Public Types |
Public Member Functions |
Static Public Member Functions |
Protected Member Functions |
Protected Attributes |
List of all members
Executable Class Referenceabstract
#include <Executable.h>
Collaboration diagram for Executable:
Public Types | |
| enum | exe_bits { UNKNOWN = 0 , BITS_16 = 16 , BITS_32 = 32 , BITS_64 = 64 } |
| enum | exe_arch { ARCH_UNKNOWN = 0 , ARCH_INTEL = 1 , ARCH_ARM = 2 } |
| enum | addr_type { NOT_ADDR = 0 , RAW = 1 , RVA = 2 , VA = 3 } |
Public Member Functions | |
| bool | isBit64 () |
| bool | isBit32 () |
| virtual | ~Executable (void) |
| virtual exe_bits | getBitMode () |
| virtual exe_arch | getArch ()=0 |
| virtual bufsize_t | getContentSize () |
| virtual BYTE * | getContent () |
| virtual offset_t | getRawSize () const |
| BYTE * | getContentAtPtr (BYTE *ptr, bufsize_t size, bool allowExceptions=false) |
| BYTE * | getContentAt (offset_t offset, bufsize_t size, bool allowExceptions=false) |
| virtual BYTE * | getContentAt (offset_t offset, Executable::addr_type aType, bufsize_t size, bool allowExceptions=false) |
| virtual bufsize_t | getMappedSize (Executable::addr_type aType)=0 |
| virtual bufsize_t | getAlignment (Executable::addr_type aType) const =0 |
| virtual offset_t | getImageBase (bool recalculate=false)=0 |
| virtual offset_t | getEntryPoint (Executable::addr_type aType=Executable::RVA)=0 |
| virtual bufsize_t | getImageSize () |
| virtual size_t | getAllEntryPoints (QMap< offset_t, QString > &entrypoints, Executable::addr_type aType=Executable::RVA) |
| virtual bool | isValidAddr (offset_t addr, addr_type addrType) |
| virtual bool | isValidVA (offset_t va) |
| virtual offset_t | convertAddr (offset_t inAddr, Executable::addr_type inType, Executable::addr_type outType) |
| virtual offset_t | toRaw (offset_t offset, addr_type addrType, bool allowExceptions=false) |
| Executable::addr_type | detectAddrType (offset_t addr, Executable::addr_type hintType) |
| virtual offset_t | rawToRva (offset_t raw)=0 |
| virtual offset_t | rvaToRaw (offset_t rva)=0 |
| virtual offset_t | VaToRva (offset_t va, bool autodetect=false) |
| virtual offset_t | rvaToVa (offset_t rva) |
| virtual offset_t | vaToRaw (offset_t va) |
| QString | getFileName () |
| virtual bool | resize (bufsize_t newSize) |
| virtual bool | isResized () |
| virtual bool | isTruncated () |
| AbstractByteBuffer * | getFileBuffer () const |
| bufsize_t | getFileSize () const |
| virtual bool | dumpFragment (offset_t offset, bufsize_t size, QString fileName) |
 Public Member Functions inherited from AbstractByteBuffer | |
| AbstractByteBuffer () | |
| virtual | ~AbstractByteBuffer () |
| BYTE | operator[] (size_t idx) |
| virtual offset_t | getOffset (void *ptr, bool allowExceptions=false) |
| virtual bool | setBufferedValue (BYTE *dstPtr, BYTE *srcPtr, bufsize_t srcSize, bufsize_t paddingSize, bool allowExceptions=false) |
| bool | setStringValue (offset_t rawOffset, QString newText) |
| QString | getStringValue (offset_t rawOffset, bufsize_t len=BUFSIZE_MAX, bool acceptNonTerminated=false) |
| QString | getWStringValue (offset_t rawOffset, bufsize_t len) |
| QString | getWAsciiStringValue (offset_t rawOffset, bufsize_t len, bool acceptNonTerminated=false) |
| bufsize_t | getMaxSizeFromOffset (offset_t startOffset) |
| bufsize_t | getMaxSizeFromPtr (BYTE *ptr) |
| bool | isAreaEmpty (offset_t rawOffset, bufsize_t size) |
| bool | fillContent (BYTE filling) |
| bool | pasteBuffer (offset_t rawOffset, AbstractByteBuffer *buf, bool allowTrunc) |
| bool | containsBlock (offset_t rawOffset, bufsize_t size) |
| bool | intersectsBlock (offset_t rawOffset, bufsize_t size) |
| uint64_t | getNumValue (offset_t offset, bufsize_t size, bool *isOk) |
| bool | setNumValue (offset_t offset, bufsize_t size, uint64_t newVal) |
| bool | setTextValue (char *textPtr, std::string newText, size_t fieldLimitLen=0) |
| offset_t | substFragmentByFile (offset_t offset, bufsize_t contentSize, QFile &fIn) |
Static Public Member Functions | |
| static bool | isBit64 (Executable *exe) |
| static bool | isBit32 (Executable *exe) |
| Static Public Member Functions inherited from AbstractByteBuffer | |
| static bool | isValid (AbstractByteBuffer *buf) |
Protected Member Functions | |
| Executable (AbstractByteBuffer *v_buf, exe_bits v_bitMode) | |
Protected Attributes | |
| exe_bits | bitMode |
| AbstractByteBuffer * | buf |
Detailed Description
Definition at line 26 of file Executable.h.
