From f85e961aba46af228369dfd36b5b7e6b2c53d533 Mon Sep 17 00:00:00 2001 From: "antonio.marangon2@gmail.com" <> Date: Sun, 8 Aug 2021 00:15:04 +0200 Subject: [PATCH] Converted structs to classes --- Buffer.hpp | 10 +- COFFHeader.cpp | 11 + COFFHeader.hpp | 30 +++ COFFSymbol.cpp | 8 + COFFSymbol.hpp | 22 ++ DataDirectory.cpp | 8 + DataDirectory.hpp | 12 ++ Defines.hpp | 113 +++++++++++ Main.cpp | 7 +- OptionalHeader.cpp | 8 + OptionalHeader.hpp | 110 ++++++++++ PE.cpp | 18 -- PE.hpp | 292 --------------------------- PortableExecutable.cpp | 74 +++++++ PortableExecutable.hpp | 34 ++++ SectionEntry.cpp | 8 + SectionEntry.hpp | 20 ++ SectionTableEntry.cpp | 8 - SectionTableEntry.hpp | 9 - nbproject/Makefile-Debug.mk | 40 +++- nbproject/Makefile-Release.mk | 36 +++- nbproject/configurations.xml | 83 ++++++-- nbproject/private/configurations.xml | 2 - nbproject/private/private.xml | 7 +- 24 files changed, 605 insertions(+), 365 deletions(-) create mode 100644 COFFHeader.cpp create mode 100644 COFFHeader.hpp create mode 100644 COFFSymbol.cpp create mode 100644 COFFSymbol.hpp create mode 100644 DataDirectory.cpp create mode 100644 DataDirectory.hpp create mode 100644 Defines.hpp create mode 100644 OptionalHeader.cpp create mode 100644 OptionalHeader.hpp delete mode 100644 PE.cpp delete mode 100644 PE.hpp create mode 100644 PortableExecutable.cpp create mode 100644 PortableExecutable.hpp create mode 100644 SectionEntry.cpp create mode 100644 SectionEntry.hpp delete mode 100644 SectionTableEntry.cpp delete mode 100644 SectionTableEntry.hpp diff --git a/Buffer.hpp b/Buffer.hpp index ff73dec..bff6341 100644 --- a/Buffer.hpp +++ b/Buffer.hpp @@ -13,7 +13,7 @@ class Buffer { template T get(size_t offset) { - if(offset < 0 || offset + sizeof(T) > size) { + if(offset < 0 || offset + sizeof(T) > this->size) { throw std::range_error("Out of buffer range"); } T buffer; @@ -21,9 +21,11 @@ class Buffer { return buffer; } - template - T operator[](size_t offset) { - return get(offset); + void copyOut(size_t offset, size_t destination, size_t size) { + if(offset < 0 || offset + size > this->size) { + throw std::range_error("Out of buffer range"); + } + memcpy(destination, data + offset, size); } private: size_t size; diff --git a/COFFHeader.cpp b/COFFHeader.cpp new file mode 100644 index 0000000..ba38178 --- /dev/null +++ b/COFFHeader.cpp @@ -0,0 +1,11 @@ +#include "COFFHeader.hpp" + +COFFHeader::COFFHeader() { +} + +COFFHeader::~COFFHeader() { +} + +void COFFHeader::parse(Buffer buffer, size_t header_offset) { + +} \ No newline at end of file diff --git a/COFFHeader.hpp b/COFFHeader.hpp new file mode 100644 index 0000000..967cffe --- /dev/null +++ b/COFFHeader.hpp @@ -0,0 +1,30 @@ +#pragma once + +#include "COFFSymbol.hpp" +#include "Buffer.hpp" + +class COFFHeader { +public: + COFFHeader(); + virtual ~COFFHeader(); + + void parse(Buffer buffer, size_t header_offset); +private: + typedef struct { + uint16_t machine; + uint16_t number_of_sections; + uint32_t time_stamp; + uint32_t symbol_table_ptr; + uint32_t symbol_amount; + uint16_t optional_header_size; + uint16_t characteristics; + } nCOFF; + + uint16_t machine; + uint16_t number_of_sections; + uint32_t time_stamp; + COFFSymbol* symbol_table_ptr; + uint32_t symbol_amount; + uint16_t optional_header_size; + uint16_t characteristics; +}; \ No newline at end of file diff --git a/COFFSymbol.cpp b/COFFSymbol.cpp new file mode 100644 index 0000000..ef9ee11 --- /dev/null +++ b/COFFSymbol.cpp @@ -0,0 +1,8 @@ +#include "COFFSymbol.hpp" + +COFFSymbol::COFFSymbol() { +} + +COFFSymbol::~COFFSymbol() { +} + diff --git a/COFFSymbol.hpp b/COFFSymbol.hpp new file mode 100644 index 0000000..a27cf12 --- /dev/null +++ b/COFFSymbol.hpp @@ -0,0 +1,22 @@ +#pragma once + +#include + +class COFFSymbol { +public: + COFFSymbol(); + virtual ~COFFSymbol(); +private: + union { + char name[8]; + struct { + uint32_t zero; + uint32_t offset; + }; + }; + uint32_t value; + int16_t section_number; + uint16_t type; + uint8_t cclass; + uint8_t auxiliary_number; +}; \ No newline at end of file diff --git a/DataDirectory.cpp b/DataDirectory.cpp new file mode 100644 index 0000000..b7ffd89 --- /dev/null +++ b/DataDirectory.cpp @@ -0,0 +1,8 @@ +#include "DataDirectory.hpp" + +DataDirectory::DataDirectory() { +} + +DataDirectory::~DataDirectory() { +} + diff --git a/DataDirectory.hpp b/DataDirectory.hpp new file mode 100644 index 0000000..944cb2c --- /dev/null +++ b/DataDirectory.hpp @@ -0,0 +1,12 @@ +#pragma once + +#include + +class DataDirectory { +public: + DataDirectory(); + virtual ~DataDirectory(); +private: + uint32_t virtual_address; + uint32_t size; +}; \ No newline at end of file diff --git a/Defines.hpp b/Defines.hpp new file mode 100644 index 0000000..1606ef3 --- /dev/null +++ b/Defines.hpp @@ -0,0 +1,113 @@ +#pragma once + +#define IMAGE_PE32 0x10b +#define IMAGE_PE32PLUS 0x20b + +#define IMAGE_FILE_MACHINE_UNKNOWN 0x0 +#define IMAGE_FILE_MACHINE_AM33 0x1d3 +#define IMAGE_FILE_MACHINE_AMD64 0x8664 +#define IMAGE_FILE_MACHINE_ARM 0x1c0 +#define IMAGE_FILE_MACHINE_ARM64 0xaa64 +#define IMAGE_FILE_MACHINE_ARMNT 0x1c4 +#define IMAGE_FILE_MACHINE_EBC 0xebc +#define IMAGE_FILE_MACHINE_I386 0x14c +#define IMAGE_FILE_MACHINE_IA64 0x200 +#define IMAGE_FILE_MACHINE_M32R 0x9041 +#define IMAGE_FILE_MACHINE_MIPS16 0x266 +#define IMAGE_FILE_MACHINE_MIPSFPU 0x366 +#define IMAGE_FILE_MACHINE_MIPSFPU16 0x466 +#define IMAGE_FILE_MACHINE_POWERPC 0x1f0 +#define IMAGE_FILE_MACHINE_POWERPCFP 0x1f1 +#define IMAGE_FILE_MACHINE_R4000 0x166 +#define IMAGE_FILE_MACHINE_RISCV32 0x5032 +#define IMAGE_FILE_MACHINE_RISCV64 0x5064 +#define IMAGE_FILE_MACHINE_RISCV128 0x5128 +#define IMAGE_FILE_MACHINE_SH3 0x1a2 +#define IMAGE_FILE_MACHINE_SH3DSP 0x1a3 +#define IMAGE_FILE_MACHINE_SH4 0x1a6 +#define IMAGE_FILE_MACHINE_SH5 0x1a8 +#define IMAGE_FILE_MACHINE_THUMB 0x1c2 +#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x169 + +#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 +#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 +#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 +#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 +#define IMAGE_FILE_AGGRESSIVE_WS_TRIM 0x0010 +#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020 +#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 +#define IMAGE_FILE_32BIT_MACHINE 0x0100 +#define IMAGE_FILE_DEBUG_STRIPPED 0x0200 +#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400 +#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800 +#define IMAGE_FILE_SYSTEM 0x1000 +#define IMAGE_FILE_DLL 0x2000 +#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 +#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 + +#define IMAGE_SUBSYSTEM_UNKNOWN 0 +#define IMAGE_SUBSYSTEM_NATIVE 1 +#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 +#define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 +#define IMAGE_SUBSYSTEM_OS2_CUI 5 +#define IMAGE_SUBSYSTEM_POSIX_CUI 7 +#define IMAGE_SUBSYSTEM_NATIVE_WINDOWS 8 +#define IMAGE_SUBSYSTEM_WINDOWS_CE_GUI 9 +#define IMAGE_SUBSYSTEM_EFI_APPLICATION 10 +#define IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER 11 +#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12 +#define IMAGE_SUBSYSTEM_EFI_ROM 13 +#define IMAGE_SUBSYSTEM_XBOX 14 +#define IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION 16 + +#define IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA 0x0020 +#define IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE 0x0040 +#define IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY 0x0080 +#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT 0x0100 +#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION 0x0200 +#define IMAGE_DLLCHARACTERISTICS_NO_SEH 0x400 +#define IMAGE_DLLCHARACTERISTICS_NO_BIND 0x800 +#define IMAGE_DLLCHARACTERISTICS_APPCONTAINER 0x1000 +#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000 +#define IMAGE_DLLCHARACTERISTICS_GUARD_CF 0x4000 +#define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000 + +#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 +#define IMAGE_SCN_CNT_CODE 0x00000020 +#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 +#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 +#define IMAGE_SCN_LNK_OTHER 0x00000100 +#define IMAGE_SCN_LNK_INFO 0x00000200 +#define IMAGE_SCN_LNK_REMOVE 0x00000800 +#define IMAGE_SCN_LNK_COMDAT 0x00001000 +#define IMAGE_SCN_GPREL 0x00008000 +#define IMAGE_SCN_MEM_PURGEABLE 0x00020000 +#define IMAGE_SCN_MEM_16BIT 0x00020000 +#define IMAGE_SCN_MEM_LOCKED 0x00040000 +#define IMAGE_SCN_MEM_PRELOAD 0x00080000 +#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 +#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 +#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 +#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 +#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 +#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 +#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 +#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 +#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 +#define IMAGE_SCN_ALIGN_512BYTES 0x00A00000 +#define IMAGE_SCN_ALIGN_1024BYTES 0x00B00000 +#define IMAGE_SCN_ALIGN_2048BYTES 0x00C00000 +#define IMAGE_SCN_ALIGN_4096BYTES 0x00D00000 +#define IMAGE_SCN_ALIGN_8192BYTES 0x00E00000 +#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 +#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 +#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 +#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 +#define IMAGE_SCN_MEM_SHARED 0x10000000 +#define IMAGE_SCN_MEM_EXECUTE 0x20000000 +#define IMAGE_SCN_MEM_READ 0x40000000 +#define IMAGE_SCN_MEM_WRITE 0x80000000 + +#define IMAGE_COFFSYMBOL_N_UNDEF 0 +#define IMAGE_COFFSYMBOL_N_ABS -1 +#define IMAGE_COFFSYMBOL_N_DEBUG -2 \ No newline at end of file diff --git a/Main.cpp b/Main.cpp index 44b1ddb..e5d92e5 100644 --- a/Main.cpp +++ b/Main.cpp @@ -6,7 +6,8 @@ #include #include -#include "PE.hpp" +#include "PortableExecutable.hpp" +#include "Buffer.hpp" #define USAGE "Usage: ExeInterpreter \n" @@ -101,7 +102,7 @@ int main(int argc, char** argv) { // Parse the executable file printf(OP_MALLOC); - PE* executable = new PE(); + PortableExecutable* executable = new PortableExecutable(); if(!executable) { printf(OP_MALLOC_FAIL); return 1; @@ -109,7 +110,7 @@ int main(int argc, char** argv) { printf(OP_PARSE); try { - executable->parse(file_size, data); + executable->parse(Buffer(file_size, data)); } catch(const std::exception ex) { printf(OP_PARSE_FAIL); printException(ex); diff --git a/OptionalHeader.cpp b/OptionalHeader.cpp new file mode 100644 index 0000000..affab11 --- /dev/null +++ b/OptionalHeader.cpp @@ -0,0 +1,8 @@ +#include "OptionalHeader.hpp" + +OptionalHeader::OptionalHeader() { +} + +OptionalHeader::~OptionalHeader() { +} + diff --git a/OptionalHeader.hpp b/OptionalHeader.hpp new file mode 100644 index 0000000..7f40e54 --- /dev/null +++ b/OptionalHeader.hpp @@ -0,0 +1,110 @@ +#pragma once + +#include "DataDirectory.hpp" + +class OptionalHeader { +public: + OptionalHeader(); + virtual ~OptionalHeader(); +private: + typedef struct { + uint16_t magic; + uint8_t major_linker_version; + uint8_t minor_linker_version; + uint32_t code_size; + uint32_t initialized_data_size; + uint32_t uninitialized_data_size; + uint32_t entry_point_ptr; + uint32_t base_of_code_ptr; + uint32_t base_of_data_ptr; + + uint32_t image_base; + uint32_t section_alignment; + uint32_t file_alignment; + uint16_t major_os_version; + uint16_t minor_os_version; + uint16_t major_image_version; + uint16_t minor_image_version; + uint16_t major_subsystem_version; + uint16_t minor_subsystem_version; + uint32_t win32_version_value; + uint32_t size_of_image; + uint32_t size_of_headers; + uint32_t checksum; + uint16_t subsystem; + uint16_t dll_characteristics; + uint32_t stack_reserve_size; + uint32_t stack_commit_size; + uint32_t heap_reserve_size; + uint32_t heap_commit_size; + uint32_t loader_flags; + uint32_t number_of_directory_entries; + + DataDirectory export_table; + DataDirectory import_table; + DataDirectory resource_table; + DataDirectory exception_table; + DataDirectory certificate_table; + DataDirectory base_relocation_table; + DataDirectory debug; + DataDirectory architecture; + DataDirectory global_ptr; + DataDirectory tls_table; + DataDirectory load_config_table; + DataDirectory bound_import_table; + DataDirectory import_address_table; + DataDirectory delay_import_descriptor; + DataDirectory clr_runtime_header; + DataDirectory unused; + } nPE32; + + typedef struct { + uint16_t magic; + uint8_t major_linker_version; + uint8_t minor_linker_version; + uint32_t code_size; + uint32_t initialized_data_size; + uint32_t uninitialized_data_size; + uint32_t entry_point_ptr; + uint32_t base_of_code_ptr; + + uint64_t image_base; + uint32_t section_alignment; + uint32_t file_alignment; + uint16_t