libPeConv
A library to load, manipulate, dump PE files.
Loading...
Searching...
No Matches
load_config_util.cpp
Go to the documentation of this file.
1#include "peconv/load_config_util.h"
2#include "peconv/pe_hdrs_helper.h"
3
4BYTE* peconv::get_load_config_ptr(BYTE* buffer, size_t buf_size)
5{
6 if (!buffer || !buf_size) return nullptr;
7 IMAGE_DATA_DIRECTORY* dir = peconv::get_directory_entry(buffer, IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG);
8 if (!dir) {
9 return 0;
10 }
11 DWORD entry_rva = dir->VirtualAddress;
12 DWORD entry_size = dir->Size;
13 if (!peconv::validate_ptr(buffer, buf_size, buffer + entry_rva, entry_size)) {
14 return 0;
15 }
16 IMAGE_LOAD_CONFIG_DIRECTORY32* ldc = reinterpret_cast<IMAGE_LOAD_CONFIG_DIRECTORY32*>((ULONG_PTR)buffer + entry_rva);
17 return reinterpret_cast<BYTE*>(ldc);
18}
19
20peconv::t_load_config_ver peconv::get_load_config_version(BYTE* buffer, size_t buf_size, BYTE* ld_config_ptr)
21{
22 if (!buffer || !buf_size || !ld_config_ptr) {
23 return peconv::LOAD_CONFIG_NONE;
24 }
25 bool is64b = peconv::is64bit(buffer);
26
27 if (!peconv::validate_ptr(buffer, buf_size, ld_config_ptr, sizeof(peconv::IMAGE_LOAD_CONFIG_DIR32_W7))) {
28 return peconv::LOAD_CONFIG_NONE;
29 }
30
31 peconv::IMAGE_LOAD_CONFIG_DIR32_W7* smallest = (peconv::IMAGE_LOAD_CONFIG_DIR32_W7*)ld_config_ptr;
32 const size_t curr_size = smallest->Size;
33
34 if (is64b) {
35 switch (curr_size) {
36 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR64_W7) :
37 return peconv::LOAD_CONFIG_W7_VER;
38 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR64_W8) :
39 return peconv::LOAD_CONFIG_W8_VER;
40 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR64_W10) :
41 return peconv::LOAD_CONFIG_W10_VER;
42 default:
43 return LOAD_CONFIG_UNK_VER;
44 }
45 }
46 else {
47 switch (curr_size) {
48 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR32_W7) :
49 return peconv::LOAD_CONFIG_W7_VER;
50 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR32_W8) :
51 return peconv::LOAD_CONFIG_W8_VER;
52 case sizeof(peconv::IMAGE_LOAD_CONFIG_DIR32_W10) :
53 return peconv::LOAD_CONFIG_W10_VER;
54 default:
55 return LOAD_CONFIG_UNK_VER;
56 }
57 }
58 return LOAD_CONFIG_UNK_VER;
59}
load_config_util.h
Fetching Load Config Directory and recognizing its version.
peconv::IMAGE_LOAD_CONFIG_DIR64_W10
struct peconv::_IMAGE_LOAD_CONFIG_DIR64_W10 IMAGE_LOAD_CONFIG_DIR64_W10
peconv::get_load_config_ptr
BYTE * get_load_config_ptr(BYTE *buffer, size_t buf_size)
Definition load_config_util.cpp:4
peconv::get_load_config_version
t_load_config_ver get_load_config_version(BYTE *buffer, size_t buf_size, BYTE *ld_config_ptr)
Definition load_config_util.cpp:20
peconv::IMAGE_LOAD_CONFIG_DIR32_W8
struct peconv::_IMAGE_LOAD_CONFIG_DIR32_W8 IMAGE_LOAD_CONFIG_DIR32_W8
peconv::IMAGE_LOAD_CONFIG_DIR32_W10
struct peconv::_IMAGE_LOAD_CONFIG_DIR32_W10 IMAGE_LOAD_CONFIG_DIR32_W10
peconv::validate_ptr
bool validate_ptr(IN const void *buffer_bgn, IN size_t buffer_size, IN const void *field_bgn, IN size_t field_size)
Definition buffer_util.cpp:9
peconv::IMAGE_LOAD_CONFIG_DIR64_W8
struct peconv::_IMAGE_LOAD_CONFIG_DIR64_W8 IMAGE_LOAD_CONFIG_DIR64_W8
peconv::IMAGE_LOAD_CONFIG_DIR64_W7
struct peconv::_IMAGE_LOAD_CONFIG_DIR64_W7 IMAGE_LOAD_CONFIG_DIR64_W7
peconv::is64bit
bool is64bit(IN const BYTE *pe_buffer)
Definition pe_hdrs_helper.cpp:121
peconv::get_directory_entry
IMAGE_DATA_DIRECTORY * get_directory_entry(IN const BYTE *pe_buffer, IN DWORD dir_id, IN bool allow_empty=false)
Definition pe_hdrs_helper.cpp:130
peconv::IMAGE_LOAD_CONFIG_DIR32_W7
struct peconv::_IMAGE_LOAD_CONFIG_DIR32_W7 IMAGE_LOAD_CONFIG_DIR32_W7
peconv::LOAD_CONFIG_UNK_VER
@ LOAD_CONFIG_UNK_VER
Definition load_config_util.h:22
peconv::LOAD_CONFIG_W10_VER
@ LOAD_CONFIG_W10_VER
Definition load_config_util.h:21
pe_hdrs_helper.h
Wrappers over various fields in the PE header. Read, write, parse PE headers.
peconv::_IMAGE_LOAD_CONFIG_DIR32_W7
Definition load_config_defs.h:183
peconv::_IMAGE_LOAD_CONFIG_DIR32_W7::Size
DWORD Size
Definition load_config_defs.h:184
Generated on Sat Nov 2 2024 22:08:24 for libPeConv by doxygen 1.12.0