//recursively descend through resource directory structure //resource directories are 3 levels deep by Microsoft convention: //level 1 : resource type //level 2 : resource name str/id num //level 3 : language (aka code page) private void parseResourceDirectory(SourceFile source, int level) { //parse IMAGE_RESOURCE_DIRECTORY uint characteristics = source.getFour(); //unused uint timeDateStamp = source.getFour(); uint majorVersion = source.getTwo(); uint minorVersion = source.getTwo(); uint numberOfNamedEntries = source.getTwo(); uint numberOfIdEntries = source.getTwo(); int entryCount = (int)(numberOfNamedEntries + numberOfIdEntries); for (int i = 0; i < entryCount; i++) { uint idName = source.getFour(); //either numeric val or a ptr to name str uint data = source.getFour(); //either ptr to subdir or a leaf node resIdNameValues[level] = idName; //store id/name val at this level uint curPos = source.getPos(); //save cur pos in resource directory uint dataPos = (data & 0x7FFFFFFF); source.seek(dataPos); //goto leaf/subtree data if (data < 0x80000000) //high bit not set -> data points to leaf node { parseResourceData(source); } else { //high bit is set -> data points to subtree parseResourceDirectory(source, level + 1); //recurse next subtree } source.seek(curPos); //ret to pos in resource directory } }
//- reading in ---------------------------------------------------------------- public void readCoffHeader(SourceFile source) { machine = (int)source.getTwo(); sectionCount = (int)source.getTwo(); timeStamp = source.getFour(); symbolTblAddr = source.getFour(); symbolCount = source.getFour(); optionalHdrSize = (int)source.getTwo(); characteristics = (int)source.getTwo(); }
public static ResImageGroupDataEntry parseData(SourceFile src) { ResImageGroupDataEntry cgdata = new ResImageGroupDataEntry(); cgdata.bWidth = src.getOne(); cgdata.bHeight = src.getOne(); cgdata.bColorCount = src.getOne(); uint res = src.getOne(); cgdata.wPlanes = src.getTwo(); cgdata.wBitCount = src.getTwo(); cgdata.dwBytesInRes = src.getFour(); cgdata.nID = src.getTwo(); cgdata.image = null; return(cgdata); }
public static ResImageGroupData parseData(byte[] resdata) { ResImageGroupData igdata = new ResImageGroupData(); SourceFile src = new SourceFile(resdata); uint res = src.getTwo(); uint type = src.getTwo(); int count = (int)src.getTwo(); igdata.entries = new List <ResImageGroupDataEntry>(count); for (int i = 0; i < count; i++) { ResImageGroupDataEntry igentry = ResImageGroupDataEntry.parseData(src); igdata.entries.Add(igentry); } return(igdata); }
private void readOptionalHeader(SourceFile source) { magicNum = source.getTwo(); majorLinkerVersion = source.getOne(); minorLinkerVersion = source.getOne(); sizeOfCode = source.getFour(); sizeOfInitializedData = source.getFour(); sizeOfUninitializedData = source.getFour(); addressOfEntryPoint = source.getFour(); baseOfCode = source.getFour(); baseOfData = source.getFour(); imageBase = source.getFour(); sectionAlignment = source.getFour(); fileAlignment = source.getFour(); majorOSVersion = source.getTwo(); minorOSVersion = source.getTwo(); majorImageVersion = source.getTwo(); minorImageVersion = source.getTwo(); majorSubsystemVersion = source.getTwo(); minorSubsystemVersion = source.getTwo(); win32VersionValue = source.getFour(); sizeOfImage = source.getFour(); sizeOfHeaders = source.getFour(); checksum = source.getFour(); subsystem = source.getTwo(); dLLCharacteristics = source.getTwo(); sizeOfStackReserve = source.getFour(); sizeOfStackCommit = source.getFour(); sizeOfHeapReserve = source.getFour(); sizeOfHeapCommit = source.getFour(); loaderFlags = source.getFour(); numberOfRvaAndSizes = source.getFour(); dExportTable = DataDirectory.readDataDirectory(source); dImportTable = DataDirectory.readDataDirectory(source); dResourceTable = DataDirectory.readDataDirectory(source); exceptionTable = DataDirectory.readDataDirectory(source); certificatesTable = DataDirectory.readDataDirectory(source); baseRelocationTable = DataDirectory.readDataDirectory(source); debugTable = DataDirectory.readDataDirectory(source); architecture = DataDirectory.readDataDirectory(source); globalPtr = DataDirectory.readDataDirectory(source); threadLocalStorageTable = DataDirectory.readDataDirectory(source); loadConfigurationTable = DataDirectory.readDataDirectory(source); boundImportTable = DataDirectory.readDataDirectory(source); importAddressTable = DataDirectory.readDataDirectory(source); delayImportDescriptor = DataDirectory.readDataDirectory(source); CLRRuntimeHeader = DataDirectory.readDataDirectory(source); reserved = DataDirectory.readDataDirectory(source); }
//- reading in ---------------------------------------------------------------- public static Section loadSection(SourceFile source) { Section section = new Section(); section.secName = source.getAsciiString(8); section.memsize = source.getFour(); section.memloc = source.getFour(); section.filesize = source.getFour(); section.fileloc = source.getFour(); section.pRelocations = source.getFour(); section.pLinenums = source.getFour(); section.relocCount = (int)source.getTwo(); section.linenumCount = (int)source.getTwo(); section.flags = source.getFour(); section.data = source.getRange(section.fileloc, section.filesize); //load section data return(section); }
private String getResourceName(SourceFile source, uint pos) { uint curPos = source.getPos(); pos = (pos & 0x7FFFFFFF); source.seek(pos); int strLen = (int)source.getTwo(); pos += 2; StringBuilder str = new StringBuilder(strLen); for (int i = 0; i < strLen; i++) { uint ch = source.getTwo(); str.Append(Convert.ToChar(ch)); pos += 2; } source.seek(curPos); return(str.ToString()); }
static public MsDosHeader readMSDOSHeader(SourceFile source) { MsDosHeader dosHeader = new MsDosHeader(); dosHeader.signature = source.getTwo(); if (dosHeader.signature != 0x5a4d) { throw new Win32ReadException("this is not a valid win32 executable file"); } dosHeader.lastsize = source.getTwo(); dosHeader.nblocks = source.getTwo(); dosHeader.nreloc = source.getTwo(); dosHeader.hdrsize = source.getTwo(); dosHeader.minalloc = source.getTwo(); dosHeader.maxalloc = source.getTwo(); dosHeader.ss = source.getTwo(); dosHeader.sp = source.getTwo(); dosHeader.checksum = source.getTwo(); dosHeader.ip = source.getTwo(); dosHeader.cs = source.getTwo(); dosHeader.relocpos = source.getTwo(); dosHeader.noverlay = source.getTwo(); dosHeader.reserved1 = source.getRange(8); dosHeader.oem_id = source.getTwo(); dosHeader.oem_info = source.getTwo(); dosHeader.reserved2 = source.getRange(20); dosHeader.e_lfanew = source.getFour(); return(dosHeader); }