void PETables::setSectionHeaders(unsigned int nsecs, _IMAGE_SECTION_HEADER *ish) {
num_sections = nsecs;
sections = (_IMAGE_SECTION_HEADER*)malloc(num_sections * sizeof(_IMAGE_SECTION_HEADER));
if (sections == NULL) return;
memcpy(sections, ish, num_sections * sizeof(_IMAGE_SECTION_HEADER));
//bss type segments are zero filled by operating system loader
for (unsigned short i = 0; i < num_sections; i++) {
if (sections[i].SizeOfRawData < sections[i].Misc.VirtualSize) {
// if (sections[i].SizeOfRawData == 0 && sections[i].Misc.VirtualSize) {
ea_t sbase = sections[i].VirtualAddress + base;
segment_t *seg = getseg(sbase);
if (seg) {
ea_t ea;
//zero from end of raw data to end of section
for (ea = seg->startEA + sections[i].SizeOfRawData; ea < (seg->endEA - 3); ea += 4) {
patch_long(ea, 0);
}
while (ea < seg->endEA) {
patch_byte(ea++, 0);
}
}
}
}
valid = 1;
}
/*
* 模式说明
* 1、MODE_ARMOP_Code -> 使用ARM指令修改CODE
* 2、MODE_ARMOP_SysCall -> 注释系统调用
*/
int Arm_Moudle(int inFlag){
static int Mode_Bit = MODE_ARMOPC32_JMP;
static int ModeOption = 0;
ea_t _ThisEa = get_screen_ea();
if (inFlag != Flag_Again)
if (AskUsingForm_c(ASK_ARM_UI, &ModeOption) == 0)
return NULL;
if (MODE_ARMOP_Code == ModeOption){
if (inFlag != Flag_Again)
if (AskUsingForm_c(ASK_CODE_UI, &Mode_Bit) == 0)
return NULL;
if (MODE_ARMOPC16_JMP == Mode_Bit){
_ThisEa &= 0xFFFFFFFE;
patch_long(_ThisEa, 0xE7FE);
}
else if (MODE_ARMOPC16_NOP == Mode_Bit){
_ThisEa &= 0xFFFFFFFE;
patch_word(_ThisEa, 0xC046);
}
else if (MODE_ARMOPC32_JMP == Mode_Bit){
_ThisEa &= 0xFFFFFFFC;
patch_long(_ThisEa, 0xEAFFFFFE);
}
else if (MODE_ARMOPC32_NOP == Mode_Bit){
_ThisEa &= 0xFFFFFFFC;
patch_long(_ThisEa, 0xE1A00000);
}
}
else if(MODE_ARMOP_SysCall == ModeOption){
//自动获取,
ulong Sys_No = get_32bit(get_screen_ea()) & 0xFFF;
if (AskUsingForm_c(ASK_SYSCALL_UI, &Sys_No) == 0)return 0;
if (SysCall::getName(Sys_No) != NULL){
set_cmt(get_screen_ea(), SysCall::getName(Sys_No), 1);
}
}
return NULL;
}
