1 #ifndef MICROSOFT_PE_H_ 2 #define MICROSOFT_PE_H_ 3 4 // This is a generated file! Please edit source .ksy file and use 5 // kaitai-struct-compiler to rebuild 6 7 #include <kaitai/kaitaistream.h> 8 #include <kaitai/kaitaistruct.h> 9 10 #include <cstdint> 11 #include <vector> 12 13 namespace veles { 14 namespace kaitai { 15 namespace microsoft_pe { 16 17 class microsoft_pe_t : public kaitai::kstruct { 18 public: 19 class optional_header_windows_t; 20 class optional_header_data_dirs_t; 21 class data_dir_t; 22 class optional_header_t; 23 class section_t; 24 class mz_placeholder_t; 25 class optional_header_std_t; 26 class coff_header_t; 27 28 explicit microsoft_pe_t(kaitai::kstream* p_io, 29 kaitai::kstruct* p_parent = nullptr, 30 microsoft_pe_t* p_root = nullptr); 31 veles::dbif::ObjectHandle veles_obj; 32 ~microsoft_pe_t(); 33 34 class optional_header_windows_t : public kaitai::kstruct { 35 public: 36 enum subsystem_t { 37 SUBSYSTEM_UNKNOWN = 0, 38 SUBSYSTEM_NATIVE = 1, 39 SUBSYSTEM_WINDOWS_GUI = 2, 40 SUBSYSTEM_WINDOWS_CUI = 3, 41 SUBSYSTEM_POSIX_CUI = 7, 42 SUBSYSTEM_WINDOWS_CE_GUI = 9, 43 SUBSYSTEM_EFI_APPLICATION = 10, 44 SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER = 11, 45 SUBSYSTEM_EFI_RUNTIME_DRIVER = 12, 46 SUBSYSTEM_EFI_ROM = 13, 47 SUBSYSTEM_XBOX = 14 48 }; 49 50 explicit optional_header_windows_t( 51 kaitai::kstream* p_io, 52 microsoft_pe_t::optional_header_t* p_parent = nullptr, 53 microsoft_pe_t* p_root = nullptr); 54 veles::dbif::ObjectHandle veles_obj; 55 ~optional_header_windows_t(); 56 57 private: 58 uint32_t m_image_base; 59 bool n_image_base; 60 61 public: _is_null_image_base()62 bool _is_null_image_base() { 63 image_base(); 64 return n_image_base; 65 }; 66 67 private: 68 uint64_t m_image_base2; 69 bool n_image_base2; 70 71 public: _is_null_image_base2()72 bool _is_null_image_base2() { 73 image_base2(); 74 return n_image_base2; 75 }; 76 77 private: 78 uint32_t m_section_alignment; 79 uint32_t m_file_alignment; 80 uint16_t m_major_operating_system_version; 81 uint16_t m_minor_operating_system_version; 82 uint16_t m_major_image_version; 83 uint16_t m_minor_image_version; 84 uint16_t m_major_subsystem_version; 85 uint16_t m_minor_subsystem_version; 86 uint32_t m_win32_version_value; 87 uint32_t m_size_of_image; 88 uint32_t m_size_of_headers; 89 uint32_t m_check_sum; 90 subsystem_t m_subsystem; 91 uint16_t m_dll_characteristics; 92 uint32_t m_size_of_stack_reserve; 93 bool n_size_of_stack_reserve; 94 95 public: _is_null_size_of_stack_reserve()96 bool _is_null_size_of_stack_reserve() { 97 size_of_stack_reserve(); 98 return n_size_of_stack_reserve; 99 }; 100 101 private: 102 uint64_t m_size_of_stack_reserve2; 103 bool n_size_of_stack_reserve2; 104 105 public: _is_null_size_of_stack_reserve2()106 bool _is_null_size_of_stack_reserve2() { 107 size_of_stack_reserve2(); 108 return n_size_of_stack_reserve2; 109 }; 110 111 private: 112 uint32_t m_size_of_stack_commit; 113 bool n_size_of_stack_commit; 114 115 public: _is_null_size_of_stack_commit()116 bool _is_null_size_of_stack_commit() { 117 size_of_stack_commit(); 118 return n_size_of_stack_commit; 119 }; 120 121 private: 122 uint64_t m_size_of_stack_commit2; 123 bool n_size_of_stack_commit2; 