4 * Copyright 1998 Patrik Stridvall
5 * Copyright 2003 Mike McCormack
6 * Copyright 2009 Owen Rudge for CodeWeavers
7 * Copyright 2010 Juan Lang
8 * Copyright 2010 Andrey Turkin
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
33 #include "wine/debug.h"
35 WINE_DEFAULT_DEBUG_CHANNEL(imagehlp
);
38 * These functions are partially documented at:
39 * http://www.cs.auckland.ac.nz/~pgut001/pubs/authenticode.txt
46 /***********************************************************************
47 * IMAGEHLP_GetNTHeaders (INTERNAL)
49 * Return the IMAGE_NT_HEADERS for a PE file, after validating magic
50 * numbers and distinguishing between 32-bit and 64-bit files.
52 static int IMAGEHLP_GetNTHeaders(HANDLE handle
, DWORD
*pe_offset
, IMAGE_NT_HEADERS32
*nt32
, IMAGE_NT_HEADERS64
*nt64
)
54 IMAGE_DOS_HEADER dos_hdr
;
58 TRACE("handle %p\n", handle
);
60 if ((!nt32
) || (!nt64
))
63 /* read the DOS header */
64 count
= SetFilePointer(handle
, 0, NULL
, FILE_BEGIN
);
66 if (count
== INVALID_SET_FILE_POINTER
)
71 r
= ReadFile(handle
, &dos_hdr
, sizeof dos_hdr
, &count
, NULL
);
76 if (count
!= sizeof dos_hdr
)
79 /* verify magic number of 'MZ' */
80 if (dos_hdr
.e_magic
!= IMAGE_DOS_SIGNATURE
)
83 if (pe_offset
!= NULL
)
84 *pe_offset
= dos_hdr
.e_lfanew
;
86 /* read the PE header */
87 count
= SetFilePointer(handle
, dos_hdr
.e_lfanew
, NULL
, FILE_BEGIN
);
89 if (count
== INVALID_SET_FILE_POINTER
)
94 r
= ReadFile(handle
, nt32
, sizeof(IMAGE_NT_HEADERS32
), &count
, NULL
);
99 if (count
!= sizeof(IMAGE_NT_HEADERS32
))
102 /* verify NT signature */
103 if (nt32
->Signature
!= IMAGE_NT_SIGNATURE
)
106 /* check if we have a 32-bit or 64-bit executable */
107 switch (nt32
->OptionalHeader
.Magic
)
109 case IMAGE_NT_OPTIONAL_HDR32_MAGIC
:
112 case IMAGE_NT_OPTIONAL_HDR64_MAGIC
:
113 /* Re-read as 64-bit */
115 count
= SetFilePointer(handle
, dos_hdr
.e_lfanew
, NULL
, FILE_BEGIN
);
117 if (count
== INVALID_SET_FILE_POINTER
)
122 r
= ReadFile(handle
, nt64
, sizeof(IMAGE_NT_HEADERS64
), &count
, NULL
);
127 if (count
!= sizeof(IMAGE_NT_HEADERS64
))
130 /* verify NT signature */
131 if (nt64
->Signature
!= IMAGE_NT_SIGNATURE
)
140 /***********************************************************************
141 * IMAGEHLP_GetSecurityDirOffset (INTERNAL)
143 * Read a file's PE header, and return the offset and size of the
144 * security directory.
146 static BOOL
IMAGEHLP_GetSecurityDirOffset( HANDLE handle
,
147 DWORD
*pdwOfs
, DWORD
*pdwSize
)
149 IMAGE_NT_HEADERS32 nt_hdr32
;
150 IMAGE_NT_HEADERS64 nt_hdr64
;
151 IMAGE_DATA_DIRECTORY
*sd
;
154 ret
= IMAGEHLP_GetNTHeaders(handle
, NULL
, &nt_hdr32
, &nt_hdr64
);
157 sd
= &nt_hdr32
.OptionalHeader
.DataDirectory
[IMAGE_FILE_SECURITY_DIRECTORY
];
158 else if (ret
== HDR_NT64
)
159 sd
= &nt_hdr64
.OptionalHeader
.DataDirectory
[IMAGE_FILE_SECURITY_DIRECTORY
];
163 TRACE("ret = %d size = %lx addr = %lx\n", ret
, sd
->Size
, sd
->VirtualAddress
);
166 *pdwOfs
= sd
->VirtualAddress
;
171 /***********************************************************************
172 * IMAGEHLP_SetSecurityDirOffset (INTERNAL)
174 * Read a file's PE header, and update the offset and size of the
175 * security directory.
