relocate.h

Go to the documentation of this file.

 
#pragma once
 
#include <windows.h>
 
namespace peconv {
 
    typedef struct _BASE_RELOCATION_ENTRY {
        WORD Offset : 12;
        WORD Type : 4;
    } BASE_RELOCATION_ENTRY;
 
    class RelocBlockCallback
    {
    public:
        RelocBlockCallback(bool _is64bit)
            : is64bit(_is64bit)
        {
        }
 
        virtual bool processRelocField(ULONG_PTR relocField) = 0;
 
    protected:
        bool is64bit;
    };
 
    // Processs the relocation table and make your own callback on each relocation field
    bool process_relocation_table(IN PVOID modulePtr, IN SIZE_T moduleSize, IN RelocBlockCallback *callback);
 
    bool relocate_module(IN BYTE* modulePtr, IN SIZE_T moduleSize, IN ULONGLONG newBase, IN ULONGLONG oldBase = 0);
 
    bool has_valid_relocation_table(IN const PBYTE modulePtr, IN const size_t moduleSize);
 
};//namespace peconv