124 125 public: _is_null_size_of_stack_commit2()126 bool _is_null_size_of_stack_commit2() { 127 size_of_stack_commit2(); 128 return n_size_of_stack_commit2; 129 }; 130 131 private: 132 uint32_t m_size_of_heap_reserve; 133 bool n_size_of_heap_reserve; 134 135 public: _is_null_size_of_heap_reserve()136 bool _is_null_size_of_heap_reserve() { 137 size_of_heap_reserve(); 138 return n_size_of_heap_reserve; 139 }; 140 141 private: 142 uint64_t m_size_of_heap_reserve2; 143 bool n_size_of_heap_reserve2; 144 145 public: _is_null_size_of_heap_reserve2()146 bool _is_null_size_of_heap_reserve2() { 147 size_of_heap_reserve2(); 148 return n_size_of_heap_reserve2; 149 }; 150 151 private: 152 uint32_t m_size_of_heap_commit; 153 bool n_size_of_heap_commit; 154 155 public: _is_null_size_of_heap_commit()156 bool _is_null_size_of_heap_commit() { 157 size_of_heap_commit(); 158 return n_size_of_heap_commit; 159 }; 160 161 private: 162 uint64_t m_size_of_heap_commit2; 163 bool n_size_of_heap_commit2; 164 165 public: _is_null_size_of_heap_commit2()166 bool _is_null_size_of_heap_commit2() { 167 size_of_heap_commit2(); 168 return n_size_of_heap_commit2; 169 }; 170 171 private: 172 uint32_t m_loader_flags; 173 uint32_t m_number_of_rva_and_sizes; 174 microsoft_pe_t* m__root; 175 microsoft_pe_t::optional_header_t* m__parent; 176 177 public: image_base()178 uint32_t image_base() const { return m_image_base; } image_base2()179 uint64_t image_base2() const { return m_image_base2; } section_alignment()180 uint32_t section_alignment() const { return m_section_alignment; } file_alignment()181 uint32_t file_alignment() const { return m_file_alignment; } major_operating_system_version()182 uint16_t major_operating_system_version() const { 183 return m_major_operating_system_version; 184 } minor_operating_system_version()185 uint16_t minor_operating_system_version() const { 186 return m_minor_operating_system_version; 187 } major_image_version()188 uint16_t major_image_version() const { return m_major_image_version; } minor_image_version()189 uint16_t minor_image_version() const { return m_minor_image_version; } major_subsystem_version()190 uint16_t major_subsystem_version() const { 191 return m_major_subsystem_version; 192 } minor_subsystem_version()193 uint16_t minor_subsystem_version() const { 194 return m_minor_subsystem_version; 195 } win32_version_value()196 uint32_t win32_version_value() const { return m_win32_version_value; } size_of_image()197 uint32_t size_of_image() const { return m_size_of_image; } size_of_headers()198 uint32_t size_of_headers() const { return m_size_of_headers; } check_sum()199 uint32_t check_sum() const { return m_check_sum; } subsystem()200 subsystem_t subsystem() const { return m_subsystem; } dll_characteristics()201 uint16_t dll_characteristics() const { return m_dll_characteristics; } size_of_stack_reserve()202 uint32_t size_of_stack_reserve() const { return m_size_of_stack_reserve; } size_of_stack_reserve2()203 uint64_t size_of_stack_reserve2() const { return m_size_of_stack_reserve2; } size_of_stack_commit()204 uint32_t size_of_stack_commit() const { return m_size_of_stack_commit; } size_of_stack_commit2()205 uint64_t size_of_stack_commit2() const { return