177 static BOOL
IMAGEHLP_SetSecurityDirOffset(HANDLE handle
,
178 DWORD dwOfs
, DWORD dwSize
)
180 IMAGE_NT_HEADERS32 nt_hdr32
;
181 IMAGE_NT_HEADERS64 nt_hdr64
;
182 IMAGE_DATA_DIRECTORY
*sd
;
183 int ret
, nt_hdr_size
= 0;
189 ret
= IMAGEHLP_GetNTHeaders(handle
, &pe_offset
, &nt_hdr32
, &nt_hdr64
);
193 sd
= &nt_hdr32
.OptionalHeader
.DataDirectory
[IMAGE_FILE_SECURITY_DIRECTORY
];
196 nt_hdr_size
= sizeof(IMAGE_NT_HEADERS32
);
198 else if (ret
== HDR_NT64
)
200 sd
= &nt_hdr64
.OptionalHeader
.DataDirectory
[IMAGE_FILE_SECURITY_DIRECTORY
];
203 nt_hdr_size
= sizeof(IMAGE_NT_HEADERS64
);
209 sd
->VirtualAddress
= dwOfs
;
211 TRACE("size = %lx addr = %lx\n", sd
->Size
, sd
->VirtualAddress
);
213 /* write the header back again */
214 count
= SetFilePointer(handle
, pe_offset
, NULL
, FILE_BEGIN
);
216 if (count
== INVALID_SET_FILE_POINTER
)
221 r
= WriteFile(handle
, nt_hdr
, nt_hdr_size
, &count
, NULL
);
226 if (count
!= nt_hdr_size
)
232 /***********************************************************************
233 * IMAGEHLP_GetCertificateOffset (INTERNAL)
235 * Read a file's PE header, and return the offset and size of the
236 * security directory.
238 static BOOL
IMAGEHLP_GetCertificateOffset( HANDLE handle
, DWORD num
,
239 DWORD
*pdwOfs
, DWORD
*pdwSize
)
241 DWORD size
, count
, offset
, len
, sd_VirtualAddr
;
244 r
= IMAGEHLP_GetSecurityDirOffset( handle
, &sd_VirtualAddr
, &size
);
249 /* take the n'th certificate */
252 /* read the length of the current certificate */
253 count
= SetFilePointer( handle
, sd_VirtualAddr
+ offset
,
255 if( count
== INVALID_SET_FILE_POINTER
)
257 r
= ReadFile( handle
, &len
, sizeof len
, &count
, NULL
);
260 if( count
!= sizeof len
)
263 /* check the certificate is not too big or too small */
264 if( len
< sizeof len
)
266 if( len
> (size
-offset
) )
271 /* calculate the offset of the next certificate */
274 /* padded out to the nearest 8-byte boundary */
276 offset
+= 8 - (len
% 8);
282 *pdwOfs
= sd_VirtualAddr
+ offset
;
285 TRACE("len = %lx addr = %lx\n", len
, sd_VirtualAddr
+ offset
);
290 /***********************************************************************
291 * IMAGEHLP_RecalculateChecksum (INTERNAL)
293 * Update the NT header checksum for the specified file.
