From f3d26e13d91f3ca06ab3de9714a908596a0e7e36 Mon Sep 17 00:00:00 2001 From: midipix Date: Dec 13 2017 16:24:14 +0000 Subject: refactor: struct pe_image_meta: pointers to raw data are now r-prefixed. --- diff --git a/include/perk/perk.h b/include/perk/perk.h index e1b0dc9..1bc20a0 100644 --- a/include/perk/perk.h +++ b/include/perk/perk.h @@ -90,6 +90,16 @@ struct pe_meta_stats { }; struct pe_image_meta { + struct pe_raw_image r_image; + struct pe_raw_image_dos_hdr * r_dos; + struct pe_raw_coff_image_hdr * r_coff; + struct pe_raw_coff_object_hdr * r_obj; + union pe_raw_opt_hdr * r_opt; + struct pe_raw_sec_hdr * r_sectbl; + + struct pe_raw_export_hdr * r_edata; + struct pe_raw_import_hdr * r_idata; + struct pe_meta_stats m_stats; struct pe_meta_image_dos_hdr m_dos; struct pe_meta_coff_file_hdr m_coff; @@ -101,16 +111,6 @@ struct pe_image_meta { struct pe_meta_sec_hdr * h_edata; struct pe_meta_sec_hdr * h_idata; - - struct pe_raw_image image; - struct pe_raw_image_dos_hdr * ados; - struct pe_raw_coff_image_hdr * acoff; - struct pe_raw_coff_object_hdr * aobj; - union pe_raw_opt_hdr * aopt; - struct pe_raw_sec_hdr * asectbl; - - struct pe_raw_export_hdr * aedata; - struct pe_raw_import_hdr * aidata; }; struct pe_error_info { diff --git a/src/info/pe_get_image_abi.c b/src/info/pe_get_image_abi.c index 7d9b972..cea0d2c 100644 --- a/src/info/pe_get_image_abi.c +++ b/src/info/pe_get_image_abi.c @@ -19,7 +19,7 @@ int pe_get_image_abi(const struct pe_image_meta * m, struct pe_info_string * inf { int abi; - if (m->aobj) { + if (m->r_obj) { switch (m->m_coff.cfh_machine) { case PE_IMAGE_FILE_MACHINE_I386: abi = PE_ABI_PE32; diff --git a/src/info/pe_get_image_subsystem.c b/src/info/pe_get_image_subsystem.c index 135443e..bb7c9a3 100644 --- a/src/info/pe_get_image_subsystem.c +++ b/src/info/pe_get_image_subsystem.c @@ -26,7 +26,7 @@ int pe_get_image_subsystem(const struct pe_image_meta * m, struct pe_info_string { int subsystem; - if (m->aobj) + if (m->r_obj) subsystem = 0; else if (m->m_opt.oh_img.coh_subsystem >= 0x10) diff --git a/src/info/pe_get_image_subtype.c b/src/info/pe_get_image_subtype.c index 2808881..69b6569 100644 --- a/src/info/pe_get_image_subtype.c +++ b/src/info/pe_get_image_subtype.c @@ -22,7 +22,7 @@ int pe_get_image_subtype(const struct pe_image_meta * m, struct pe_info_string * { int subtype; - if (m->aobj) + if (m->r_obj) subtype = PE_SUBTYPE_OBJ; else if (m->m_coff.cfh_characteristics & PE_IMAGE_FILE_DLL) diff --git a/src/logic/pe_get_image_meta.c b/src/logic/pe_get_image_meta.c index 7a6d952..c6d8f98 100644 --- a/src/logic/pe_get_image_meta.c +++ b/src/logic/pe_get_image_meta.c @@ -48,7 +48,7 @@ int pe_get_block_section_index(const struct pe_image_meta * m, const struct pe_b int i; uint32_t low,high; - if (m->aobj) + if (m->r_obj) return -1; for (i=0; im_coff.cfh_num_of_sections; i++) { @@ -115,14 +115,14 @@ int pe_get_expsym_by_name( const char * sym; unsigned i; - if (m->aobj || !m->h_edata) + if (m->r_obj || !m->h_edata) return -1; offset = m->h_edata->sh_virtual_addr - m->h_edata->sh_ptr_to_raw_data; - symrva = (uint32_t *)((uintptr_t)m->image.addr + (m->m_edata.eh_name_ptr_rva - offset)); + symrva = (uint32_t *)((uintptr_t)m->r_image.addr + (m->m_edata.eh_name_ptr_rva - offset)); for (i=0; im_edata.eh_num_of_name_ptrs; i++) { - sym = (const char *)m->image.addr + symrva[i] - offset; + sym = (const char *)m->r_image.addr + symrva[i] - offset; if (!