m_size_of_stack_commit2; } size_of_heap_reserve()206 uint32_t size_of_heap_reserve() const { return m_size_of_heap_reserve; } size_of_heap_reserve2()207 uint64_t size_of_heap_reserve2() const { return m_size_of_heap_reserve2; } size_of_heap_commit()208 uint32_t size_of_heap_commit() const { return m_size_of_heap_commit; } size_of_heap_commit2()209 uint64_t size_of_heap_commit2() const { return m_size_of_heap_commit2; } loader_flags()210 uint32_t loader_flags() const { return m_loader_flags; } number_of_rva_and_sizes()211 uint32_t number_of_rva_and_sizes() const { 212 return m_number_of_rva_and_sizes; 213 } _root()214 microsoft_pe_t* _root() const { return m__root; } _parent()215 microsoft_pe_t::optional_header_t* _parent() const { return m__parent; } 216 }; 217 218 class optional_header_data_dirs_t : public kaitai::kstruct { 219 public: 220 explicit optional_header_data_dirs_t( 221 kaitai::kstream* p_io, 222 microsoft_pe_t::optional_header_t* p_parent = nullptr, 223 microsoft_pe_t* p_root = nullptr); 224 veles::dbif::ObjectHandle veles_obj; 225 ~optional_header_data_dirs_t(); 226 227 private: 228 data_dir_t* m_export_table; 229 data_dir_t* m_import_table; 230 data_dir_t* m_resource_table; 231 data_dir_t* m_exception_table; 232 data_dir_t* m_certificate_table; 233 data_dir_t* m_base_relocation_table; 234 data_dir_t* m_debug; 235 data_dir_t* m_architecture; 236 data_dir_t* m_global_ptr; 237 data_dir_t* m_tls_table; 238 data_dir_t* m_load_config_table; 239 data_dir_t* m_bound_import; 240 data_dir_t* m_iat; 241 data_dir_t* m_delay_import_descriptor; 242 data_dir_t* m_clr_runtime_header; 243 microsoft_pe_t* m__root; 244 microsoft_pe_t::optional_header_t* m__parent; 245 246 public: export_table()247 data_dir_t* export_table() const { return m_export_table; } import_table()248 data_dir_t* import_table() const { return m_import_table; } resource_table()249 data_dir_t* resource_table() const { return m_resource_table; } exception_table()250 data_dir_t* exception_table() const { return m_exception_table; } certificate_table()251 data_dir_t* certificate_table() const { return m_certificate_table; } base_relocation_table()252 data_dir_t* base_relocation_table() const { 253 return m_base_relocation_table; 254 } debug()255 data_dir_t* debug() const { return m_debug; } architecture()256 data_dir_t* architecture() const { return m_architecture; } global_ptr()257 data_dir_t* global_ptr() const { return m_global_ptr; } tls_table()258 data_dir_t* tls_table() const { return m_tls_table; } load_config_table()259 data_dir_t* load_config_table() const { return m_load_config_table; } bound_import()260 data_dir_t* bound_import() const { return m_bound_import; } iat()261 data_dir_t* iat() const { return m_iat; } delay_import_descriptor()262 data_dir_t* delay_import_descriptor() const { 263 return m_delay_import_descriptor; 264 } clr_runtime_header()265 data_dir_t* clr_runtime_header() const { return m_clr_runtime_header; } _root()266 microsoft_pe_t* _root() const { return m__root; } _parent()267 microsoft_pe_t::optional_header_t* _parent() const { return m__parent; } 268 }; 269 270 class data_dir_t : public kaitai::kstruct { 271 public: 272 explicit data_dir_t( 273 kaitai::kstream* p_io, 274 