major_os_version; + uint16_t minor_os_version; + uint16_t major_image_version; + uint16_t minor_image_version; + uint16_t major_subsystem_version; + uint16_t minor_subsystem_version; + uint32_t win32_version_value; + uint32_t size_of_image; + uint32_t size_of_headers; + uint32_t checksum; + uint16_t subsystem; + uint16_t dll_characteristics; + uint64_t stack_reserve_size; + uint64_t stack_commit_size; + uint64_t heap_reserve_size; + uint64_t heap_commit_size; + uint32_t loader_flags; + uint32_t number_of_directory_entries; + + DataDirectory export_table; + DataDirectory import_table; + DataDirectory resource_table; + DataDirectory exception_table; + DataDirectory certificate_table; + DataDirectory base_relocation_table; + DataDirectory debug; + DataDirectory architecture; + DataDirectory global_ptr; + DataDirectory tls_table; + DataDirectory load_config_table; + DataDirectory bound_import_table; + DataDirectory import_address_table; + DataDirectory delay_import_descriptor; + DataDirectory clr_runtime_header; + DataDirectory unused; + } nPE32PLUS; +}; \ No newline at end of file diff --git a/PE.cpp b/PE.cpp deleted file mode 100644 index f46b701..0000000 --- a/PE.cpp +++ /dev/null @@ -1,18 +0,0 @@ -#include "PE.hpp" -#include "Buffer.hpp" - -PE::PE() { -} - -PE::~PE() { -} - -bool PE::parse(size_t size, void* raw) { - Buffer buffer(size, raw); - - return true; -} - -bool PE::relocate(void* address) { - return true; -} \ No newline at end of file diff --git a/PE.hpp b/PE.hpp deleted file mode 100644 index bb4d1af..0000000 --- a/PE.hpp +++ /dev/null @@ -1,292 +0,0 @@ -#pragma once - -#include -#include - -#define NO_MALLOC "Memory allocation failed\n" -#define NO_SIGNATURE "Executable file does not contain a valid signature\n" -#define NO_MAGIC "Executable file does not contain a valid magic number in its optional header\n" - -#define IMAGE_PE32 0x10b -#define IMAGE_PE32PLUS 0x20b - -#define IMAGE_FILE_MACHINE_UNKNOWN 0x0 -#define IMAGE_FILE_MACHINE_AM33 0x1d3 -#define IMAGE_FILE_MACHINE_AMD64 0x8664 -#define IMAGE_FILE_MACHINE_ARM 0x1c0 -#define IMAGE_FILE_MACHINE_ARM64 0xaa64 -#define IMAGE_FILE_MACHINE_ARMNT 0x1c4 -#define IMAGE_FILE_MACHINE_EBC 0xebc -#define IMAGE_FILE_MACHINE_I386 0x14c -#define IMAGE_FILE_MACHINE_IA64 0x200 -#define IMAGE_FILE_MACHINE_M32R 0x9041 -#define IMAGE_FILE_MACHINE_MIPS16 0x266 -#define IMAGE_FILE_MACHINE_MIPSFPU 0x366 -#define IMAGE_FILE_MACHINE_MIPSFPU16 0x466 -#define IMAGE_FILE_MACHINE_POWERPC 0x1f0 -#define IMAGE_FILE_MACHINE_POWERPCFP 0x1f1 -#define IMAGE_FILE_MACHINE_R4000 0x166 -#define IMAGE_FILE_MACHINE_RISCV32 0x5032 -#define IMAGE_FILE_MACHINE_RISCV64 0x5064 -#define IMAGE_FILE_MACHINE_RISCV128 0x5128 -#define IMAGE_FILE_MACHINE_SH3 0x1a2 -#define IMAGE_FILE_MACHINE_SH3DSP 0x1a3 -#define IMAGE_FILE_MACHINE_SH4 0x1a6 -#define IMAGE_FILE_MACHINE_SH5 0x1a8 -#define IMAGE_FILE_MACHINE_THUMB 0x1c2 -#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x169 - -#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 -#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 -#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 -#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 -#define IMAGE_FILE_AGGRESSIVE_WS_TRIM 0x0010 -#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020 -#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 -#define IMAGE_FILE_32BIT_MACHINE 0x0100 -#define IMAGE_FILE_DEBUG_STRIPPED 0x0200 -#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400 -#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800 -#define IMAGE_FILE_SYSTEM 0x1000 -#define IMAGE_FILE_DLL 0x2000 -#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 -#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 - -#define IMAGE_SUBSYSTEM_UNKNOWN 0 -#define IMAGE_SUBSYSTEM_NATIVE 1 -#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 -#define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 -#define IMAGE_SUBSYSTEM_OS2_CUI 5 -#define IMAGE_SUBSYSTEM_POSIX_CUI 7 -#define IMAGE_SUBSYSTEM_NATIVE_WINDOWS 8 -#define IMAGE_SUBSYSTEM_WINDOWS_CE_GUI 9 -#define IMAGE_SUBSYSTEM_EFI_APPLICATION 10 -#define IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER 11 -#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12 -#define IMAGE_SUBSYSTEM_EFI_ROM 13 -#define IMAGE_SUBSYSTEM_XBOX 