Member Enumeration Documentation
◆ addr_type
| Enumerator | |
|---|---|
| NOT_ADDR | |
| RAW | |
| RVA | |
| VA | |
Definition at line 41 of file Executable.h.
◆ exe_arch
| enum Executable::exe_arch |
| Enumerator | |
|---|---|
| ARCH_UNKNOWN | |
| ARCH_INTEL | |
| ARCH_ARM | |
Definition at line 35 of file Executable.h.
◆ exe_bits
| enum Executable::exe_bits |
| Enumerator | |
|---|---|
| UNKNOWN | |
| BITS_16 | |
| BITS_32 | |
| BITS_64 | |
Definition at line 28 of file Executable.h.
Constructor & Destructor Documentation
◆ ~Executable()
|
inlinevirtual |
Definition at line 54 of file Executable.h.
◆ Executable()
|
protected |
Definition at line 4 of file Executable.cpp.
Member Function Documentation
◆ convertAddr()
|
virtual |
◆ detectAddrType()
| Executable::addr_type Executable::detectAddrType | ( | offset_t | addr, |
| Executable::addr_type | hintType ) |
◆ dumpFragment()
◆ getAlignment()
|
pure virtual |
◆ getAllEntryPoints()
|
inlinevirtual |
Reimplemented in PEFile.
Definition at line 77 of file Executable.h.
Here is the call graph for this function:
◆ getArch()
◆ getBitMode()
|
inlinevirtual |
Reimplemented in PEFile.
Definition at line 56 of file Executable.h.
◆ getContent()
|
inlinevirtual |
Implements AbstractByteBuffer.
Definition at line 60 of file Executable.h.
Here is the call graph for this function:
◆ getContentAt() [1/2]
|
inlinevirtual |
Reimplemented from AbstractByteBuffer.
Definition at line 65 of file Executable.h.
Here is the call graph for this function:
◆ getContentAt() [2/2]
|
virtual |
◆ getContentAtPtr()
|
inlinevirtual |
Reimplemented from AbstractByteBuffer.
Definition at line 64 of file Executable.h.
Here is the call graph for this function:
◆ getContentSize()
|
inlinevirtual |
Implements AbstractByteBuffer.
Definition at line 59 of file Executable.h.
Here is the call graph for this function:
◆ getEntryPoint()
|
pure virtual |
◆ getFileBuffer()
|
inline |
Definition at line 124 of file Executable.h.
◆ getFileName()
| QString Executable::getFileName | ( | ) |
◆ getFileSize()
| bufsize_t Executable::getFileSize | ( | ) | const |
◆ getImageBase()
|
pure virtual |
◆ getImageSize()
|
inlinevirtual |
◆ getMappedSize()
|
pure virtual |
◆ getRawSize()
|
inlinevirtual |
◆ isBit32() [1/2]
|
inline |
◆ isBit32() [2/2]
|
inlinestatic |
◆ isBit64() [1/2]
|
inline |
◆ isBit64() [2/2]
|
inlinestatic |
◆ isResized()
|
inlinevirtual |
Reimplemented from AbstractByteBuffer.
Definition at line 119 of file Executable.h.
Here is the call graph for this function:
◆ isTruncated()
|
inlinevirtual |
Reimplemented from AbstractByteBuffer.
Definition at line 121 of file Executable.h.
Here is the call graph for this function:
◆ isValidAddr()
◆ isValidVA()
|
inlinevirtual |
◆ rawToRva()
◆ resize()
|
inlinevirtual |
Reimplemented from AbstractByteBuffer.
Reimplemented in MappedExe.
Definition at line 117 of file Executable.h.
Here is the call graph for this function:
◆ rvaToRaw()
◆ rvaToVa()
◆ toRaw()
◆ vaToRaw()
◆ VaToRva()
Member Data Documentation
◆ bitMode
|
protected |
Definition at line 132 of file Executable.h.
◆ buf
|
protected |
Definition at line 133 of file Executable.h.
The documentation for this class was generated from the following files:
- parser/include/bearparser/Executable.h
- parser/Executable.cpp
Generated by
1.12.0