1 #pragma once 2 3 //C_ASSERT(sizeof(ULONG) == 4); 4 typedef unsigned char UBYTE; 5 #if defined(_MSC_VER) || defined(__MINGW32__) 6 typedef unsigned __int64 ULONG64; 7 #else 8 #include <stdint.h> 9 typedef uint64_t ULONG64; 10 #endif 11 12 13 #define IMAGE_FILE_MACHINE_I386 0x14c 14 #define IMAGE_FILE_MACHINE_AMD64 0x8664 15 #define IMAGE_DIRECTORY_ENTRY_IMPORT 1 16 #define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 17 18 #define UWOP_PUSH_NONVOL 0 19 #define UWOP_ALLOC_LARGE 1 20 #define UWOP_ALLOC_SMALL 2 21 #define UWOP_SET_FPREG 3 22 #define UWOP_SAVE_NONVOL 4 23 #define UWOP_SAVE_NONVOL_FAR 5 24 #define UWOP_SAVE_XMM 6 25 #define UWOP_SAVE_XMM_FAR 7 26 #define UWOP_SAVE_XMM128 8 27 #define UWOP_SAVE_XMM128_FAR 9 28 #define UWOP_PUSH_MACHFRAME 10 29 30 #define REG_RAX 0 31 #define REG_RCX 1 32 #define REG_RDX 2 33 #define REG_RBX 3 34 #define REG_RSP 4 35 #define REG_RBP 5 36 #define REG_RSI 6 37 #define REG_RDI 7 38 #define REG_R8 8 39 #define REG_R9 9 40 #define REG_R10 10 41 #define REG_R11 11 42 #define REG_R12 12 43 #define REG_R13 13 44 #define REG_R14 14 45 #define REG_R15 15 46 47 #define REG_XMM0 0 48 #define REG_XMM1 1 49 #define REG_XMM2 2 50 #define REG_XMM3 3 51 #define REG_XMM4 4 52 #define REG_XMM5 5 53 #define REG_XMM6 6 54 #define REG_XMM7 7 55 #define REG_XMM8 8 56 #define REG_XMM9 9 57 #define REG_XMM10 10 58 #define REG_XMM11 11 59 #define REG_XMM12 12 60 #define REG_XMM13 13 61 #define REG_XMM14 14 62 #define REG_XMM15 15 63 64 65 typedef struct _IMAGE_IMPORT_DESCRIPTOR 66 { 67 union { 68 DWORD Characteristics; 69 DWORD OriginalFirstThunk; 70 }; 71 DWORD TimeDateStamp; 72 DWORD ForwarderChain; 73 DWORD Name; 74 DWORD FirstThunk; 75 } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR; 76 77 typedef struct _IMAGE_THUNK_DATA64 78 { 79 union { 80 ULONGLONG ForwarderString; 81 ULONGLONG Function; 82 ULONGLONG Ordinal; 83 ULONGLONG AddressOfData; 84 } u1; 85 } IMAGE_THUNK_DATA64, *PIMAGE_THUNK_DATA64; 86 87 typedef struct _RUNTIME_FUNCTION 88 { 89 ULONG FunctionStart; 90 ULONG FunctionEnd; 91 ULONG UnwindInfo; 92 } RUNTIME_FUNCTION, *PRUNTIME_FUNCTION; 93 94 typedef union _UNWIND_CODE 95 { 96 struct 97 { 98 UBYTE CodeOffset; 99 UBYTE UnwindOp:4; 100 UBYTE OpInfo:4; 101 }; 102 USHORT FrameOffset; 103 } UNWIND_CODE, *PUNWIND_CODE; 104 105 enum 106 { 107 UNW_FLAG_EHANDLER = 0x01, 108 UNW_FLAG_UHANDLER = 0x02, 109 UNW_FLAG_CHAININFO = 0x03, 110 }; 111 112 typedef struct _UNWIND_INFO 113 { 114 UBYTE Version:3; 115 UBYTE Flags:5; 116 UBYTE SizeOfProlog; 117 UBYTE CountOfCodes; 118 UBYTE FrameRegister:4; 119 UBYTE FrameOffset:4; 120 UNWIND_CODE UnwindCode[1]; 121 /* union { 122 OPTIONAL ULONG ExceptionHandler; 123 OPTIONAL ULONG FunctionEntry; 124 }; 125 OPTIONAL ULONG ExceptionData[]; 126 */ 127 } UNWIND_INFO, *PUNWIND_INFO; 128 129 typedef struct _C_SCOPE_TABLE_ENTRY 130 { 131 ULONG Begin; 132 ULONG End; 133 ULONG Handler; 134 ULONG Target; 135 } C_SCOPE_TABLE_ENTRY, *PC_SCOPE_TABLE_ENTRY; 136 137 typedef struct _C_SCOPE_TABLE 138 { 139 ULONG NumEntries; 140 C_SCOPE_TABLE_ENTRY Entry[1]; 141 } C_SCOPE_TABLE, *PC_SCOPE_TABLE; 142 143 144 typedef struct 145 { 146 IMAGE_SECTION_HEADER *psh; 147 char *pName; 148 void *p; 149 ULONG idx; 150 } SECTION; 151 152 typedef struct 153 { 154 char* FilePtr; 155 size_t cbInFileSize; 156 size_t cbNewFileSize; 157 158 /* PE data pointers */ 159 PIMAGE_DOS_HEADER DosHeader; 160 PIMAGE_FILE_HEADER FileHeader; 161 PIMAGE_OPTIONAL_HEADER64 OptionalHeader; 162 PIMAGE_SECTION_HEADER SectionHeaders; 163 PIMAGE_SECTION_HEADER NewSectionHeaders; 164 ULONG NewSectionHeaderSize; 165 PIMAGE_BASE_RELOCATION Relocations; 166 void *Symbols; 167 char *Strings; 168 ULONG64 ImageBase; 169 ULONG HeaderSize; 170 char *UseSection; 171 172 /* Sections */ 173 ULONG AllSections; 174 ULONG UsedSections; 175 176 SECTION eh_frame; 177 SECTION pdata; 178 SECTION xdata; 179 180 char *AlignBuf; 181 182 ULONG cFuncs; 183 ULONG cUWOP; 184 ULONG cScopes; 185 186 } FILE_INFO, *PFILE_INFO; 187