14 -#define IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION 16 - -#define IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA 0x0020 -#define IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE 0x0040 -#define IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY 0x0080 -#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT 0x0100 -#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION 0x0200 -#define IMAGE_DLLCHARACTERISTICS_NO_SEH 0x400 -#define IMAGE_DLLCHARACTERISTICS_NO_BIND 0x800 -#define IMAGE_DLLCHARACTERISTICS_APPCONTAINER 0x1000 -#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000 -#define IMAGE_DLLCHARACTERISTICS_GUARD_CF 0x4000 -#define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000 - -#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 -#define IMAGE_SCN_CNT_CODE 0x00000020 -#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 -#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 -#define IMAGE_SCN_LNK_OTHER 0x00000100 -#define IMAGE_SCN_LNK_INFO 0x00000200 -#define IMAGE_SCN_LNK_REMOVE 0x00000800 -#define IMAGE_SCN_LNK_COMDAT 0x00001000 -#define IMAGE_SCN_GPREL 0x00008000 -#define IMAGE_SCN_MEM_PURGEABLE 0x00020000 -#define IMAGE_SCN_MEM_16BIT 0x00020000 -#define IMAGE_SCN_MEM_LOCKED 0x00040000 -#define IMAGE_SCN_MEM_PRELOAD 0x00080000 -#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 -#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 -#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 -#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 -#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 -#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 -#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 -#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 -#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 -#define IMAGE_SCN_ALIGN_512BYTES 0x00A00000 -#define IMAGE_SCN_ALIGN_1024BYTES 0x00B00000 -#define IMAGE_SCN_ALIGN_2048BYTES 0x00C00000 -#define IMAGE_SCN_ALIGN_4096BYTES 0x00D00000 -#define IMAGE_SCN_ALIGN_8192BYTES 0x00E00000 -#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 -#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 -#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 -#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 -#define IMAGE_SCN_MEM_SHARED 0x10000000 -#define IMAGE_SCN_MEM_EXECUTE 0x20000000 -#define IMAGE_SCN_MEM_READ 0x40000000 -#define IMAGE_SCN_MEM_WRITE 0x80000000 - -#define IMAGE_COFFSYMBOL_N_UNDEF 0 -#define IMAGE_COFFSYMBOL_N_ABS -1 -#define IMAGE_COFFSYMBOL_N_DEBUG -2 - - typedef struct { - uint32_t virtual_address; - uint32_t size; - } DATA_DIRECTORY; - - typedef struct { - union { - char name[8]; - struct { - uint32_t zero; - uint32_t offset; - }; - }; - uint32_t value; - int16_t section_number; - uint16_t type; - uint8_t cclass; - uint8_t auxiliary_number; - } COFF_SYMBOL_ENTRY; - - typedef struct { - uint16_t machine; - uint16_t number_of_sections; - uint32_t time_stamp; - uint32_t symbol_table_ptr; - uint32_t symbol_amount; - uint16_t optional_header_size; - uint16_t characteristics; - } __COFF__; - - typedef struct { - uint16_t machine; - uint16_t number_of_sections; - uint32_t time_stamp; - COFF_SYMBOL_ENTRY* symbol_table_ptr; - uint32_t symbol_amount; - uint16_t optional_header_size; - uint16_t characteristics; - } COFF; - - typedef struct { - uint16_t magic; - uint8_t major_linker_version; - uint8_t minor_linker_version; - uint32_t code_size; - uint32_t initialized_data_size; - uint32_t uninitialized_data_size; - uint32_t entry_point_ptr; - uint32_t base_of_code_ptr; - uint32_t base_of_data_ptr; - - uint32_t image_base; - uint32_t section_alignment; - uint32_t file_alignment; - uint16_t major_os_version; - uint16_t minor_os_version; - uint16_t major_image_version; - uint16_t minor_image_version; - uint16_t major_subsystem_version; - uint16_t minor_subsystem_version; - uint32_t win32_version_value; - uint32_t size_of_image; - uint32_t size_of_headers; - uint32_t checksum; - uint16_t subsystem; - uint16_t dll_characteristics; - uint32_t stack_reserve_size; - uint32_t stack_commit_size; - uint32_t heap_reserve_size; - uint32_t heap_commit_size; - uint32_t loader_flags; - uint32_t number_of_directory_entries; - - DATA_DIRECTORY export_table; - DATA_DIRECTORY import_table; - DATA_DIRECTORY