pe.h

来自「SimpleGraphicOperatingSystem 32位图形化操作系统 」· C头文件 代码 · 共 245 行

#ifndef _PE_H_
#define _PE_H_

#include <type.h>

/* Dos Header */
#define IMAGE_DOS_SIGNATURE 0x5A4D
typedef struct _IMAGE_DOS_HEADER {
	t_16 e_magic;
	t_16 e_cblp;
	t_16 e_cp;
	t_16 e_crlc;
	t_16 e_cparhdr;
	t_16 e_minalloc;
	t_16 e_maxalloc;
	t_16 e_ss;
	t_16 e_sp;
	t_16 e_csum;
	t_16 e_ip;
	t_16 e_cs;
	t_16 e_lfarlc;
	t_16 e_ovno;
	t_16 e_res[4];
	t_16 e_oemid;
	t_16 e_oeminfo;
	t_16 e_res2[10];
	t_32 e_lfanew;
} IMAGE_DOS_HEADER,*PIMAGE_DOS_HEADER;

/* Coff Header */
typedef struct _FILEHDR{
  unsigned short usMagic;  // 魔法数字
  unsigned short usNumSec;  // 段落（Section）数
  unsigned long  ulTime;  // 时间戳
  unsigned long  ulSymbolOffset;  // 符号表偏移
  unsigned long  ulNumSymbol;  // 符号数
  unsigned short usOptHdrSZ;  // 可选头长度
  unsigned short usFlags;  // 文件标记
} FILEHDR, FileHeader, *PFileHeader;


#define F_RELFLG 0x0001   // 无重定位信息标记。
#define F_EXEC 0x0002   // 可执行标记
#define F_LNNO 0x0004   // 文件中所有行号已经被去掉
#define F_LSYMS 0x0008   // 文件中的符号信息已经被去掉。
#define F_AR32WR 0x0100   // 无

#define IS_OBJ( flag ) (!(flag&(F_EXEC|F_LSYMS)))
#define IS_EXE( flag ) ( flag&F_EXEC )

//Data Directory
#define NUM_OF_IMAGE_DATA_DIRECTORY	10
typedef struct _IMAGE_DATA_DIRECTORY {
	ULONG RVA;
	ULONG Size;
} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;

//可选头部
typedef struct _IMAGE_OPTIONAL_HEADER {
  // 标准域
  USHORT Magic;
  UCHAR MajorLinkerVersion;
  UCHAR MinorLinkerVersion;
  ULONG SizeOfCode;
  ULONG SizeOfInitializedData;
  ULONG SizeOfUninitializedData;
  ULONG AddressOfEntryPoint;
  ULONG BaseOfCode;
  ULONG BaseOfData;
  // NT附加域
  ULONG ImageBase;
  ULONG SectionAlignment;
  ULONG FileAlignment;
  USHORT MajorOperatingSystemVersion;
  USHORT MinorOperatingSystemVersion;
  USHORT MajorImageVersion;
  USHORT MinorImageVersion;
  USHORT MajorSubsystemVersion;
  USHORT MinorSubsystemVersion;
  ULONG Reserved1;
  ULONG SizeOfImage;
  ULONG SizeOfHeaders;
  ULONG CheckSum;
  USHORT Subsystem;
  USHORT DllCharacteristics;
  ULONG SizeOfStackReserve;
  ULONG SizeOfStackCommit;
  ULONG SizeOfHeapReserve;
  ULONG SizeOfHeapCommit;
  ULONG LoaderFlags;
  ULONG NumberOfRvaAndSizes;
  IMAGE_DATA_DIRECTORY	DataDirectory[NUM_OF_IMAGE_DATA_DIRECTORY];
} IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER, OptionalHeader, *POptionalHeader;
#define IMAGE_DIRECTORY_ENTRY_EXPORT	0
#define IMAGE_DIRECTORY_ENTRY_IMPORT	1
#define IMAGE_DIRECTORY_ENTRY_RESOURCE	2
#define IMAGE_DIRECTORY_ENTRY_EXCEPTION	3
#define IMAGE_DIRECTORY_ENTRY_SECURITY	4
#define IMAGE_DIRECTORY_ENTRY_BASERELOC	5
#define IMAGE_DIRECTORY_ENTRY_DEBUG	6
#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT	7
#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR	8
#define IMAGE_DIRECTORY_ENTRY_TLS	9
#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	10
#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	11
#define IMAGE_DIRECTORY_ENTRY_IAT	12
typedef struct __attribute__((packed)) HintNameTable{
	USHORT	Hint;	//Index into the Export Name Pointer Table.
	CHAR	Name[];	//ASCII string containing name to import.
}HintNameTable, *PHintNameTable;

//Import dir entry
typedef struct ImportDirectoryTable{
	ULONG ImportLookupTable;	//Relative virtual address of the Import Lookup Table;
	ULONG	TimeStamp;	//Set to zero until bound; then this field is set to the time/data stamp of the DLL.
	ULONG FowarderChain;	//Index of first forwarder reference.
	ULONG Name;		//Address of ASCII string containing the DLL name.
	ULONG ImportAddressTable;	//Relative virtual address of the Import Address Table
}ImportDirectoryTable, *PImportDirectoryTable;
//Export dir entry
typedef struct ExportDirectoryTable{
	ULONG ExportFlags; 	//* A reserved field, set to zero for now.
	ULONG TimeStamp;		// Time and date the export data was created.
	USHORT MajorVersion;	//
	USHORT MinorVersion;	//
	ULONG Name;			//Address of ASCII string containing the DLL name.
	ULONG OrdinalBase;
	//Starting ordinal number for exports in this image.
	//This field specifies the starting ordinal number for the Export Address
	//Table. Usually set to 1.
	ULONG AddressTableEntries;	// Number of entries in the Export Address Table.
	ULONG NumberOfNamePointers;	// Number of entries in the Name Pointer Table
	ULONG ExportAddressTable;		// Address of the Export Address Table, relative to the image base.
	ULONG NamePointerTable;				//Address of the Export Name Pointer Table,
	ULONG OrdinalTable;		//
}ExportDirectoryTable, *PExportDirectoryTable;

