📄 pedump.c
字号:
static char buff[512]; // result of translation
int is = 0;
char pStack[32]; // parameter processing stack
Str_P sStack[32]; // String processing stack
Str_P tok; // String token
Str_P c_str; // current string
int iend = 0;
char *endTab[8]; // end of string position check
char *ps;
char *pin, *pout;
BOOL stringMode = TRUE;
if (*psz != '@')
return psz;
pin = psz;
pout = buff;
ps = pStack;
//................................................................
// serious users may need to run the following code.
// so I may need to include some flag options...
// If you want to know about how translation is done,
// you can just revive following line and you can see it.
// october 6, 1997 ... sang cho
//printf ("\n................................... %s", psz); // for debugging...
//pa = pb = pout;
pin++;
tok.flag = 'A';
tok.pos = pout;
tok.length = 0;
tok.wasString = stringMode;
sStack[is++] = tok; // initialize sStack with dummy marker
while (*pin)
{
while (*pin)
{
c = *pin;
//---------------------------------------------
// check for the end of number specified string
//---------------------------------------------
if (iend > 0)
{
for (i = 0; i < iend; i++)
if (pin == endTab[i])
break;
if (i < iend)
{
// move the end of endTab to ith position
endTab[i] = endTab[iend - 1];
iend--;
// get top of the string stack
tok = sStack[is - 1];
// I am expecting '#' token from stack
if (tok.flag != '#')
{
printf ("\n**some serious error1** %c is = %d char = %c",
tok.flag, is, *pin);
exit (0);
}
// pop '#' token I am happy now.
else
{ //if (c)
//printf("\n pop # token ... current char = %c", c);
//else printf("\n pop percent token..next char = NULL");
is--;
}
stringMode = tok.wasString;
if (!stringMode)
{
// need to process postfix finally
cc = *(ps - 1);
if (strchr ("qtx", cc))
{
if (!strchr ("@$%", c))
*pout++ = ',';
}
else
{
switch (cc)
{
case 'r':
strcpy (pout, "*&");
pout += 2;
ps--;
break;
case 'p':
strcpy (pout, "**");
pout += 2;
ps--;
break;
case '&':
strcpy (pout, "&");
pout += 1;
ps--;
break;
case '*':
strcpy (pout, "*");
pout += 1;
ps--;
break;
default:
strcpy (pout, "!3!");
pout += 3;
ps--;
break;
}
if (!strchr ("@$%", c))
*pout++ = ',';
}
}
// string mode restored...
else;
}
else; // do nothing..
}
//------------------------------------------------
// special control symbol processing:
//------------------------------------------------
if (strchr ("@$%", c))
break;
//---------------------------------------------------------------
// string part processing : no '$' met yet
// or inside of '%' block
// or inside of '#' block (numbered string)
//---------------------------------------------------------------
else if (stringMode)
*pout++ = *pin++;
//else if (is > 1) *pout++ = *pin++;
//------------------------------------------------
// parameter part processing: '$' met
//------------------------------------------------
else // parameter processing
{
if (!isdigit (c))
TranslateParameters (&pin, &pout, &ps);
else // number specified string processing
{
n = GetStringLength (pin);
if (n < 10)
pin++;
else
pin += 2;
// push '#' token
//if (*pin)
//printf("\n push # token .. char = %c", *pin);
//else printf("\n push percent token..next char = NULL");
tok.flag = '#';
tok.pos = pout;
tok.length = 0;
tok.wasString = stringMode;
sStack[is++] = tok;
// mark end of input string
endTab[iend++] = pin + n;
stringMode = TRUE;
}
}
} // end of inner while loop
//
// beginning of new string or end of string ( quotation mark )
//
if (c == '%')
{
pin++; // anyway we have to proceed...
tok = sStack[is - 1]; // get top of the sStack
if (tok.flag == '%')
{
// pop '%' token and set c_str
//if (*pin)
//printf("\n pop percent token..next char = %c", *pin);
//else printf("\n pop percent token..next char = NULL");
is--;
c_str = tok;
c_str.length = pout - c_str.pos;
if (*(ps - 1) == 't')
{
*pout++ = '>';
ps--;
stringMode = tok.wasString;
}
else
{
printf ("\n**some string error3** stack = %c", *(ps - 1));
exit (0);
}
}
else if (tok.flag == 'A' || tok.flag == '#')
{
// push '%' token
//if (*pin)
//printf("\n push percent token..next char = %c", *pin);
//else printf("\n push percent token..next char = NULL");
tok.flag = '%';
tok.pos = pout;
tok.length = 0;
tok.wasString = stringMode;
sStack[is++] = tok;
}
else
{
printf ("\n**some string error5**");
exit (0);
}
}
//
// sometimes we need string to use as constructor name or destructor name
//
else if (c == '@') // get string from previous marker upto here.
{
pin++;
tok = sStack[is - 1];
c_str.flag = 'S';
c_str.pos = tok.pos;
c_str.length = pout - tok.pos;
c_str.wasString = stringMode;
*pout++ = ':';
*pout++ = ':';
}
//
// we need to take care of parameter control sequence
//
else if (c == '$') // need to precess template or parameter part
{
pin++;
if (stringMode)
stringMode = StringExpands (&pin, &pout, &ps, &c_str);
else
{ // template parameter mode I guess "$t"
if (is > 1)
{
if (*pin == 't')
pin++;
else
{
printf ("\nMYGOODNESS1 %c", *pin);
exit (0);
}
//ps--;
//if (*ps == 't') *pout++ = '>';
//else { printf("\nMYGOODNESS2"); exit(0);}
*pout++ = ','; //pin++; ..this almost blowed me....