resource_table; - DATA_DIRECTORY exception_table; - DATA_DIRECTORY certificate_table; - DATA_DIRECTORY base_relocation_table; - DATA_DIRECTORY debug; - DATA_DIRECTORY architecture; - DATA_DIRECTORY global_ptr; - DATA_DIRECTORY tls_table; - DATA_DIRECTORY load_config_table; - DATA_DIRECTORY bound_import_table; - DATA_DIRECTORY import_address_table; - DATA_DIRECTORY delay_import_descriptor; - DATA_DIRECTORY clr_runtime_header; - DATA_DIRECTORY unused; - } PE32; - - typedef struct { - uint16_t magic; - uint8_t major_linker_version; - uint8_t minor_linker_version; - uint32_t code_size; - uint32_t initialized_data_size; - uint32_t uninitialized_data_size; - uint32_t entry_point_ptr; - uint32_t base_of_code_ptr; - - uint64_t image_base; - uint32_t section_alignment; - uint32_t file_alignment; - uint16_t major_os_version; - uint16_t minor_os_version; - uint16_t major_image_version; - uint16_t minor_image_version; - uint16_t major_subsystem_version; - uint16_t minor_subsystem_version; - uint32_t win32_version_value; - uint32_t size_of_image; - uint32_t size_of_headers; - uint32_t checksum; - uint16_t subsystem; - uint16_t dll_characteristics; - uint64_t stack_reserve_size; - uint64_t stack_commit_size; - uint64_t heap_reserve_size; - uint64_t heap_commit_size; - uint32_t loader_flags; - uint32_t number_of_directory_entries; - - DATA_DIRECTORY export_table; - DATA_DIRECTORY import_table; - DATA_DIRECTORY resource_table; - DATA_DIRECTORY exception_table; - DATA_DIRECTORY certificate_table; - DATA_DIRECTORY base_relocation_table; - DATA_DIRECTORY debug; - DATA_DIRECTORY architecture; - DATA_DIRECTORY global_ptr; - DATA_DIRECTORY tls_table; - DATA_DIRECTORY load_config_table; - DATA_DIRECTORY bound_import_table; - DATA_DIRECTORY import_address_table; - DATA_DIRECTORY delay_import_descriptor; - DATA_DIRECTORY clr_runtime_header; - DATA_DIRECTORY unused; - } PE32PLUS; - - typedef struct { - char name[0x8]; - uint32_t virtual_size; - uint32_t virtual_address; - uint32_t raw_data_size; - uint32_t raw_data_ptr; - uint32_t relocation_ptr; - uint32_t line_number_ptr; - uint16_t number_of_relocation; - uint16_t number_of_line_number; - uint32_t characteristics; - } SECTION_TABLE_ENTRY; - -class PE { -public: - PE(); - virtual ~PE(); - - bool parse(size_t size, void* raw); - bool relocate(void* address); -private: - unsigned char* msdos_stub; - char* signature; - COFF* coff_header; - union { - PE32* optional_header; - PE32PLUS* optional_header_plus; - }; - SECTION_TABLE_ENTRY* section_table; -}; \ No newline at end of file diff --git a/PortableExecutable.cpp b/PortableExecutable.cpp new file mode 100644 index 0000000..1110c55 --- /dev/null +++ b/PortableExecutable.cpp @@ -0,0 +1,74 @@ +#include "PortableExecutable.hpp" +#include "Buffer.hpp" + +#include + +PortableExecutable::PortableExecutable() { +} + +PortableExecutable::~PortableExecutable() { +} + +void PortableExecutable::parse(Buffer buffer) { + // Find some offsets and sizes + size_t signature_begin = buffer.get(0x3c); + size_t signature_size = 4; + size_t msdos_begin = 0; + size_t msdos_size = signature_begin - msdos_begin; + size_t coff_begin = signature_begin + signature_size; + + // Initialize stub + msdos_stub = new unsigned char[msdos_size]; + if(!msdos_stub) { + printf(NO_MALLOC); + throw std::logic_error(NO_MALLOC); + } + buffer.copyOut(msdos_begin, msdos_stub, msdos_size); + + // Initialize signature + signature = new char[4]; + char correct_signature[4] = "PE\0\0"; + if(!signature) { + printf(NO_MALLOC); + throw std::logic_error(NO_MALLOC); + } + buffer.copyOut(signature_begin, signature, signature_size); + + // Validate signature + if(strncmp(signature, correct_signature, 4) != 0) { + printf(NO_SIGNATURE); + throw std::logic_error(NO_SIGNATURE); + } + + // Initialize coff header + coff_header = new COFFHeader(); + if(!coff_header) { + printf(NO_MALLOC); + throw std::logic_error(NO_MALLOC); + } + coff_header->parse(buffer, coff_begin); +} + +void PortableExecutable::relocate(void* address) { + +} + +unsigned char* PortableExecutable::getMsdosStub() { + return msdos_stub; +} + +char* PortableExecutable::getSignature() { + return signature; +} + +COFFHeader* PortableExecutable::getCoffHeader() { + return coff_header; +} + +OptionalHeader* PortableExecutable::getOptionalHeader() { + return