|
|
225d90 |
/***************************************************************/
|
|
|
225d90 |
/* perk: PE Resource Kit */
|
|
|
425fb8 |
/* Copyright (C) 2015--2021 SysDeer Technologies, LLC */
|
|
|
225d90 |
/* Released under GPLv2 and GPLv3; see COPYING.PERK. */
|
|
|
225d90 |
/***************************************************************/
|
|
|
225d90 |
|
|
|
225d90 |
#include <stdio.h>
|
|
|
225d90 |
|
|
|
225d90 |
#include <perk/perk.h>
|
|
|
d6e02b |
#include <perk/perk_consts.h>
|
|
|
d6e02b |
#include <perk/perk_structs.h>
|
|
|
225d90 |
#include <perk/perk_output.h>
|
|
|
225d90 |
#include "perk_driver_impl.h"
|
|
|
225d90 |
#include "perk_hdrdump_impl.h"
|
|
|
225d90 |
#include "perk_dprintf_impl.h"
|
|
|
225d90 |
#include "perk_errinfo_impl.h"
|
|
|
225d90 |
|
|
|
225d90 |
#define PE_ADDR meta->r_edata
|
|
|
225d90 |
#define PE_RAW_STRUCT export_hdr
|
|
|
225d90 |
#define PE_OUTPUT(x) PE_OUTPUT_TABLE(x)
|
|
|
225d90 |
|
|
|
225d90 |
int pe_hdrdump_export_hdr(
|
|
|
225d90 |
const struct pe_driver_ctx * dctx,
|
|
|
225d90 |
const struct pe_image_meta * meta)
|
|
|
225d90 |
{
|
|
|
225d90 |
int bits;
|
|
|
225d90 |
uint64_t faddr;
|
|
|
225d90 |
uint64_t vaddr;
|
|
|
225d90 |
char * ch;
|
|
|
225d90 |
char buf[8192];
|
|
|
225d90 |
|
|
|
225d90 |
if (!PE_ADDR)
|
|
|
225d90 |
return 0;
|
|
|
225d90 |
|
|
|
225d90 |
if ((bits = pe_image_bits(meta)) < 0)
|
|
|
225d90 |
return PERK_CUSTOM_ERROR(
|
|
|
225d90 |
dctx,PERK_ERR_UNSUPPORTED_ABI);
|
|
|
225d90 |
|
|
|
225d90 |
faddr = (char *)(PE_ADDR) - (char *)meta->r_image.map_addr;
|
|
|
225d90 |
vaddr = meta->m_opt.oh_mem.coh_image_base + meta->m_edata.eh_virtual_addr;
|
|
|
225d90 |
|
|
|
225d90 |
ch = buf;
|
|
|
225d90 |
ch += pe_output_hex_header(
|
|
|
225d90 |
ch,
|
|
|
225d90 |
"struct pe_raw_export_hdr",
|
|
|
225d90 |
faddr,vaddr,bits);
|
|
|
225d90 |
|
|
|
225d90 |
ch += PE_OUTPUT(eh_export_flags);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_time_date_stamp);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_major_ver);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_minor_ver);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_name_rva);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_ordinal_base);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_addr_tbl_entries);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_num_of_name_ptrs);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_export_addr_tbl_rva);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_name_ptr_rva);
|
|
|
225d90 |
ch += PE_OUTPUT(eh_ordinal_tbl_rva);
|
|
|
225d90 |
|
|
|
225d90 |
ch += pe_output_hex_footer(ch);
|
|
|
225d90 |
|
|
|
225d90 |
*ch = 0;
|
|
|
225d90 |
|
|
|
225d90 |
if (pe_dprintf(pe_driver_fdout(dctx),"%s",buf) < 0)
|
|
|
225d90 |
return PERK_FILE_ERROR(dctx);
|
|
|
225d90 |
|
|
|
225d90 |
return 0;
|
|
|
225d90 |
}
|