pesieve::PeReconstructor Class Reference

#include <pe_reconstructor.h>

Public Member Functions
	PeReconstructor (PeArtefacts _artefacts, PeBuffer &_peBuffer)
bool	reconstruct ()

Protected Member Functions
bool	reconstructFileHdr ()
bool	reconstructPeHdr ()
bool	fixSectionsVirtualSize (HANDLE processHandle)
bool	fixSectionsCharacteristics (HANDLE processHandle)
size_t	shiftPeHeader ()

Protected Attributes
const PeArtefacts	origArtefacts
PeArtefacts	artefacts
PeBuffer &	peBuffer

Detailed Description

Definition at line 45 of file pe_reconstructor.h.

Constructor & Destructor Documentation

PeReconstructor()

pesieve::PeReconstructor::PeReconstructor ( PeArtefacts _artefacts, PeBuffer & _peBuffer )

inline

Definition at line 47 of file pe_reconstructor.h.

Member Function Documentation

fixSectionsCharacteristics()

bool pesieve::PeReconstructor::fixSectionsCharacteristics ( HANDLE processHandle )

protected

Definition at line 185 of file pe_reconstructor.cpp.

Here is the call graph for this function:

fixSectionsVirtualSize()

bool pesieve::PeReconstructor::fixSectionsVirtualSize ( HANDLE processHandle )

protected

Definition at line 103 of file pe_reconstructor.cpp.

Here is the call graph for this function:

reconstruct()

bool pesieve::PeReconstructor::reconstruct

(

)

Definition at line 75 of file pe_reconstructor.cpp.

Here is the call graph for this function:

reconstructFileHdr()

bool pesieve::PeReconstructor::reconstructFileHdr ( )

protected

Definition at line 222 of file pe_reconstructor.cpp.

Here is the call graph for this function:

reconstructPeHdr()

bool pesieve::PeReconstructor::reconstructPeHdr ( )

protected

Definition at line 266 of file pe_reconstructor.cpp.

Here is the call graph for this function:

shiftPeHeader()

size_t pesieve::PeReconstructor::shiftPeHeader ( )

protected

Definition at line 18 of file pe_reconstructor.cpp.

Here is the call graph for this function:

Member Data Documentation

artefacts

PeArtefacts pesieve::PeReconstructor::artefacts

protected

Definition at line 63 of file pe_reconstructor.h.

origArtefacts

const PeArtefacts pesieve::PeReconstructor::origArtefacts

protected

Definition at line 62 of file pe_reconstructor.h.

peBuffer

PeBuffer& pesieve::PeReconstructor::peBuffer

protected

Definition at line 64 of file pe_reconstructor.h.

---

The documentation for this class was generated from the following files:

• postprocessors/pe_reconstructor.h
• postprocessors/pe_reconstructor.cpp