optional_header; +} + +SectionEntry* PortableExecutable::getSectionTable() { + return section_table; +} \ No newline at end of file diff --git a/PortableExecutable.hpp b/PortableExecutable.hpp new file mode 100644 index 0000000..8b0ad4d --- /dev/null +++ b/PortableExecutable.hpp @@ -0,0 +1,34 @@ +#pragma once + +#include +#include +#include "COFFHeader.hpp" +#include "OptionalHeader.hpp" +#include "SectionEntry.hpp" +#include "Buffer.hpp" + +#define NO_MALLOC "Memory allocation failed\n" +#define NO_SIGNATURE "Executable file does not contain a valid signature\n" +#define NO_MAGIC "Executable file does not contain a valid magic number in its optional header\n" + +class PortableExecutable { +public: + PortableExecutable(); + virtual ~PortableExecutable(); + + void parse(Buffer buffer); + void relocate(void* address); + + unsigned char* getMsdosStub(); + char* getSignature(); + COFFHeader* getCoffHeader(); + OptionalHeader* getOptionalHeader(); + SectionEntry* getSectionTable(); + +private: + unsigned char* msdos_stub; + char* signature; + COFFHeader* coff_header; + OptionalHeader* optional_header; + SectionEntry* section_table; +}; \ No newline at end of file diff --git a/SectionEntry.cpp b/SectionEntry.cpp new file mode 100644 index 0000000..0e55b40 --- /dev/null +++ b/SectionEntry.cpp @@ -0,0 +1,8 @@ +#include "SectionEntry.hpp" + +SectionEntry::SectionEntry() { +} + +SectionEntry::~SectionEntry() { +} + diff --git a/SectionEntry.hpp b/SectionEntry.hpp new file mode 100644 index 0000000..05352c5 --- /dev/null +++ b/SectionEntry.hpp @@ -0,0 +1,20 @@ +#pragma once + +#include + +class SectionEntry { +public: + SectionEntry(); + virtual ~SectionEntry(); +private: + char name[0x8]; + uint32_t virtual_size; + uint32_t virtual_address; + uint32_t raw_data_size; + uint32_t raw_data_ptr; + uint32_t relocation_ptr; + uint32_t line_number_ptr; + uint16_t number_of_relocation; + uint16_t number_of_line_number; + uint32_t characteristics; +}; \ No newline at end of file diff --git a/SectionTableEntry.cpp b/SectionTableEntry.cpp deleted file mode 100644 index 378ed9e..0000000 --- a/SectionTableEntry.cpp +++ /dev/null @@ -1,8 +0,0 @@ -#include "SectionTableEntry.hpp" - -SectionTableEntry::SectionTableEntry() { -} - -SectionTableEntry::~SectionTableEntry() { -} - diff --git a/SectionTableEntry.hpp b/SectionTableEntry.hpp deleted file mode 100644 index f8d1336..0000000 --- a/SectionTableEntry.hpp +++ /dev/null @@ -1,9 +0,0 @@ -#pragma once - -class SectionTableEntry { -public: - SectionTableEntry(); - virtual ~SectionTableEntry(); -private: - -}; \ No newline at end of file diff --git a/nbproject/Makefile-Debug.mk b/nbproject/Makefile-Debug.mk index 0084371..01c09e4 100644 --- a/nbproject/Makefile-Debug.mk +++ b/nbproject/Makefile-Debug.mk @@ -36,17 +36,21 @@ OBJECTDIR=${CND_BUILDDIR}/${CND_CONF}/${CND_PLATFORM} # Object Files OBJECTFILES= \ ${OBJECTDIR}/Buffer.o \ + ${OBJECTDIR}/COFFHeader.o \ + ${OBJECTDIR}/COFFSymbol.o \ + ${OBJECTDIR}/DataDirectory.o \ ${OBJECTDIR}/Main.o \ - ${OBJECTDIR}/PE.o \ - ${OBJECTDIR}/SectionTableEntry.o + ${OBJECTDIR}/OptionalHeader.o \ + ${OBJECTDIR}/PortableExecutable.o \ + ${OBJECTDIR}/SectionEntry.o # C Compiler Flags CFLAGS= # CC Compiler Flags -CCFLAGS= -CXXFLAGS= +CCFLAGS=-fpermissive +CXXFLAGS=-fpermissive # Fortran Compiler Flags FFLAGS= @@ -70,20 +74,40 @@ ${OBJECTDIR}/Buffer.o: Buffer.cpp ${RM} "$@.d" $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/Buffer.o Buffer.cpp +${OBJECTDIR}/COFFHeader.o: COFFHeader.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/COFFHeader.o COFFHeader.cpp + +${OBJECTDIR}/COFFSymbol.o: COFFSymbol.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/COFFSymbol.o COFFSymbol.cpp + +${OBJECTDIR}/DataDirectory.o: DataDirectory.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/DataDirectory.o DataDirectory.cpp + ${OBJECTDIR}/Main.o: Main.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/Main.o Main.cpp -${OBJECTDIR}/PE.o: PE.cpp +${OBJECTDIR}/OptionalHeader.o: OptionalHeader.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/OptionalHeader.o OptionalHeader.cpp + +${OBJECTDIR}/PortableExecutable.o: PortableExecutable.