2005-09-18 23:19:28 +00:00
|
|
|
/*
|
2015-09-17 13:41:26 -04:00
|
|
|
* Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
|
2008-04-02 15:24:51 +00:00
|
|
|
* Copyright (C) 2007-2008 Sourcefire, Inc.
|
|
|
|
|
*
|
|
|
|
|
* Authors: Tomasz Kojm
|
2005-09-18 23:19:28 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
2008-04-02 15:24:51 +00:00
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
* published by the Free Software Foundation.
|
2005-09-18 23:19:28 +00:00
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2006-04-09 19:59:28 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
|
|
|
|
* MA 02110-1301, USA.
|
2005-09-18 23:19:28 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __EXECS_H
|
|
|
|
|
#define __EXECS_H
|
|
|
|
|
|
|
|
|
|
#include "cltypes.h"
|
2010-01-04 14:56:04 +01:00
|
|
|
#include "hashtab.h"
|
2009-09-25 16:57:43 +03:00
|
|
|
#include "bcfeatures.h"
|
2010-01-04 14:56:04 +01:00
|
|
|
|
2009-11-24 14:53:15 +02:00
|
|
|
/** @file */
|
2010-09-02 18:04:00 +03:00
|
|
|
/** Section of executable file.
|
|
|
|
|
\group_pe
|
|
|
|
|
*/
|
2005-09-18 23:19:28 +00:00
|
|
|
struct cli_exe_section {
|
2009-11-24 14:53:15 +02:00
|
|
|
uint32_t rva;/**< Relative VirtualAddress */
|
|
|
|
|
uint32_t vsz;/**< VirtualSize */
|
|
|
|
|
uint32_t raw;/**< Raw offset (in file) */
|
|
|
|
|
uint32_t rsz;/**< Raw size (in file) */
|
|
|
|
|
uint32_t chr;/**< Section characteristics */
|
|
|
|
|
uint32_t urva; /**< PE - unaligned VirtualAddress */
|
|
|
|
|
uint32_t uvsz; /**< PE - unaligned VirtualSize */
|
|
|
|
|
uint32_t uraw; /**< PE - unaligned PointerToRawData */
|
|
|
|
|
uint32_t ursz; /**< PE - unaligned SizeOfRawData */
|
2005-09-18 23:19:28 +00:00
|
|
|
};
|
|
|
|
|
|
2010-09-02 18:04:00 +03:00
|
|
|
/** Executable file information
|
|
|
|
|
\group_pe
|
|
|
|
|
*/
|
2005-09-18 23:19:28 +00:00
|
|
|
struct cli_exe_info {
|
2009-11-24 14:53:15 +02:00
|
|
|
/** Information about all the sections of this file.
|
|
|
|
|
* This array has \p nsection elements */
|
2010-09-02 18:04:00 +03:00
|
|
|
struct cli_exe_section *section;
|
2009-11-24 14:53:15 +02:00
|
|
|
/** Offset where this executable start in file (nonzero if embedded) */
|
2009-09-30 13:41:02 +03:00
|
|
|
uint32_t offset;
|
2009-11-24 14:53:15 +02:00
|
|
|
/** Entrypoint of executable */
|
2005-09-18 23:19:28 +00:00
|
|
|
uint32_t ep;
|
2009-11-24 14:53:15 +02:00
|
|
|
/** Number of sections*/
|
2005-09-18 23:19:28 +00:00
|
|
|
uint16_t nsections;
|
2010-10-19 16:23:19 +03:00
|
|
|
void *dummy;/* for compat - preserve offset */
|
2018-02-21 15:00:59 -05:00
|
|
|
/** Resources RVA - PE ONLY */
|
2010-07-30 15:54:15 +02:00
|
|
|
uint32_t res_addr;
|
|
|
|
|
/** Address size - PE ONLY */
|
|
|
|
|
uint32_t hdr_size;
|
2010-10-19 16:23:19 +03:00
|
|
|
/** Hashset for versioninfo matching */
|
|
|
|
|
struct cli_hashset vinfo;
|
2005-09-18 23:19:28 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#endif
|
