BearParser
Portable Executable parsing library (from PE-bear)
Loading...
Searching...
No Matches
DOSExe.h
Go to the documentation of this file.
1#pragma once
2
3#include "../MappedExe.h"
4#include "DosHdrWrapper.h"
5
6#define DOS_PARAGRAPH 0x10
7
8class DOSExeBuilder: public ExeBuilder {
9public:
10 DOSExeBuilder() : ExeBuilder() {}
11 virtual bool signatureMatches(AbstractByteBuffer *buf);
12 virtual Executable* build(AbstractByteBuffer *buf);
13 QString typeName() { return "MZ"; }
14};
15
16//-------------------------------------------------------------
17
18class DOSExe : public MappedExe
19{
20public:
26
27 DOSExe(AbstractByteBuffer *v_buf);
28 virtual ~DOSExe() { }
29
30 virtual exe_arch getArch() { return exe_arch::ARCH_INTEL; }
31
32 // inherited from Executable:
33 //
34 virtual void wrap();
35 // FileAddr <-> RVA
36 virtual offset_t rawToRva(offset_t raw) { return (raw < codeOffset()) ? INVALID_ADDR : raw - codeOffset(); }
37 virtual offset_t rvaToRaw(offset_t rva) { return rva + codeOffset(); } //TODO
38
39 virtual bufsize_t getMappedSize(Executable::addr_type aType)
40 {
41 if (aType == Executable::RAW)
42 return getContentSize();
43 return moduleSize() - codeOffset();
44 }
45
46 virtual bufsize_t getAlignment(Executable::addr_type aType) const { return 0; } //TODO
47 virtual offset_t getImageBase(bool recalculate = false) { return m_dosHdr->e_cs; }
48 virtual offset_t getEntryPoint(Executable::addr_type aType = Executable::RVA) { return codeOffset() + m_dosHdr->e_ip; }
49
50 //---
51 // DOS Exe only:
52 virtual offset_t dosHeaderOffset() { return 0; } //wrapper's mount point
53 offset_t peSignatureOffset();
54
55protected:
56 offset_t codeOffset() { return static_cast<offset_t> (m_dosHdr->e_cparhdr) * DOS_PARAGRAPH; }
57 bufsize_t moduleSize()
58 {
59 const size_t unit_size = 0x200;
60 WORD size = m_dosHdr->e_cp * unit_size;
61 if (m_dosHdr->e_cblp ) {
62 WORD trimSize = unit_size - m_dosHdr->e_cblp;
63 size -= trimSize;
64 }
65 return static_cast<bufsize_t> (size);
66 }
67
68
69 DosHdrWrapper *dosHdrWrapper;
70 IMAGE_DOS_HEADER* m_dosHdr;
71};
INVALID_ADDR
const offset_t INVALID_ADDR
Definition AbstractByteBuffer.h:21
offset_t
uint64_t offset_t
Definition AbstractByteBuffer.h:20
bufsize_t
size_t bufsize_t
Definition AbstractByteBuffer.h:17
DOS_PARAGRAPH
#define DOS_PARAGRAPH
Definition DOSExe.h:6
DOSExeBuilder::DOSExeBuilder
DOSExeBuilder()
Definition DOSExe.h:10
DOSExeBuilder::build
virtual Executable * build(AbstractByteBuffer *buf)
Definition DOSExe.cpp:18
DOSExeBuilder::typeName
QString typeName()
Definition DOSExe.h:13
DOSExeBuilder::signatureMatches
virtual bool signatureMatches(AbstractByteBuffer *buf)
Definition DOSExe.cpp:4
DOSExe::codeOffset
offset_t codeOffset()
Definition DOSExe.h:56
DOSExe::dosHeaderOffset
virtual offset_t dosHeaderOffset()
Definition DOSExe.h:52
DOSExe::rvaToRaw
virtual offset_t rvaToRaw(offset_t rva)
Definition DOSExe.h:37
DOSExe::wrap
virtual void wrap()
Definition DOSExe.cpp:40
DOSExe::DOSExe
DOSExe(AbstractByteBuffer *v_buf)
Definition DOSExe.cpp:34
DOSExe::moduleSize
bufsize_t moduleSize()
Definition DOSExe.h:57
DOSExe::m_dosHdr
IMAGE_DOS_HEADER * m_dosHdr
Definition DOSExe.h:70
DOSExe::peSignatureOffset
offset_t peSignatureOffset()
Definition DOSExe.cpp:60
DOSExe::getImageBase
virtual offset_t getImageBase(bool recalculate=false)
Definition DOSExe.h:47
DOSExe::getArch
virtual exe_arch getArch()
Definition DOSExe.h:30
DOSExe::dosHdrWrapper
DosHdrWrapper * dosHdrWrapper
Definition DOSExe.h:69
DOSExe::getEntryPoint
virtual offset_t getEntryPoint(Executable::addr_type aType=Executable::RVA)
Definition DOSExe.h:48
DOSExe::rawToRva
virtual offset_t rawToRva(offset_t raw)
Definition DOSExe.h:36
DOSExe::getMappedSize
virtual bufsize_t getMappedSize(Executable::addr_type aType)
Definition DOSExe.h:39
DOSExe::WRAPPERS
WRAPPERS
Definition DOSExe.h:21
DOSExe::WR_NONE
@ WR_NONE
Definition DOSExe.h:22
DOSExe::COUNT_WRAPPERS
@ COUNT_WRAPPERS
Definition DOSExe.h:24
DOSExe::WR_DOS_HDR
@ WR_DOS_HDR
Definition DOSExe.h:23
DOSExe::~DOSExe
virtual ~DOSExe()
Definition DOSExe.h:28
DOSExe::getAlignment
virtual bufsize_t getAlignment(Executable::addr_type aType) const
Definition DOSExe.h:46
Executable::getContentSize
virtual bufsize_t getContentSize()
Definition Executable.h:61
MappedExe::MappedExe
MappedExe(AbstractByteBuffer *v_buf, exe_bits v_bitMode)
Definition MappedExe.h:52
Generated by doxygen 1.17.0