//------------------------------------------------------------------------
// process all imports of a pe file
// returns: -1:could not read an impdir; 0-ok;
// other values can be returned by the visitor
inline int pe_loader_t::process_imports(linput_t *li, pe_import_visitor_t &piv)
{
if ( pe.impdir.rva == 0 )
return 0;
if ( transvec.empty() )
process_sections(li);
int code = 0;
bool is_memory_linput = get_linput_type(li) == LINPUT_PROCMEM;
for ( int ni=0; ; ni++ )
{
off_t off = pe.impdir.rva + ni*sizeof(peimpdir_t);
peimpdir_t &id = piv.id;
if ( !vmread(li, off, &id, sizeof(id)) )
{
int code = piv.impdesc_error(off);
if ( code != 0 )
break;
// we continue if the import descriptor is within the page belonging
// to the program
if ( !is_memory_linput )
{
uint32 fsize = pe.align_up_in_file(qlsize(li));
if ( map_ea(off)+sizeof(id) > fsize )
return -1;
}
}
if ( id.dllname == 0 && id.table1 == 0 )
break;
ea_t ltable = id.table1; //OriginalFirstThunk
ea_t atable = id.looktab; //FirstThunk
bool ok = true;
char dll[MAXSTR];
asciiz(li, id.dllname, dll, sizeof(dll), &ok);
if ( !ok || dll[0] == '\0' )
break;
ansi2idb(dll);
if ( !is_memory_linput && (map_ea(ltable) == BADADDR || ltable < pe.hdrsize) )
ltable = atable;
atable += get_imagebase();
int code = piv.visit_module(dll, atable, ltable);
if ( code != 0 )
break;
code = process_import_table(li, pe, atable, ltable, piv);
if ( code != 0 )
break;
}
return code;
}
//------------------------------------------------------------------------
inline int pe_loader_t::process_delayed_imports(linput_t *li, pe_import_visitor_t &il)
{
if ( pe.didtab.rva == 0 )
return 0;
if ( transvec.empty() )
process_sections(li);
int code = 0;
uint32 ni = 0;
bool ok = true;
while ( true )
{
uint32 table = pe.didtab.rva + ni*uint32(sizeof(dimpdir_t));
if ( !vseek(li, table) )
break;
dimpdir_t &id = il.did;
lread(li, &id, sizeof(id));
if ( !id.dllname )
break;
il.withbase = (id.attrs & DIMP_NOBASE) == 0;
uval_t base = il.withbase ? 0 : uval_t(get_imagebase());
ea_t atable = id.diat + base;
ea_t ltable = id.dint;
char dll[MAXSTR];
uint32 off = uint32(il.withbase ? id.dllname - (ea_t)pe.imagebase() : id.dllname);
asciiz(li, off, dll, sizeof(dll), &ok);
if ( !ok )
break;
ansi2idb(dll);
code = il.visit_module(dll, atable, ltable);
if ( code != 0 )
break;
code = process_import_table(li, pe, atable, ltable, il);
if ( code != 0 )
break;
ni++;
}
return ok || code != 0 ? code : -1;
}
int process_file(char * filename) {
dword fsz;
dword header_off;
int i;
import_table = ph_create(2,64,0);
fptr = fopen(filename,"rb");
if (!fptr) {
printf("File not found: %s\n",filename);
return -1;
}
fseek(fptr, 0, SEEK_END);
fsz = ftell(fptr);
fseek(fptr, 0, SEEK_SET);
ffbufs = (byte**) calloc(1,(fsz/BUF_SIZE)*sizeof(byte*));
//ffbufs[0] = (unsigned char *)malloc(BUF_SIZE);
//fread(ffbufs[0],1,BUF_SIZE,fptr);
ffbufs[0] = (unsigned char *)malloc(fsz);
fread(ffbufs[0],1,fsz,fptr);
memcpy(&header_off,ffbufs[0]+PE_SIG_BASE_OFF,sizeof(dword));
/* first 4 bytes are a signature, ignore them */
header_off += sizeof(dword);
ex_header = (pe_header*) (ffbufs[0]+header_off);
ex_opt_header = (pe_opt_header32*) (ffbufs[0]+header_off+sizeof(pe_header));
sects_base = header_off+sizeof(pe_header)+sizeof(pe_opt_header32);
sects = (pe_section_header **) malloc(ex_header->num_sections*sizeof(pe_section_header*));
for (i=0;i < ex_header->num_sections ; i++) {
sects[i] = (pe_section_header*)(ffbufs[0]+(sects_base+i*sizeof(pe_section_header)));
}
process_import_table();
return 0;
}
