeFormatter);
}
public void VisitPrimitive(PrimitiveType pt)
{
rdr.Read(pt);
}
public CodeFormatter VisitPrimitive(PrimitiveType pt)
{
rdr.Read(pt).Accept(codeFormatter);
return(codeFormatter);
}
public void ReadOptionalHeader(EndianImageReader rdr, short expectedMagic)
{
if (optionalHeaderSize <= 0)
{
throw new BadImageFormatException("Optional header size should be larger than 0 in a PE executable image file.");
}
short magic = rdr.ReadLeInt16();
if (magic != expectedMagic)
{
throw new BadImageFormatException("Not a valid PE Header.");
}
rdr.ReadByte(); // Linker major version
rdr.ReadByte(); // Linker minor version
rdr.ReadLeUInt32(); // code size (== .text section size)
rdr.ReadLeUInt32(); // size of initialized data
rdr.ReadLeUInt32(); // size of uninitialized data
rvaStartAddress = rdr.ReadLeUInt32();
uint rvaBaseOfCode = rdr.ReadLeUInt32();
preferredBaseOfImage = innerLoader.ReadPreferredImageBase(rdr);
rdr.ReadLeUInt32(); // section alignment
rdr.ReadLeUInt32(); // file alignment
rdr.ReadLeUInt16(); // OS major version
rdr.ReadLeUInt16(); // OS minor version
rdr.ReadLeUInt16(); // Image major version
rdr.ReadLeUInt16(); // Image minor version
rdr.ReadLeUInt16(); // Subsystem major version
rdr.ReadLeUInt16(); // Subsystem minor version
rdr.ReadLeUInt32(); // reserved
uint sizeOfImage = rdr.ReadLeUInt32();
uint sizeOfHeaders = rdr.ReadLeUInt32();
uint checksum = rdr.ReadLeUInt32();
ushort subsystem = rdr.ReadLeUInt16();
ushort dllFlags = rdr.ReadLeUInt16();
var stackReserve = rdr.Read(arch.WordWidth);
var stackCommit = rdr.Read(arch.WordWidth);
var heapReserve = rdr.Read(arch.WordWidth);
var heapCommit = rdr.Read(arch.WordWidth);
rdr.ReadLeUInt32(); // loader flags
uint dictionaryCount = rdr.ReadLeUInt32();
if (dictionaryCount == 0)
{
return;
}
this.rvaExportTable = rdr.ReadLeUInt32();
this.sizeExportTable = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
this.rvaImportTable = rdr.ReadLeUInt32();
uint importTableSize = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
this.rvaResources = rdr.ReadLeUInt32(); // resource address
rdr.ReadLeUInt32(); // resource size
if (--dictionaryCount == 0)
{
return;
}
this.rvaExceptionTable = rdr.ReadLeUInt32(); // exception address
this.sizeExceptionTable = rdr.ReadLeUInt32(); // exception size
if (--dictionaryCount == 0)
{
return;
}
rdr.ReadLeUInt32(); // certificate address
rdr.ReadLeUInt32(); // certificate size
if (--dictionaryCount == 0)
{
return;
}
this.rvaBaseRelocationTable = rdr.ReadLeUInt32();
this.sizeBaseRelocationTable = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaDebug = rdr.ReadLeUInt32();
uint cbDebug = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaArchitecture = rdr.ReadLeUInt32();
uint cbArchitecture = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaGlobalPointer = rdr.ReadLeUInt32();
uint cbGlobalPointer = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaTls = rdr.ReadLeUInt32();
uint cbTls = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaLoadConfig = rdr.ReadLeUInt32();
uint cbLoadConfig = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaBoundImport = rdr.ReadLeUInt32();
uint cbBoundImport = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
uint rvaIat = rdr.ReadLeUInt32();
uint cbIat = rdr.ReadLeUInt32();
if (--dictionaryCount == 0)
{
return;
}
this.rvaDelayImportDescriptor = rdr.ReadLeUInt32();
uint cbDelayImportDescriptor = rdr.ReadLeUInt32();
}