lib/x2
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.0.0b

Browse Source
This commit is contained in:
Intege-rs
2024-11-13 21:41:26 -05:00
commit 03066e2e55
29 changed files with 1549 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
sub/pe/src/structs.rs Normal file
View File

@@ -0,0 +1,199 @@
// ==============================
// PE stuff
// ==============================
pub const PE_SIGNATURE: u32 = 0x00004550;
pub const DOS_MAGIC: u16 = 0x5A4D;
pub const IOH_MAGIC_PE32: u16 = 0x10B; // 32 bit executable
pub const IOH_MAGIC_PE64: u16 = 0x20B; // 64 bit executable
pub const IOH_MAGIC_ROM: u16 = 0x107; // Yes!
pub const NUMBEROF_DIRECTORY_ENTRIES: usize = 16;
pub const DIRECTORY_ENTRY_EXPORT: usize = 0x0; // Export Directory
pub const DIRECTORY_ENTRY_IMPORT: usize = 0x1; // Import Directory
pub const DIRECTORY_ENTRY_RESOURCE: usize = 0x2; // Resource Directory
pub const DIRECTORY_ENTRY_EXCEPTION: usize = 0x3; // Exception Directory
pub const DIRECTORY_ENTRY_SECURITY: usize = 0x4; // Security Directory
pub const DIRECTORY_ENTRY_BASERELOC: usize = 0x5; // Base Relocation Table
pub const DIRECTORY_ENTRY_DEBUG: usize = 0x6; // Debug Directory
pub const DIRECTORY_ENTRY_ARCHITECTURE: usize = 0x7; // Architecture Specific Data
pub const DIRECTORY_ENTRY_GLOBALPTR: usize = 0x8; // RVA of GP
pub const DIRECTORY_ENTRY_TLS: usize = 0x9; // TLS Directory
pub const DIRECTORY_ENTRY_LOAD_CONFIG: usize = 0xA; // Load Configuration Directory
pub const DIRECTORY_ENTRY_BOUND_IMPORT: usize = 0xB; // Bound Import Directory in headers
pub const DIRECTORY_ENTRY_IAT: usize = 0xC; // Import Address Table
pub const DIRECTORY_ENTRY_DELAY_IMPORT: usize = 0xD; // Delay Load Import Descriptors
pub const DIRECTORY_ENTRY_COM_DESCRIPTOR: usize = 0xE; // COM Runtime descriptor
pub const IMAGE_FILE_MACHINE_I386: u16 = 0x014c;
pub const IMAGE_FILE_MACHINE_IA64: u16 = 0x0200;
pub const IMAGE_FILE_MACHINE_AMD64: u16 = 0x8664;
#[repr(C)]
pub struct ImageDOSHeader {
pub e_magic: u16,
pub e_cblp: u16,
pub e_cp: u16,
pub e_crlc: u16,
pub e_cparhdr: u16,
pub e_minalloc: u16,
pub e_maxalloc: u16,
pub e_ss: u16,
pub e_sp: u16,
pub e_csum: u16,
pub e_ip: u16,
pub e_cs: u16,
pub e_lfarlc: u16,
pub e_ovno: u16,
pub e_res: [u16;4],
pub e_oemid: u16,
pub e_oeminfo: u16,
pub e_res2: [u16;10],
pub e_lfanew: u32,
}
#[repr(C)]
pub struct ImageNTHeaders64 {
pub signature: u32,
pub file_header: ImageFileHeader,
pub optional_header: ImageOptionalHeader64,
}
#[repr(C)]
pub struct ImageFileHeader {
pub machine: u16,
pub number_of_sections: u16,
pub timestamp: u32,
pub pointer_to_symbol_table: u32,
pub number_of_symbols: u32,
pub size_of_optional_header: u16,
pub characteristics: u16,
}
#[repr(C)]
pub struct ImageOptionalHeader64 {
pub magic: u16,
pub major_linker_version: u8,
pub minor_linker_version: u8,
pub size_of_code: u32,
pub size_of_initialized_data: u32,
pub size_of_uninitialized_data: u32,
pub address_of_entry_point: u32,
pub base_of_code: u32,
pub image_base: u64,
pub section_alignment: u32,
pub file_alignment: u32,
pub major_operating_system_version: u16,
pub minor_operating_system_version: u16,
pub major_image_version: u16,
pub minor_image_version: u16,
pub major_subsystem_version: u16,
pub minor_subsystem_version: u16,
pub win32_version_value: u32,
pub size_of_image: u32,
pub size_of_headers: u32,
pub checksum: u32,
pub subsystem: u16,
pub dll_characteristics: u16,
pub size_of_stack_reserve: u64,
pub size_of_stack_commit: u64,
pub size_of_heap_reserve: u64,
pub size_of_heap_commit: u64,
pub loader_flags: u32,
pub number_of_rva_and_sizes: u32,
pub data_directory: [ImageDataDirectory; NUMBEROF_DIRECTORY_ENTRIES]
}
#[repr(C)]
pub struct ImageDataDirectory {
pub virtual_address: u32,
pub size: u32,
}
#[repr(C)]
pub struct ImageSectionHeader {
pub name: [u8;8],
pub virtual_size: u32,
pub virtual_address: u32,
pub size_of_raw_data: u32,
pub pointer_to_raw_data: u32,
pub pointer_to_relocations: u32,
pub pointer_to_linenumbers: u32,
pub number_of_relocations: u16,
pub number_of_linenumbers: u16,
pub characteristics: u32,
}
#[repr(C)]
pub struct ImageImportDescriptor {
pub original_first_thunk: u32,
pub timestamp: u32,
pub forwarder_chain: u32,
pub name: u32,
pub first_thunk: u32,
}
#[repr(C)]
pub struct ImageBoundImportDescriptor {
pub timestamp: u32,
pub offset_module_name: u16,
pub number_of_module_forwarder_refs: u16,
}
#[repr(C)]
pub struct ImageImportByName {
pub hint: u16,
pub name: [u8]
}
#[repr(C)]
pub struct ImageBaseRelocation {
pub virtual_address: u32,
pub size_of_block: u32,
}
#[repr(C)]
pub struct ImageExportDirectory {
/* 0x00 */pub export_flags: u32,
/* 0x04 */pub timestamp: u32,
/* 0x06 */pub major_version: u16,
/* 0x08 */pub minor_version: u16,
/* 0x0C */pub name_rva: u32,
/* 0x10 */pub ordinal_base: u32,
/* 0x14 */pub address_table_entries: u32,
/* 0x18 */pub number_of_name_pointers: u32,
/* 0x1C */pub export_address_table_rva: u32,
/* 0x20 */pub name_pointer_rva: u32,
/* 0x24 */pub ordinal_table_rva: u32,
}
#[repr(C)]
pub struct ImageExportAddressEntry {
pub export_rva: u32,
pub forwarder_rva: u32,
}
impl ImageDataDirectory {
pub fn contains(&self, offset: u32) -> bool {
// offset - self.virtual_address < self.size
offset.overflowing_sub(self.virtual_address).0 < self.size
}
}
impl ImageNTHeaders64 {
pub fn sections(&self) -> &[ImageSectionHeader] {
let section_base
= ( &self.optional_header as *const _ as usize )
+ self.file_header.size_of_optional_header as usize;
unsafe {
core::slice::from_raw_parts(
section_base as *const ImageSectionHeader,
self.file_header.number_of_sections as usize)
}
}
}