1 #pragma once 2 3 //C_ASSERT(sizeof(ULONG) == 4); 4 typedef unsigned char UBYTE; 5 #if defined(_MSC_VER) || defined(__MINGW32__) 6 typedef unsigned __int64 ULONG64; 7 #else 8 #include <stdint.h> 9 typedef uint64_t ULONG64; 10 #endif 11 12 13 #define IMAGE_FILE_MACHINE_I386 0x14c 14 #define IMAGE_FILE_MACHINE_AMD64 0x8664 15 #define IMAGE_FILE_MACHINE_ARM64 0xaa64 16 #define IMAGE_DIRECTORY_ENTRY_IMPORT 1 17 #define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 18 19 #define UWOP_PUSH_NONVOL 0 20 #define UWOP_ALLOC_LARGE 1 21 #define UWOP_ALLOC_SMALL 2 22 #define UWOP_SET_FPREG 3 23 #define UWOP_SAVE_NONVOL 4 24 #define UWOP_SAVE_NONVOL_FAR 5 25 #define UWOP_SAVE_XMM 6 26 #define UWOP_SAVE_XMM_FAR 7 27 #define UWOP_SAVE_XMM128 8 28 #define UWOP_SAVE_XMM128_FAR 9 29 #define UWOP_PUSH_MACHFRAME 10 30 31 #define REG_RAX 0 32 #define REG_RCX 1 33 #define REG_RDX 2 34 #define REG_RBX 3 35 #define REG_RSP 4 36 #define REG_RBP 5 37 #define REG_RSI 6 38 #define REG_RDI 7 39 #define REG_R8 8 40 #define REG_R9 9 41 #define REG_R10 10 42 #define REG_R11 11 43 #define REG_R12 12 44 #define REG_R13 13 45 #define REG_R14 14 46 #define REG_R15 15 47 48 #define REG_XMM0 0 49 #define REG_XMM1 1 50 #define REG_XMM2 2 51 #define REG_XMM3 3 52 #define REG_XMM4 4 53 #define REG_XMM5 5 54 #define REG_XMM6 6 55 #define REG_XMM7 7 56 #define REG_XMM8 8 57 #define REG_XMM9 9 58 #define REG_XMM10 10 59 #define REG_XMM11 11 60 #define REG_XMM12 12 61 #define REG_XMM13 13 62 #define REG_XMM14 14 63 #define REG_XMM15 15 64 65 66 typedef struct _IMAGE_IMPORT_DESCRIPTOR 67 { 68 union { 69 DWORD Characteristics; 70 DWORD OriginalFirstThunk; 71 }; 72 DWORD TimeDateStamp; 73 DWORD ForwarderChain; 74 DWORD Name; 75 DWORD FirstThunk; 76 } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR; 77 78 typedef struct _IMAGE_THUNK_DATA64 79 { 80 union { 81 ULONGLONG ForwarderString; 82 ULONGLONG Function; 83 ULONGLONG Ordinal; 84 ULONGLONG AddressOfData; 85 } u1; 86 } IMAGE_THUNK_DATA64, *PIMAGE_THUNK_DATA64; 87 88 typedef struct _RUNTIME_FUNCTION 89 { 90 ULONG FunctionStart; 91 ULONG FunctionEnd; 92 ULONG UnwindInfo; 93 } RUNTIME_FUNCTION, *PRUNTIME_FUNCTION; 94 95 typedef union _UNWIND_CODE 96 { 97 struct 98 { 99 UBYTE CodeOffset; 100 UBYTE UnwindOp:4; 101 UBYTE OpInfo:4; 102 }; 103 USHORT FrameOffset; 104 } UNWIND_CODE, *PUNWIND_CODE; 105 106 enum 107 { 108 UNW_FLAG_EHANDLER = 0x01, 109 UNW_FLAG_UHANDLER = 0x02, 110 UNW_FLAG_CHAININFO = 0x03, 111 }; 112 113 typedef struct _UNWIND_INFO 114 { 115 UBYTE Version:3; 116 UBYTE Flags:5; 117 UBYTE SizeOfProlog; 118 UBYTE CountOfCodes; 119 UBYTE FrameRegister:4; 120 UBYTE FrameOffset:4; 121 UNWIND_CODE UnwindCode[1]; 122 /* union { 123 OPTIONAL ULONG ExceptionHandler; 124 OPTIONAL ULONG FunctionEntry; 125 }; 126 OPTIONAL ULONG ExceptionData[]; 127 */ 128 } UNWIND_INFO, *PUNWIND_INFO; 129 130 typedef struct _C_SCOPE_TABLE_ENTRY 131 { 132 ULONG Begin; 133 ULONG End; 134 ULONG Handler; 135 ULONG Target; 136 } C_SCOPE_TABLE_ENTRY, *PC_SCOPE_TABLE_ENTRY; 137 138 typedef struct _C_SCOPE_TABLE 139 { 140 ULONG NumEntries; 141 C_SCOPE_TABLE_ENTRY Entry[1]; 142 } C_SCOPE_TABLE, *PC_SCOPE_TABLE; 143 144 145 typedef struct 146 { 147 IMAGE_SECTION_HEADER *psh; 148 char *pName; 149 void *p; 150 ULONG idx; 151 } SECTION; 152 153 typedef struct 154 { 155 char* FilePtr; 156 size_t cbInFileSize; 157 size_t cbNewFileSize; 158 159 /* PE data pointers */ 160 PIMAGE_DOS_HEADER DosHeader; 161 PIMAGE_FILE_HEADER FileHeader; 162 PIMAGE_OPTIONAL_HEADER64 OptionalHeader; 163 PIMAGE_SECTION_HEADER SectionHeaders; 164 PIMAGE_SECTION_HEADER NewSectionHeaders; 165 ULONG NewSectionHeaderSize; 166 PIMAGE_BASE_RELOCATION Relocations; 167 void *Symbols; 168 char *Strings; 169 ULONG64 ImageBase; 170 ULONG HeaderSize; 171 char *UseSection; 172 173 /* Sections */ 174 ULONG AllSections; 175 ULONG UsedSections; 176 177 SECTION eh_frame; 178 SECTION pdata; 179 SECTION xdata; 180 181 char *AlignBuf; 182 183 ULONG cFuncs; 184 ULONG cUWOP; 185 ULONG cScopes; 186 187 } FILE_INFO, *PFILE_INFO; 188