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" - $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/PE.o PE.cpp + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/PortableExecutable.o PortableExecutable.cpp -${OBJECTDIR}/SectionTableEntry.o: SectionTableEntry.cpp +${OBJECTDIR}/SectionEntry.o: SectionEntry.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" - $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/SectionTableEntry.o SectionTableEntry.cpp + $(COMPILE.cc) -g -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/SectionEntry.o SectionEntry.cpp # Subprojects .build-subprojects: diff --git a/nbproject/Makefile-Release.mk b/nbproject/Makefile-Release.mk index 0b08af3..05740af 100644 --- a/nbproject/Makefile-Release.mk +++ b/nbproject/Makefile-Release.mk @@ -36,9 +36,13 @@ OBJECTDIR=${CND_BUILDDIR}/${CND_CONF}/${CND_PLATFORM} # Object Files OBJECTFILES= \ ${OBJECTDIR}/Buffer.o \ + ${OBJECTDIR}/COFFHeader.o \ + ${OBJECTDIR}/COFFSymbol.o \ + ${OBJECTDIR}/DataDirectory.o \ ${OBJECTDIR}/Main.o \ - ${OBJECTDIR}/PE.o \ - ${OBJECTDIR}/SectionTableEntry.o + ${OBJECTDIR}/OptionalHeader.o \ + ${OBJECTDIR}/PortableExecutable.o \ + ${OBJECTDIR}/SectionEntry.o # C Compiler Flags @@ -70,20 +74,40 @@ ${OBJECTDIR}/Buffer.o: Buffer.cpp ${RM} "$@.d" $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/Buffer.o Buffer.cpp +${OBJECTDIR}/COFFHeader.o: COFFHeader.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/COFFHeader.o COFFHeader.cpp + +${OBJECTDIR}/COFFSymbol.o: COFFSymbol.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/COFFSymbol.o COFFSymbol.cpp + +${OBJECTDIR}/DataDirectory.o: DataDirectory.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/DataDirectory.o DataDirectory.cpp + ${OBJECTDIR}/Main.o: Main.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/Main.o Main.cpp -${OBJECTDIR}/PE.o: PE.cpp +${OBJECTDIR}/OptionalHeader.o: OptionalHeader.cpp + ${MKDIR} -p ${OBJECTDIR} + ${RM} "$@.d" + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/OptionalHeader.o OptionalHeader.cpp + +${OBJECTDIR}/PortableExecutable.o: PortableExecutable.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" - $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/PE.o PE.cpp + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/PortableExecutable.o PortableExecutable.cpp -${OBJECTDIR}/SectionTableEntry.o: SectionTableEntry.cpp +${OBJECTDIR}/SectionEntry.o: SectionEntry.cpp ${MKDIR} -p ${OBJECTDIR} ${RM} "$@.d" - $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/SectionTableEntry.o SectionTableEntry.cpp + $(COMPILE.cc) -O2 -MMD -MP -MF "$@.d" -o ${OBJECTDIR}/SectionEntry.o SectionEntry.cpp # Subprojects .build-subprojects: diff --git a/nbproject/configurations.xml b/nbproject/configurations.xml index df52eb0..e46469e 100644 --- a/nbproject/configurations.xml +++ b/nbproject/configurations.xml @@ -5,8 +5,13 @@ displayName="Header Files" projectFiles="true"> Buffer.hpp - PE.hpp - SectionTableEntry.hpp + COFFHeader.hpp + COFFSymbol.hpp + DataDirectory.hpp + Defines.hpp + OptionalHeader.hpp + PortableExecutable.hpp + SectionEntry.hpp Buffer.cpp + COFFHeader.cpp + COFFSymbol.cpp + DataDirectory.cpp Main.cpp - PE.cpp - SectionTableEntry.cpp + OptionalHeader.cpp + PortableExecutable.cpp + SectionEntry.cpp + + + + + Makefile gcc + + -fpermissive + + + + + + + + + + + + + + + - + - + - + - + + + + + @@ -84,15 +125,33 @@ + + + + + + + + + + + + + + - + + + + + - + - + - + diff --git a/nbproject/private/configurations.xml b/nbproject/private/configurations.xml index a8f74c2..91013ac 100644 --- a/nbproject/private/configurations.xml +++ b/nbproject/private/configurations.xml @@ -13,8 +13,6 @@ - - diff --git a/nbproject/private/private.xml b/nbproject/private/private.xml index 7c16849..94110f0 100644 --- a/nbproject/private/private.xml +++ b/nbproject/private/private.xml @@ -7,10 +7,11 @@ - file:/home/bohdloss/NetBeansProjects/ExeInterpreter/PE.cpp + file:/home/bohdloss/NetBeansProjects/ExeInterpreter/PortableExecutable.cpp file:/home/bohdloss/NetBeansProjects/ExeInterpreter/Main.cpp - file:/home/bohdloss/NetBeansProjects/ExeInterpreter/Buffer.hpp - file:/home/bohdloss/NetBeansProjects/ExeInterpreter/PE.hpp + file:/home/bohdloss/NetBeansProjects/ExeInterpreter/COFFHeader.hpp + file:/home/bohdloss/NetBeansProjects/ExeInterpreter/PortableExecutable.hpp + file:/home/bohdloss/NetBeansProjects/ExeInterpreter/COFFHeader.cpp