microsoft_pe_t::optional_header_data_dirs_t* p_parent = nullptr, 275 microsoft_pe_t* p_root = nullptr); 276 veles::dbif::ObjectHandle veles_obj; 277 ~data_dir_t(); 278 279 private: 280 uint32_t m_virtual_address; 281 uint32_t m_size; 282 microsoft_pe_t* m__root; 283 microsoft_pe_t::optional_header_data_dirs_t* m__parent; 284 285 public: virtual_address()286 uint32_t virtual_address() const { return m_virtual_address; } size()287 uint32_t size() const { return m_size; } _root()288 microsoft_pe_t* _root() const { return m__root; } _parent()289 microsoft_pe_t::optional_header_data_dirs_t* _parent() const { 290 return m__parent; 291 } 292 }; 293 294 class optional_header_t : public kaitai::kstruct { 295 public: 296 explicit optional_header_t(kaitai::kstream* p_io, 297 microsoft_pe_t* p_parent = nullptr, 298 microsoft_pe_t* p_root = nullptr); 299 veles::dbif::ObjectHandle veles_obj; 300 ~optional_header_t(); 301 302 private: 303 optional_header_std_t* m_std; 304 optional_header_windows_t* m_windows; 305 optional_header_data_dirs_t* m_data_dirs; 306 microsoft_pe_t* m__root; 307 microsoft_pe_t* m__parent; 308 309 public: std()310 optional_header_std_t* std() const { return m_std; } windows()311 optional_header_windows_t* windows() const { return m_windows; } data_dirs()312 optional_header_data_dirs_t* data_dirs() const { return m_data_dirs; } _root()313 microsoft_pe_t* _root() const { return m__root; } _parent()314 microsoft_pe_t* _parent() const { return m__parent; } 315 }; 316 317 class section_t : public kaitai::kstruct { 318 public: 319 explicit section_t(kaitai::kstream* p_io, 320 microsoft_pe_t* p_parent = nullptr, 321 microsoft_pe_t* p_root = nullptr); 322 veles::dbif::ObjectHandle veles_obj; 323 ~section_t(); 324 325 private: 326 bool f_body; 327 std::vector<uint8_t> m_body; 328 329 public: 330 std::vector<uint8_t> body(); 331 332 private: 333 std::string m_name; 334 uint32_t m_virtual_size; 335 uint32_t m_virtual_address; 336 uint32_t m_size_of_raw_data; 337 uint32_t m_pointer_to_raw_data; 338 uint32_t m_pointer_to_relocations; 339 uint32_t m_pointer_to_linenumbers; 340 uint16_t m_number_of_relocations; 341 uint16_t m_number_of_linenumbers; 342 uint32_t m_characteristics; 343 microsoft_pe_t* m__root; 344 microsoft_pe_t* m__parent; 345 346 public: name()347 std::string name() const { return m_name; } virtual_size()348 uint32_t virtual_size() const { return m_virtual_size; } virtual_address()349 uint32_t virtual_address() const { return m_virtual_address; } size_of_raw_data()350 uint32_t size_of_raw_data() const { return m_size_of_raw_data; } pointer_to_raw_data()351 uint32_t pointer_to_raw_data() const { return m_pointer_to_raw_data; } pointer_to_relocations()352 uint32_t pointer_to_relocations() const { return m_pointer_to_relocations; } pointer_to_linenumbers()353 uint32_t pointer_to_linenumbers() const { return m_pointer_to_linenumbers; } number_of_relocations()354 uint16_t number_of_relocations() const { return m_number_of_relocations; } number_of_linenumbers()355 uint16_t number_of_linenumbers() const { return m_number_of_linenumbers; } characteristics()356 uint32_t characteristics() const { return m_characteristics; } _root()357 microsoft_pe_t* _root() const { return m__root; } _parent()358 microsoft_pe_t* _parent() const { return m__parent; } 359 }; 360 361 class mz_placeholder_t : public kaitai::kstruct { 362 public: 363 explicit mz_placeholder_t(kaitai::kstream* p_io, 364 microsoft_pe_t* p_parent = nullptr, 365 microsoft_pe_t* p_root = nullptr); 366 veles::dbif::ObjectHandle veles_obj; 367 ~mz_placeholder_t(); 368 369 private: 370 std::vector<uint8_t> m_magic; 371 std::vector<uint8_t> m_data1; 372 uint32_t m_header_size; 373 microsoft_pe_t* m__root; 374 microsoft_pe_t* m__parent; 375 376 public: magic()377 std::vector<uint8_t> magic() const { return m_magic; } data1()378 std::vector<uint8_t> data1() const { return m_data1; } header_size()379 uint32_t header_size() const { return m_header_size; } _root()380 microsoft_pe_t* _root() const { return m__root; } _parent()381 microsoft_pe_t* _parent() const { return m__parent; } 382 }; 383 384 class optional_header_std_t : public kaitai::kstruct { 385 public: 386 enum pe_formatx_t { 387 PE_FORMATX_ROM_IMAGE = 263, 388 PE_FORMATX_PE32 = 267, 389 PE_FORMATX_PE32_PLUS = 523 390 }; 391 392 explicit optional_header_std_t( 393 kaitai::kstream* p_io, 394 microsoft_pe_t::optional_header_t* p_parent = nullptr, 395 microsoft_pe_t* p_root = nullptr); 396 veles::dbif::ObjectHandle veles_obj; 397 ~optional_header_std_t(); 398 399 private: 400 uint16_t m_format; 401 uint8_t m_major_linker_version; 402 uint8_t m_minor_linker_version; 403 uint32_t m_size_of_code; 404 uint32_t m_size_of_initialized_data; 405 uint32_t m_size_of_uninitialized_data; 406 uint32_t m_address_of_entry_point; 407 uint32_t m_base_of_code; 408 uint32_t m_base_of_data; 409 bool n_base_of_data; 410 411 public: _is_null_base_of_data()412 bool _is_null_base_of_data() { 413 base_of_data(); 414 return n_base_of_data; 415 }; 416 417 private: 418 microsoft_pe_t* m__root; 419 microsoft_pe_t::optional_header_t* m__parent; 420 421 public: format()422 uint16_t format() const { return m_format; } major_linker_version()423 uint8_t major_linker_version() const { return m_major_linker_version; } minor_linker_version()424 uint8_t minor_linker_version() const { return m_minor_linker_version; } size_of_code()425 uint32_t size_of_code() const { return m_size_of_code; } size_of_initialized_data()426 uint32_t size_of_initialized_data() const { 427 return m_size_of_initialized_data; 428 } size_of_uninitialized_data()429 uint32_t size_of_uninitialized_data() const { 430 return m_size_of_uninitialized_data; 431 } address_of_entry_point()432 uint32_t address_of_entry_point() const { return m_address_of_entry_point; } base_of_code()433 uint32_t base_of_code() const { return m_base_of_code; } base_of_data()434 uint32_t base_of_data() const { return m_base_of_data; } _root()435 microsoft_pe_t* _root() const { return m__root; } _parent()436 microsoft_pe_t::optional_header_t* _parent() const { return m__parent; } 437 }; 438 439 class coff_header_t : public kaitai::kstruct { 440 public: 441 enum machine_type_t { 442 MACHINE_TYPE_UNKNOWN = 0, 443 MACHINE_TYPE_I386 = 332, 444 MACHINE_TYPE_R4000 = 358, 445 MACHINE_TYPE_WCEMIPSV2 = 361, 446 MACHINE_TYPE_SH3 = 418, 447 MACHINE_TYPE_SH3DSP = 419, 448 MACHINE_TYPE_SH4 = 422, 449 MACHINE_TYPE_SH5 = 424, 450 