295 static BOOL
IMAGEHLP_RecalculateChecksum(HANDLE handle
)
297 DWORD FileLength
, count
, HeaderSum
, pe_offset
, nt_hdr_size
;
298 IMAGE_NT_HEADERS32 nt_hdr32
;
299 IMAGE_NT_HEADERS64 nt_hdr64
;
307 TRACE("handle %p\n", handle
);
309 ret
= IMAGEHLP_GetNTHeaders(handle
, &pe_offset
, &nt_hdr32
, &nt_hdr64
);
313 CheckSum
= &nt_hdr32
.OptionalHeader
.CheckSum
;
316 nt_hdr_size
= sizeof(IMAGE_NT_HEADERS32
);
318 else if (ret
== HDR_NT64
)
320 CheckSum
= &nt_hdr64
.OptionalHeader
.CheckSum
;
323 nt_hdr_size
= sizeof(IMAGE_NT_HEADERS64
);
328 hMapping
= CreateFileMappingW(handle
, NULL
, PAGE_READONLY
, 0, 0, NULL
);
333 BaseAddress
= MapViewOfFile(hMapping
, FILE_MAP_READ
, 0, 0, 0);
337 CloseHandle(hMapping
);
341 FileLength
= GetFileSize(handle
, NULL
);
344 CheckSumMappedFile(BaseAddress
, FileLength
, &HeaderSum
, CheckSum
);
346 UnmapViewOfFile(BaseAddress
);
347 CloseHandle(hMapping
);
351 /* write the header back again */
352 count
= SetFilePointer(handle
, pe_offset
, NULL
, FILE_BEGIN
);
354 if (count
== INVALID_SET_FILE_POINTER
)
359 r
= WriteFile(handle
, nt_hdr
, nt_hdr_size
, &count
, NULL
);
364 if (count
!= nt_hdr_size
)
373 /***********************************************************************
374 * ImageAddCertificate (IMAGEHLP.@)
376 * Adds the specified certificate to the security directory of
380 BOOL WINAPI
ImageAddCertificate(
381 HANDLE FileHandle
, LPWIN_CERTIFICATE Certificate
, PDWORD Index
)
383 DWORD size
= 0, count
= 0, offset
= 0, sd_VirtualAddr
= 0, index
= 0;
385 const size_t cert_hdr_size
= sizeof hdr
- sizeof hdr
.bCertificate
;
388 TRACE("(%p, %p, %p)\n", FileHandle
, Certificate
, Index
);
390 r
= IMAGEHLP_GetSecurityDirOffset(FileHandle
, &sd_VirtualAddr
, &size
);
392 /* If we've already got a security directory, find the end of it */
393 if ((r
) && (sd_VirtualAddr
!= 0))
395 /* Check if the security directory is at the end of the file.
396 If not, we should probably relocate it. */
397 if (GetFileSize(FileHandle
, NULL
) != sd_VirtualAddr
+ size
)
399 FIXME("Security directory already present but not located at EOF, not adding certificate\n");
401 SetLastError(ERROR_NOT_SUPPORTED
);
405 while (offset
< size
)
407 /* read the length of the current certificate */
408 count
= SetFilePointer (FileHandle
, sd_VirtualAddr
+ offset
,
411 if (count
== INVALID_SET_FILE_POINTER
)
414 r
= ReadFile(FileHandle
, &hdr
, cert_hdr_size
, &count
, NULL
);
419 if (count
!= cert_hdr_size
)
422 /* check the certificate is not too big or too small */
423 if (hdr
.dwLength
< cert_hdr_size
)
426 if (hdr
.dwLength
> (size
-offset
))
429 /* next certificate */
430 offset
+= hdr
.dwLength
;
432 /* padded out to the nearest 8-byte boundary */
433 if (hdr
.dwLength
% 8)
434 offset
+= 8 - (hdr
.dwLength
% 8);
439 count
= SetFilePointer (FileHandle
, sd_VirtualAddr
+ offset
, NULL
, FILE_BEGIN
);
441 if (count
== INVALID_SET_FILE_POINTER
)
446 sd_VirtualAddr
= SetFilePointer(FileHandle
, 0, NULL
, FILE_END
);
448 if (sd_VirtualAddr
== INVALID_SET_FILE_POINTER
)
452 /* Write the certificate to the file */
453 r
= WriteFile(FileHandle
, Certificate
, Certificate
->dwLength
, &count
, NULL
);
458 /* Pad out if necessary */
459 if (Certificate
->dwLength
% 8)
464 WriteFile(FileHandle
, null
, 8 - (Certificate
->dwLength
% 8), &count
, NULL
);
466 size
+= 8 - (Certificate
->dwLength
% 8);
469 size
+= Certificate
->dwLength
;
471 /* Update the security directory offset and size */
472 if (!IMAGEHLP_SetSecurityDirOffset(FileHandle