(strcmp(sym,name))) { if (expsym) { @@ -148,7 +148,7 @@ int pe_get_expsym_by_index( uint32_t * symrva; uintptr_t symaddr; - if (m->aobj) + if (m->r_obj) return -1; if (index >= m->m_edata.eh_num_of_name_ptrs) @@ -156,8 +156,8 @@ int pe_get_expsym_by_index( if (expsym) { offset = m->h_edata->sh_virtual_addr - m->h_edata->sh_ptr_to_raw_data; - symrva = (uint32_t *)((uintptr_t)m->image.addr + (m->m_edata.eh_name_ptr_rva - offset)); - symaddr = (uintptr_t)m->image.addr + symrva[index] - offset; + symrva = (uint32_t *)((uintptr_t)m->r_image.addr + (m->m_edata.eh_name_ptr_rva - offset)); + symaddr = (uintptr_t)m->r_image.addr + symrva[index] - offset; expsym->name = (const char *)symaddr; expsym->eaddr = 0; @@ -186,19 +186,19 @@ int pe_get_image_meta( if (!(m = calloc(1,sizeof(*m)))) return PERK_SYSTEM_ERROR(dctx); - m->aobj = (struct pe_raw_coff_object_hdr *)base; + m->r_obj = (struct pe_raw_coff_object_hdr *)base; - if (pe_read_object_header(m->aobj,&m->m_coff)) { - m->aobj = 0; - m->ados = (struct pe_raw_image_dos_hdr *)base; + if (pe_read_object_header(m->r_obj,&m->m_coff)) { + m->r_obj = 0; + m->r_dos = (struct pe_raw_image_dos_hdr *)base; - if ((ret = (pe_read_dos_header(m->ados,&m->m_dos)))) + if ((ret = (pe_read_dos_header(m->r_dos,&m->m_dos)))) return pe_free_image_meta_impl( m,PERK_CUSTOM_ERROR(dctx,ret)); - m->acoff = (struct pe_raw_coff_image_hdr *)(base + m->m_dos.dos_lfanew); + m->r_coff = (struct pe_raw_coff_image_hdr *)(base + m->m_dos.dos_lfanew); - if ((ret = (pe_read_coff_header(m->acoff,&m->m_coff)))) + if ((ret = (pe_read_coff_header(m->r_coff,&m->m_coff)))) return pe_free_image_meta_impl( m,PERK_CUSTOM_ERROR(dctx,ret)); } @@ -212,19 +212,19 @@ int pe_get_image_meta( m->m_coff.cfh_size_of_str_tbl = pe_read_long(mark); } - if (m->ados) { - mark = &m->acoff->cfh_signature[0]; - m->aopt = (union pe_raw_opt_hdr *)(mark + sizeof(*m->acoff)); + if (m->r_dos) { + mark = &m->r_coff->cfh_signature[0]; + m->r_opt = (union pe_raw_opt_hdr *)(mark + sizeof(*m->r_coff)); - if ((ret = (pe_read_optional_header(m->aopt,&m->m_opt)))) + if ((ret = (pe_read_optional_header(m->r_opt,&m->m_opt)))) return pe_free_image_meta_impl( m,PERK_CUSTOM_ERROR(dctx,ret)); - mark = &m->aopt->opt_hdr_32.coh_magic[0]; - m->asectbl = (struct pe_raw_sec_hdr *)(mark + m->m_coff.cfh_size_of_opt_hdr); + mark = &m->r_opt->opt_hdr_32.coh_magic[0]; + m->r_sectbl = (struct pe_raw_sec_hdr *)(mark + m->m_coff.cfh_size_of_opt_hdr); } else { - mark = &m->aobj->cfh_machine[0]; - m->asectbl = (struct pe_raw_sec_hdr *)(mark + sizeof(*m->aobj)); + mark = &m->r_obj->cfh_machine[0]; + m->r_sectbl = (struct pe_raw_sec_hdr *)(mark + sizeof(*m->r_obj)); } if (!(m->m_sectbl = calloc(m->m_coff.cfh_num_of_sections,sizeof(*(m->m_sectbl))))) @@ -232,7 +232,7 @@ int pe_get_image_meta( m,PERK_SYSTEM_ERROR(dctx)); for (i=0; im_coff.cfh_num_of_sections; i++) { - pe_read_section_header(&m->asectbl[i],&m->m_sectbl[i]); + pe_read_section_header(&m->r_sectbl[i],&m->m_sectbl[i]); if (m->m_sectbl[i].sh_name[0] == '/') if ((l = strtol(&m->m_sectbl[i].sh_name[1],0,10)) > 0) @@ -250,15 +250,15 @@ int pe_get_image_meta( if (s >= 0) { m->h_edata = &m->m_sectbl[s]; - m->aedata = (struct pe_raw_export_hdr *)(base + m->m_sectbl[s].sh_ptr_to_raw_data + m->r_edata = (struct pe_raw_export_hdr *)(base + m->m_sectbl[s].sh_ptr_to_raw_data + m->m_opt.oh_dirs.coh_export_tbl.dh_rva - m->m_sectbl[s].sh_virtual_addr); } else if (i >= 0) { m->h_edata = &m->m_sectbl[i]; - m->aedata = (struct pe_raw_export_hdr *)(base + m->m_sectbl[i].sh_ptr_to_raw_data); + m->r_edata = (struct pe_raw_export_hdr *)(base + m->m_sectbl[i].sh_ptr_to_raw_data); } - if (m->aedata) { - pe_read_export_header(m->aedata,&m->m_edata); + if (m->r_edata) { + pe_read_export_header(m->r_edata,&m->m_edata); m->m_stats.nexpsyms = m->m_edata.eh_num_of_name_ptrs; } @@ -275,16 +275,16 @@ int pe_get_image_meta( if (s >= 0) { m->h_idata = &m->m_sectbl[s]; - m->aidata = (struct pe_raw_import_hdr *)(base + m->m_sectbl[s].sh_ptr_to_raw_data + m->r_idata = (struct pe_raw_import_hdr *)(base + m->m_sectbl[s].sh_ptr_to_raw_data + m->m_opt.oh_dirs.coh_import_tbl.dh_rva - m->m_sectbl[s].sh_virtual_addr); } else if (i >= 0) { m->h_idata = &m->m_sectbl[i]; - m->aidata = (struct pe_raw_import_hdr *)(base + m->m_sectbl[i].sh_ptr_to_raw_data); + m->r_idata = (struct pe_raw_import_hdr *)(base + m->m_sectbl[i].sh_ptr_to_raw_data); } - if (m->aidata) { + if (m->r_idata) { /* num of implibs */ - for (pidata=m->aidata; pe_read_long(pidata->ih_name_rva); pidata++) + for (pidata=m->r_idata; pe_read_long(pidata->ih_name_rva); pidata++) m->m_stats.nimplibs++; /* import headers */ @@ -293,7 +293,7 @@ int pe_get_image_meta( m,PERK_SYSTEM_ERROR(dctx)); for (i=0; im_stats.nimplibs; i++) { - pe_read_import_header(&m->aidata[i],&m->m_idata[i]); + pe_read_import_header(&m->r_idata[i],&m->m_idata[i]); m->m_idata[i].ih_name = base + m->h_idata->sh_ptr_to_raw_data + m->m_idata[i].ih_name_rva @@ -350,8 +350,8 @@ int pe_get_image_meta( } /* image */ - m->image.addr = image->addr; - m->image.size = image->size; + m->r_image.addr = image->addr; + m->r_image.size = image->size; /* all done */ *meta = m; diff --git a/src/output/pe_output_export_symbols.c b/src/output/pe_output_export_symbols.c index c8a6de3..1ddef14 100644 --- a/src/output/pe_output_export_symbols.c +++ b/src/output/pe_output_export_symbols.c @@ -51,7 +51,7 @@ int pe_output_export_symbols( if ((pretty_header(cctx,fout)) < 0) return PERK_FILE_ERROR(dctx); - mark = m->image.addr; + mark = m->r_image.addr; offset = m->h_edata->sh_virtual_addr - m->h_edata->sh_ptr_to_raw_data; symrva = (uint32_t *)(mark + m->m_edata.eh_name_ptr_rva - offset); diff --git a/src/output/pe_output_image_strings.c b/src/output/pe_output_image_strings.c index 5ffbf93..58fdeaa 100644 --- a/src/output/pe_output_image_strings.c +++ b/src/output/pe_output_image_strings.c @@ -32,7 +32,7 @@ int pe_output_image_strings( dash = "- "; } - mark = (char *)meta->image.addr; + mark = (char *)meta->r_image.addr; mark += meta->m_coff.cfh_ptr_to_str_tbl; cap = mark + meta->m_coff.cfh_size_of_str_tbl; diff --git a/src/output/pe_output_image_symbols.c b/src/output/pe_output_image_symbols.c index 7f16d79..7a71b27 100644 --- a/src/output/pe_output_image_symbols.c +++ b/src/output/pe_output_image_symbols.c @@ -33,13 +33,13 @@ int pe_output_image_symbols( dash = "- "; } - mark = (char *)meta->image.addr; + mark = (char *)meta->r_image.addr; symtbl = (struct pe_raw_coff_symbol *)(mark + meta->m_coff.cfh_ptr_to_sym_tbl); for (i=0; im_coff.cfh_num_of_syms; i++) { pe_read_coff_symbol( &symtbl[i],&symrec, - &meta->m_coff,meta->image.addr); + &meta->m_coff,meta->r_image.addr); if (fprintf(fout,"%s%s\n", dash,