MACHINE_TYPE_ARM = 448, 451 MACHINE_TYPE_THUMB = 450, 452 MACHINE_TYPE_ARMNT = 452, 453 MACHINE_TYPE_AM33 = 467, 454 MACHINE_TYPE_POWERPC = 496, 455 MACHINE_TYPE_POWERPCFP = 497, 456 MACHINE_TYPE_IA64 = 512, 457 MACHINE_TYPE_MIPS16 = 614, 458 MACHINE_TYPE_MIPSFPU = 870, 459 MACHINE_TYPE_MIPSFPU16 = 1126, 460 MACHINE_TYPE_EBC = 3772, 461 MACHINE_TYPE_RISCV32 = 20530, 462 MACHINE_TYPE_RISCV64 = 20580, 463 MACHINE_TYPE_RISCV128 = 20776, 464 MACHINE_TYPE_AMD64 = 34404, 465 MACHINE_TYPE_M32R = 36929 466 }; 467 468 explicit coff_header_t(kaitai::kstream* p_io, 469 microsoft_pe_t* p_parent = nullptr, 470 microsoft_pe_t* p_root = nullptr); 471 veles::dbif::ObjectHandle veles_obj; 472 ~coff_header_t(); 473 474 private: 475 machine_type_t m_machine; 476 uint16_t m_number_of_sections; 477 uint32_t m_time_date_stamp; 478 uint32_t m_pointer_to_symbol_table; 479 uint32_t m_number_of_symbols; 480 uint16_t m_size_of_optional_header; 481 uint16_t m_characteristics; 482 microsoft_pe_t* m__root; 483 microsoft_pe_t* m__parent; 484 485 public: machine()486 machine_type_t machine() const { return m_machine; } number_of_sections()487 uint16_t number_of_sections() const { return m_number_of_sections; } time_date_stamp()488 uint32_t time_date_stamp() const { return m_time_date_stamp; } pointer_to_symbol_table()489 uint32_t pointer_to_symbol_table() const { 490 return m_pointer_to_symbol_table; 491 } number_of_symbols()492 uint32_t number_of_symbols() const { return m_number_of_symbols; } size_of_optional_header()493 uint16_t size_of_optional_header() const { 494 return m_size_of_optional_header; 495 } characteristics()496 uint16_t characteristics() const { return m_characteristics; } _root()497 microsoft_pe_t* _root() const { return m__root; } _parent()498 microsoft_pe_t* _parent() const { return m__parent; } 499 }; 500 501 private: 502 mz_placeholder_t* m_mz1; 503 std::vector<uint8_t> m_mz2; 504 std::vector<uint8_t> m_pe_signature; 505 coff_header_t* m_coff_header; 506 optional_header_t* m_optional_header; 507 std::vector<section_t*>* m_sections; 508 microsoft_pe_t* m__root; 509 kaitai::kstruct* m__parent; 510 std::vector<uint8_t> m__skip_me_optional_header; 511 kaitai::kstream* m__io__skip_me_optional_header; 512 513 public: mz1()514 mz_placeholder_t* mz1() const { return m_mz1; } mz2()515 std::vector<uint8_t> mz2() const { return m_mz2; } pe_signature()516 std::vector<uint8_t> pe_signature() const { return m_pe_signature; } coff_header()517 coff_header_t* coff_header() const { return m_coff_header; } optional_header()518 optional_header_t* optional_header() const { return m_optional_header; } sections()519 std::vector<section_t*>* sections() const { return m_sections; } _root()520 microsoft_pe_t* _root() const { return m__root; } _parent()521 kaitai::kstruct* _parent() const { return m__parent; } _skip_me_optional_header()522 std::vector<uint8_t> _skip_me_optional_header() const { 523 return m__skip_me_optional_header; 524 } _io__skip_me_optional_header()525 kaitai::kstream* _io__skip_me_optional_header() const { 526 return m__io__skip_me_optional_header; 527 } 528 }; 529 530 } // namespace microsoft_pe 531 } // namespace kaitai 532 } // namespace veles 533 #endif // MICROSOFT_PE_H_ 534