, sd_VirtualAddr
, size
))
475 if (!IMAGEHLP_RecalculateChecksum(FileHandle
))
483 /***********************************************************************
484 * ImageEnumerateCertificates (IMAGEHLP.@)
486 BOOL WINAPI
ImageEnumerateCertificates(
487 HANDLE handle
, WORD TypeFilter
, PDWORD CertificateCount
,
488 PDWORD Indices
, DWORD IndexCount
)
490 DWORD size
, count
, offset
, sd_VirtualAddr
, index
;
492 const size_t cert_hdr_size
= sizeof hdr
- sizeof hdr
.bCertificate
;
495 TRACE("%p %hd %p %p %ld\n",
496 handle
, TypeFilter
, CertificateCount
, Indices
, IndexCount
);
498 r
= IMAGEHLP_GetSecurityDirOffset( handle
, &sd_VirtualAddr
, &size
);
504 *CertificateCount
= 0;
505 while( offset
< size
)
507 /* read the length of the current certificate */
508 count
= SetFilePointer( handle
, sd_VirtualAddr
+ offset
,
510 if( count
== INVALID_SET_FILE_POINTER
)
512 r
= ReadFile( handle
, &hdr
, cert_hdr_size
, &count
, NULL
);
515 if( count
!= cert_hdr_size
)
518 TRACE("Size = %08lx id = %08hx\n",
519 hdr
.dwLength
, hdr
.wCertificateType
);
521 /* check the certificate is not too big or too small */
522 if( hdr
.dwLength
< cert_hdr_size
)
524 if( hdr
.dwLength
> (size
-offset
) )
527 if( (TypeFilter
== CERT_SECTION_TYPE_ANY
) ||
528 (TypeFilter
== hdr
.wCertificateType
) )
530 (*CertificateCount
)++;
531 if(Indices
&& *CertificateCount
<= IndexCount
)
535 /* next certificate */
536 offset
+= hdr
.dwLength
;
538 /* padded out to the nearest 8-byte boundary */
539 if (hdr
.dwLength
% 8)
540 offset
+= 8 - (hdr
.dwLength
% 8);
548 /***********************************************************************
549 * ImageGetCertificateData (IMAGEHLP.@)
551 * FIXME: not sure that I'm dealing with the Index the right way
553 BOOL WINAPI
ImageGetCertificateData(
554 HANDLE handle
, DWORD Index
,
555 LPWIN_CERTIFICATE Certificate
, PDWORD RequiredLength
)
557 DWORD r
, offset
, ofs
, size
, count
;
559 TRACE("%p %ld %p %p\n", handle
, Index
, Certificate
, RequiredLength
);
563 SetLastError( ERROR_INVALID_PARAMETER
);
567 if( !IMAGEHLP_GetCertificateOffset( handle
, Index
, &ofs
, &size
) )
570 if( *RequiredLength
< size
)
572 *RequiredLength
= size
;
573 SetLastError( ERROR_INSUFFICIENT_BUFFER
);
579 SetLastError( ERROR_INVALID_PARAMETER
);
583 *RequiredLength
= size
;
585 offset
= SetFilePointer( handle
, ofs
, NULL
, FILE_BEGIN
);
586 if( offset
== INVALID_SET_FILE_POINTER
)
589 r
= ReadFile( handle
, Certificate
, size
, &count
, NULL
);
596 SetLastError( NO_ERROR
);
601 /***********************************************************************
602 * ImageGetCertificateHeader (IMAGEHLP.@)
604 BOOL WINAPI
ImageGetCertificateHeader(
605 HANDLE handle
, DWORD index
, LPWIN_CERTIFICATE pCert
)
607 DWORD r
, offset
, ofs
, size
, count
;
608 const size_t cert_hdr_size
= sizeof *pCert
- sizeof pCert
->bCertificate
;
610 TRACE("%p %ld %p\n", handle
, index
, pCert
);
612 if( !IMAGEHLP_GetCertificateOffset( handle
, index
, &ofs
, &size
) )
615 if( size
< cert_hdr_size
)
618 offset
= SetFilePointer( handle
, ofs
, NULL
, FILE_BEGIN
);
619 if( offset
== INVALID_SET_FILE_POINTER
)
622 r
= ReadFile( handle
, pCert
, cert_hdr_size
, &count
, NULL
);
625 if( count
!= cert_hdr_size
)
633 /* Finds the section named section in the array of IMAGE_SECTION_HEADERs hdr. If
634 * found, returns the offset to the section. Otherwise returns 0. If the section
635 * is found, optionally returns the size of the section (in size) and the base
636 * address of the section (in base.)