}
// real parameter mode I guess
// unexpected case is found ... humm what can I do...
else
{
// this is newly found twist.. it really hurts.
if (ps <= pStack)
{
if (*pin == 'q')
{
*ps++ = 'q';
*pout++ = '(';
pin++;
}
else
{
printf ("\n** I GIVEUP ***");
exit (0);
}
continue;
}
ps--;
while (*ps != 'q')
{
if (*ps == '*')
*pout++ = '*';
else if (*ps == '&')
*pout++ = '&';
else if (*ps == 'p')
{
*pout++ = '*';
*pout++ = '*';
}
else if (*ps == 'r')
{
*pout++ = '*';
*pout++ = '&';
}
else
{
printf ("\n*** SOMETHING IS WRONG1*** char= %c", *pin);
exit (0);
}
ps--;
}
*pout++ = ')';
ps--;
while (*ps != 'q')
{
if (*ps == '*')
*pout++ = '*';
else if (*ps == '&')
*pout++ = '&';
else if (*ps == 'p')
{
*pout++ = '*';
*pout++ = '*';
}
else if (*ps == 'r')
{
*pout++ = '*';
*pout++ = '&';
}
else
{
printf ("\n*** SOMETHING IS WRONG2***");
exit (0);
}
ps--;
}
ps++;
*pout++ = ',';
}
}
} // end of '$' processing
} // end of outer while loop
//
// need to process remaining parameter stack
//
while (ps > pStack)
{
ps--;
switch (*ps)
{
case 't':
*pout++ = '>';
break;
case 'q':
*pout++ = ')';
break;
case 'x':
strcpy (pout, " const");
pout += 6;
break;
case 'r':
strcpy (pout, "*&");
pout += 2;
break;
case 'p':
strcpy (pout, "**");
pout += 2;
break;
case '&':
*pout++ = '&';
break;
case '*':
*pout++ = '*';
break;
default:
strcpy (pout, "!4!");
pout += 3;
*pout++ = *ps;
}
}
*pout = 0;
return buff;
}
//
// This function is written by sang cho
//
//
/* get exported function names separated by null terminators, return count of functions */
int WINAPI
GetExportFunctionNames (
LPVOID lpFile,
char **pszFunctions)
{
//PIMAGE_SECTION_HEADER psh;
PIMAGE_EXPORT_DIRECTORY ped;
//DWORD dwBase;
DWORD imageBase; //===========================
char *pfns[8192] =
{NULL,}; // maximum number of functions
//=============================
char buff[256]; // enough for any string ??
char *psz = NULL; //===============================
DWORD *pdwAddress;
DWORD *pdw1;
DWORD *pdwNames;
WORD *pwOrd;
int i, nCnt = 0, ntmp = 0;
int enid = 0, ordBase = 1; // usally ordBase is 1....
int enames = 0;
/* get section header and pointer to data directory for .edata section */
ped = (PIMAGE_EXPORT_DIRECTORY)
ImageDirectoryOffset (lpFile, IMAGE_DIRECTORY_ENTRY_EXPORT);
if (ped == NULL)
return 0;
//
// sometimes there may be no section for idata or edata
// instead rdata or data section may contain these sections ..
// or even module names or function names are in different section.
// so that's why we need to get actual address each time.
// ...................sang cho..................
//
//psh = (PIMAGE_SECTION_HEADER)
//ImageDirectorySection(lpFile, IMAGE_DIRECTORY_ENTRY_EXPORT);
//if (psh == NULL) return 0;
//dwBase = (DWORD)((int)lpFile + psh->PointerToRawData - psh->VirtualAddress);
/* determine the offset of the export function names */
pdwAddress = (DWORD *) GetActualAddress (lpFile, (DWORD) ped->AddressOfFunctions);
imageBase = (DWORD) GetImageBase (lpFile);
ordBase = ped->Base;
if (ped->NumberOfNames > 0)
{
pdwNames = (DWORD *)
GetActualAddress (lpFile, (DWORD) ped->AddressOfNames);
pwOrd = (WORD *)
GetActualAddress (lpFile, (DWORD) ped->AddressOfNameOrdinals);
pdw1 = pdwAddress;
/* figure out how much memory to allocate for all strings */
for (i = 0; i < (int) ped->NumberOfNames; i++)
{
nCnt += strlen ((char *)
GetActualAddress (lpFile, *(DWORD *) pdwNames)) + 1 + 6;
pdwNames++;
}
// get the number of unnamed functions
for (i = 0; i < (int) ped->NumberOfFunctions; i++)
if (*pdw1++)
ntmp++;
// add memory required to show unnamed functions.
if (ntmp > (int) ped->NumberOfNames)
nCnt += 18 * (ntmp - (int) ped->NumberOfNames);
/* allocate memory for function names */
*pszFunctions = (char *) calloc (nCnt, 1);
pdwNames = (DWORD *) GetActual⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -