/* radare - LGPL - Copyright 2008-2012 nibble, pancake */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <r_types.h>
#include <r_util.h>
#include "pe.h"
ut64 PE_(r_bin_pe_get_main_offset)(struct PE_(r_bin_pe_obj_t) *bin) {
struct r_bin_pe_addr_t *entry = PE_(r_bin_pe_get_entrypoint) (bin);
ut64 addr = 0LL;
ut8 buf[512];
// option2: /x 8bff558bec83ec20
if (r_buf_read_at (bin->b, entry->offset, buf, sizeof (buf)) == -1) {
eprintf ("Error: read (entry)\n");
} else {
if (buf[367] == 0xe8) {
int delta = (buf[368] | buf[369]<<8 | buf[370]<<16 | buf[371]<<24);
addr = entry->rva + 367 + 5 + delta;
}
}
free (entry);
return addr;
}
static PE_DWord PE_(r_bin_pe_rva_to_offset)(struct PE_(r_bin_pe_obj_t)* bin, PE_DWord rva) {
PE_DWord section_base;
int i, section_size;
static int load(RBinArch *arch) {
if(!(arch->bin_obj = PE_(r_bin_pe_new_buf) (arch->buf)))
return R_FALSE;
return R_TRUE;
}
static int bin_pe_init_hdr(struct PE_(r_bin_pe_obj_t)* bin) {
if (!(bin->dos_header = malloc(sizeof(PE_(image_dos_header))))) {
r_sys_perror ("malloc (dos header)");
return false;
}
if (r_buf_read_at (bin->b, 0, (ut8*)bin->dos_header, sizeof(PE_(image_dos_header))) == -1) {
eprintf("Warning: read (dos header)\n");
return false;
}
sdb_num_set (bin->kv, "pe_dos_header.offset", 0, 0);
sdb_set (bin->kv, "pe_dos_header.format", "[2]zwwwwwwwwwwwww[4]www[10]wx"
" e_magic e_cblp e_cp e_crlc e_cparhdr e_minalloc e_maxalloc"
" e_ss e_sp e_csum e_ip e_cs e_lfarlc e_ovno e_res e_oemid"
" e_oeminfo e_res2 e_lfanew", 0);
if (bin->dos_header->e_lfanew > (unsigned int)bin->size) {
eprintf("Invalid e_lfanew field\n");
return false;
}
if (!(bin->nt_headers = malloc (sizeof (PE_(image_nt_headers))))) {
r_sys_perror("malloc (nt header)");
return false;
}
bin->nt_header_offset = bin->dos_header->e_lfanew;
if (r_buf_read_at (bin->b, bin->dos_header->e_lfanew,
(ut8*)bin->nt_headers, sizeof (PE_(image_nt_headers))) == -1) {
eprintf ("Warning: read (dos header)\n");
return false;
}
sdb_set (bin->kv, "pe_magic.cparse", "enum pe_magic { IMAGE_NT_OPTIONAL_HDR32_MAGIC=0x10b, IMAGE_NT_OPTIONAL_HDR64_MAGIC=0x20b, IMAGE_ROM_OPTIONAL_HDR_MAGIC=0x107 };", 0);
sdb_set (bin->kv, "pe_subsystem.cparse", "enum pe_subsystem { IMAGE_SUBSYSTEM_UNKNOWN=0, IMAGE_SUBSYSTEM_NATIVE=1, IMAGE_SUBSYSTEM_WINDOWS_GUI=2, "
" IMAGE_SUBSYSTEM_WINDOWS_CUI=3, IMAGE_SUBSYSTEM_OS2_CUI=5, IMAGE_SUBSYSTEM_POSIX_CUI=7, IMAGE_SUBSYSTEM_WINDOWS_CE_GUI=9, "
