1 #pragma once 2 3 //C_ASSERT(sizeof(ULONG) == 4); 4 typedef unsigned char UBYTE; 5 #if defined(_MSC_VER) || defined(__MINGW32__) 6 typedef unsigned __int64 ULONG64; 7 #else 8 #include <stdint.h> 9 typedef uint64_t ULONG64; 10 #endif 11 12 13 #define IMAGE_FILE_MACHINE_I386 0x14c 14 #define IMAGE_FILE_MACHINE_AMD64 0x8664 15 #define IMAGE_FILE_MACHINE_ARM64 0xaa64 16 #define IMAGE_DIRECTORY_ENTRY_IMPORT 1 17 #define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 18 19 #define UWOP_PUSH_NONVOL 0 20 #define UWOP_ALLOC_LARGE 1 21 #define UWOP_ALLOC_SMALL 2 22 #define UWOP_SET_FPREG 3 23 #define UWOP_SAVE_NONVOL 4 24 #define UWOP_SAVE_NONVOL_FAR 5 25 #define UWOP_SAVE_XMM 6 26 #define UWOP_SAVE_XMM_FAR 7 27 #define UWOP_SAVE_XMM128 8 28 #define UWOP_SAVE_XMM128_FAR 9 29 #define UWOP_PUSH_MACHFRAME 10 30 31 #define REG_RAX 0 32 #define REG_RCX 1 33 #define REG_RDX 2 34 #define REG_RBX 3 35 #define REG_RSP 4 36 #define REG_RBP 5 37 #define REG_RSI 6 38 #define REG_RDI 7 39 #define REG_R8 8 40 #define REG_R9 9 41 #define REG_R10 10 42 #define REG_R11 11 43 #define REG_R12 12 44 #define REG_R13 13 45 #define REG_R14 14 46 #define REG_R15 15 47 48 #define REG_XMM0 0 49 #define REG_XMM1 1 50 #define REG_XMM2 2 51 #define REG_XMM3 3 52 #define REG_XMM4 4 53 #define REG_XMM5 5 54 #define REG_XMM6 6 55 #define REG_XMM7 7 56 #define REG_XMM8 8 57 #define REG_XMM9 9 58 #define REG_XMM10 10 59 #define REG_XMM11 11 60 #define REG_XMM12 12 61 #define REG_XMM13 13 62 #define REG_XMM14 14 63 #define REG_XMM15 15 64 65 66 typedef struct _IMAGE_IMPORT_DESCRIPTOR 67 { 68 union { 69 DWORD Characteristics; 70 DWORD OriginalFirstThunk; 71 }; 72 DWORD TimeDateStamp; 73 DWORD ForwarderChain; 74 DWORD Name; 75 DWORD FirstThunk; 76 } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR; 77 78 typedef struct _IMAGE_THUNK_DATA64 79 { 80 union { 81 ULONGLONG ForwarderString; 82 ULONGLONG Function; 83 ULONGLONG Ordinal; 84 ULONGLONG AddressOfData; 85 } u1; 86 } IMAGE_THUNK_DATA64, *PIMAGE_THUNK_DATA64; 87 88 typedef struct _RUNTIME_FUNCTION 89 { 90 ULONG FunctionStart; 91 ULONG FunctionEnd; 92 ULONG UnwindInfo; 93 } RUNTIME_FUNCTION, *PRUNTIME_FUNCTION; 94 95 typedef union _UNWIND_CODE 96 { 97 struct 98 { 99 UBYTE CodeOffset; 100 UBYTE UnwindOp:4; 101 UBYTE OpInfo:4; 102 }; 103 USHORT FrameOffset; 104 } UNWIND_CODE, *PUNWIND_CODE; 105 106 enum 107 { 108 UNW_FLAG_NHANDLER = 0x00, 109 UNW_FLAG_EHANDLER = 0x01, 110 UNW_FLAG_UHANDLER = 0x02, 111 UNW_FLAG_CHAININFO = 0x04 112 }; 113 114 typedef struct _UNWIND_INFO 115 { 116 UBYTE Version:3; 117 UBYTE Flags:5; 118 UBYTE SizeOfProlog; 119 UBYTE CountOfCodes; 120 UBYTE FrameRegister:4; 121 UBYTE FrameOffset:4; 122 UNWIND_CODE UnwindCode[1]; 123 /* union { 124 OPTIONAL ULONG ExceptionHandler; 125 OPTIONAL ULONG FunctionEntry; 126 }; 127 OPTIONAL ULONG ExceptionData[]; 128 */ 129 } UNWIND_INFO, *PUNWIND_INFO; 130 131 typedef struct _C_SCOPE_TABLE_ENTRY 132 { 133 ULONG Begin; 134 ULONG End; 135 ULONG Handler; 136 ULONG Target; 137 } C_SCOPE_TABLE_ENTRY, *PC_SCOPE_TABLE_ENTRY; 138 139 typedef struct _C_SCOPE_TABLE 140 { 141 ULONG NumEntries; 142 C_SCOPE_TABLE_ENTRY Entry[1]; 143 } C_SCOPE_TABLE, *PC_SCOPE_TABLE; 144 145 146 typedef struct 147 { 148 IMAGE_SECTION_HEADER *psh; 149 char *pName; 150 void *p; 151 ULONG idx; 152 } SECTION; 153 154 typedef struct 155 { 156 char* FilePtr; 157 size_t cbInFileSize; 158 size_t cbNewFileSize; 159 160 /* PE data pointers */ 161 PIMAGE_DOS_HEADER DosHeader; 162 PIMAGE_FILE_HEADER FileHeader; 163 PIMAGE_OPTIONAL_HEADER64 OptionalHeader; 164 PIMAGE_SECTION_HEADER SectionHeaders; 165 PIMAGE_SECTION_HEADER NewSectionHeaders; 166 ULONG NewSectionHeaderSize; 167 PIMAGE_BASE_RELOCATION Relocations; 168 void *Symbols; 169 char *Strings; 170 ULONG64 ImageBase; 171 ULONG HeaderSize; 172 char *UseSection; 173 174 /* Sections */ 175 ULONG AllSections; 176 ULONG UsedSections; 177 178 SECTION eh_frame; 179 SECTION pdata; 180 SECTION xdata; 181 182 char *AlignBuf; 183 184 ULONG cFuncs; 185 ULONG cUWOP; 186 ULONG cScopes; 187 188 } FILE_INFO, *PFILE_INFO; 189