From e2475c34dd2cd7f4bbbe4b7e6ad16eb495bf452a Mon Sep 17 00:00:00 2001 From: midipix Date: Tue, 26 May 2015 22:57:56 -0400 Subject: pe_get_image_section_tbl_addr() and pe_get_image_named_section_addr(): initial commit. --- include/pemagine/pemagine.h | 2 + src/headers/pe_get_image_section_tbl_addr.c | 58 +++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 src/headers/pe_get_image_section_tbl_addr.c diff --git a/include/pemagine/pemagine.h b/include/pemagine/pemagine.h index 8beb5e4..d5cb241 100644 --- a/include/pemagine/pemagine.h +++ b/include/pemagine/pemagine.h @@ -156,6 +156,8 @@ pe_api struct pe_image_dos_hdr *pe_get_image_dos_hdr_addr (const void * base); pe_api struct pe_coff_file_hdr *pe_get_image_coff_hdr_addr (const void * base); pe_api union pe_opt_hdr * pe_get_image_opt_hdr_addr (const void * base); pe_api struct pe_data_dirs * pe_get_image_data_dirs_addr (const void * base); +pe_api struct pe_sec_hdr * pe_get_image_section_tbl_addr (const void * base); +pe_api struct pe_sec_hdr * pe_get_image_named_section_addr (const void * base, const char * name); pe_api struct pe_export_hdr * pe_get_image_export_hdr_addr (const void * base, uint32_t * sec_size); pe_api struct pe_import_hdr * pe_get_image_import_dir_addr (const void * base, uint32_t * sec_size); pe_api void * pe_get_image_special_hdr_addr (const void * base, uint32_t ordinal, uint32_t * sec_size); diff --git a/src/headers/pe_get_image_section_tbl_addr.c b/src/headers/pe_get_image_section_tbl_addr.c new file mode 100644 index 0000000..01dabb5 --- /dev/null +++ b/src/headers/pe_get_image_section_tbl_addr.c @@ -0,0 +1,58 @@ +/*****************************************************************************/ +/* pemagination: a (virtual) tour into portable bits and executable bytes */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.PEMAGINE. */ +/*****************************************************************************/ + +#include +#include +#include +#include +#include "pe_impl.h" + +pe_api +struct pe_sec_hdr * pe_get_image_section_tbl_addr (const void * base) +{ + struct pe_coff_file_hdr * coff; + union pe_opt_hdr * opt; + + if (!(coff = pe_get_image_coff_hdr_addr(base))) + return 0; + + if (!(opt = pe_get_image_opt_hdr_addr(base))) + return 0; + + return (struct pe_sec_hdr *)((char *)opt + *(uint16_t *)coff->size_of_opt_hdr); +} + +pe_api +struct pe_sec_hdr * pe_get_image_named_section_addr (const void * base, const char * name) +{ + uint16_t count; + struct pe_sec_hdr * hdr; + struct pe_coff_file_hdr*coff; + char * ch; + uint32_t len; + uint32_t pos; + uint64_t sname = 0; + + if (!(hdr = pe_get_image_section_tbl_addr(base))) + return 0; + + coff = pe_get_image_coff_hdr_addr(base); + count = *(uint16_t *)coff->num_of_sections; + + if ((len = pe_impl_strlen_ansi(name)) > 8) { + /* todo: long name support */ + return 0; + } else { + for (pos=0, ch=(char *)&sname; posname == sname) + return hdr; + } + + return 0; +} -- cgit v1.2.3