typedef struct ExportAddressTable{
	ULONG Address;	//RVA
	ULONG Forwarder;	//RVA
}ExportAddressTable, *PExportAddressTable;



typedef struct {
  char           cName[8];  // 段名
  unsigned long  ulVSize;  // 虚拟大小
  unsigned long  ulVAddr;  // 虚拟地址
  unsigned long  ulSize;  // 段长度
  unsigned long  ulSecOffset;  // 段数据偏移
  unsigned long  ulRelOffset;  // 段重定位表偏移
  unsigned long  ulLNOffset;  // 行号表偏移
  unsigned short ulNumRel;  // 重定位表长度
  unsigned short ulNumLN;  // 行号表长度
  unsigned long  ulFlags;  // 段标识
} SECHDR, SectionHeader, *PSectionHeader;

#define STYP_TEXT 0x0020   //正文段标识，说明该段是代码。
#define STYP_DATA 0x0040   //数据段标识，有些标识的段将用来保存已初始化数据。
#define STYP_BSS 0x0080   //有这个标识段也是用来保存数据，不过这里的数据是未初始化数据。

typedef struct __attribute__((packed)){
  unsigned long  ulAddr;  // 定位偏移
  unsigned long  ulSymbol;  // 符号
  unsigned short usType;  // 定位类型
} RELOC, Relocation, *pRelocation;
#define RELOC_ADDR32 6   //32位绝对定位
#define RELOC_REL32 0x14   //32位相对定位

typedef struct __attribute__((packed)){
  union {
    char cName[8];            // 符号名称
    struct {
      unsigned long ulZero;   // 字符串表标识
      unsigned long ulOffset; // 字符串偏移
    } e;
  } e;
  unsigned long ulValue;     // 符号值
  short iSection;            // 符号所在段
  unsigned short usType;     // 符号类型
  unsigned char usClass;     // 符号存储类型
  unsigned char usNumAux;    // 符号附加记录数
} SYMENT, SymbolEntry, *PSymbolEntry;

#define SYM_CLASS_NULL 0 //无存储类型。
#define SYM_CLASS_AUTOMATIC 1 //自动类型。通常是在栈中分配的变量。
#define SYM_CLASS_EXTERNAL 2 //外部符号。当为外部符号时，iSection的值应该为0，如果不为0，则ulValue为符号在段中的偏移。
#define SYM_CLASS_STATIC 3 //静态类型。ulValue为符号在段中的偏移。如果偏移为0，那么这个符号代表段名。。
#define SYM_CLASS_REGISTER 4 //寄存器变量。
#define SYM_CLASS_MEMBER_OF_STRUCT 8 //结构成员。ulValue值为该符号在结构中的顺序。
#define SYM_CLASS_STRUCT_TAG 10 //结构标识符。
#define SYM_CLASS_MEMBER_OF_UNION 11 //联合成员。ulValue值为该符号在联合中的顺序。
#define SYM_CLASS_UNION_TAG 12 //联合标识符。
#define SYM_CLASS_TYPE_DEFINITION 13 //类型定义。
#define SYM_CLASS_FUNCTION 101 //函数名。
#define SYM_CLASS_FILE 102 //文件名。

#define PE_OFFSET 0x80
#define ALIGN(a, b) (a%b?((a/b+1)*b):a)


/* Resources */
typedef struct _IMAGE_RESOURCE_DIRECTORY {
	t_32 Characteristics;
	t_32 TimeDateStamp;
	t_16 MajorVersion;
	t_16 MinorVersion;
	t_16 NumberOfNamedEntries;
	t_16 NumberOfIdEntries;
} IMAGE_RESOURCE_DIRECTORY,*PIMAGE_RESOURCE_DIRECTORY;
#define MAKEINTRESOURCE MAKEINTRESOURCEA
#define MAKEINTRESOURCEA(i) (char*)((Dt_16)((t_16)(i)))
#define RT_CURSOR MAKEINTRESOURCE(1)
#define RT_FONT MAKEINTRESOURCE(8)
#define RT_BITMAP MAKEINTRESOURCE(2)
#define RT_ICON MAKEINTRESOURCE(3)
#define RT_MENU MAKEINTRESOURCE(4)
#define RT_DIALOG MAKEINTRESOURCE(5)
#define RT_STRING MAKEINTRESOURCE(6)
#define RT_FONTDIR MAKEINTRESOURCE(7)
#define RT_ACCELERATOR MAKEINTRESOURCE(9)
#define RT_RCDATA MAKEINTRESOURCE(10)
#define RT_MESSAGETABLE MAKEINTRESOURCE(11)
#define DIFFERENCE 11
#define RT_GROUP_CURSOR MAKEINTRESOURCE((Dt_16)RT_CURSOR+DIFFERENCE)
#define RT_GROUP_ICON MAKEINTRESOURCE((Dt_16)RT_ICON+DIFFERENCE)
#define RT_VERSION MAKEINTRESOURCE(16)
#define RT_DLGINCLUDE MAKEINTRESOURCE(17)
#define RT_PLUGPLAY MAKEINTRESOURCE(19)
#define RT_VXD MAKEINTRESOURCE(20)
#define RT_ANICURSOR MAKEINTRESOURCE(21)
#define RT_ANIICON MAKEINTRESOURCE(22)
#define RT_HTML MAKEINTRESOURCE(23)










#endif //_PE_H_