638 static DWORD
IMAGEHLP_GetSectionOffset( IMAGE_SECTION_HEADER
*hdr
,
639 DWORD num_sections
, LPCSTR section
, PDWORD size
, PDWORD base
)
643 for( i
= 0; !offset
&& i
< num_sections
; i
++, hdr
++ )
645 if( !memcmp( hdr
->Name
, section
, strlen(section
) ) )
647 offset
= hdr
->PointerToRawData
;
649 *size
= hdr
->SizeOfRawData
;
651 *base
= hdr
->VirtualAddress
;
657 /* Calls DigestFunction e bytes at offset offset from the file mapped at map.
658 * Returns the return value of DigestFunction, or FALSE if the data is not available.
660 static BOOL
IMAGEHLP_ReportSectionFromOffset( DWORD offset
, DWORD size
,
661 BYTE
*map
, DWORD fileSize
, DIGEST_FUNCTION DigestFunction
, DIGEST_HANDLE DigestHandle
)
663 if( offset
+ size
> fileSize
)
665 SetLastError(ERROR_INVALID_PARAMETER
);
668 return DigestFunction( DigestHandle
, map
+ offset
, size
);
671 /* Finds the section named section among the IMAGE_SECTION_HEADERs in
672 * section_headers and calls DigestFunction for this section. Returns
673 * the return value from DigestFunction, or FALSE if the data could not be read.
675 static BOOL
IMAGEHLP_ReportSection( IMAGE_SECTION_HEADER
*section_headers
,
676 DWORD num_sections
, LPCSTR section
, BYTE
*map
, DWORD fileSize
,
677 DIGEST_FUNCTION DigestFunction
, DIGEST_HANDLE DigestHandle
)
679 DWORD offset
, size
= 0;
681 offset
= IMAGEHLP_GetSectionOffset( section_headers
, num_sections
, section
,
685 return IMAGEHLP_ReportSectionFromOffset( offset
, size
, map
, fileSize
,
686 DigestFunction
, DigestHandle
);
689 /* Calls DigestFunction for all sections with the IMAGE_SCN_CNT_CODE flag set.
690 * Returns the return value from * DigestFunction, or FALSE if a section could not be read.
692 static BOOL
IMAGEHLP_ReportCodeSections( IMAGE_SECTION_HEADER
*hdr
, DWORD num_sections
,
693 BYTE
*map
, DWORD fileSize
, DIGEST_FUNCTION DigestFunction
, DIGEST_HANDLE DigestHandle
)
698 for( i
= 0; ret
&& i
< num_sections
; i
++, hdr
++ )
700 if( hdr
->Characteristics
& IMAGE_SCN_CNT_CODE
)
701 ret
= IMAGEHLP_ReportSectionFromOffset( hdr
->PointerToRawData
,
702 hdr
->SizeOfRawData
, map
, fileSize
, DigestFunction
, DigestHandle
);
707 /* Reports the import section from the file FileHandle. If
708 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO is set in DigestLevel, reports the entire
710 * FIXME: if it's not set, the function currently fails.
712 static BOOL
IMAGEHLP_ReportImportSection( IMAGE_SECTION_HEADER
*hdr
,
713 DWORD num_sections
, BYTE
*map
, DWORD fileSize
, DWORD DigestLevel
,
714 DIGEST_FUNCTION DigestFunction
, DIGEST_HANDLE DigestHandle
)
717 DWORD offset
, size
, base
;
719 /* Get import data */
720 offset
= IMAGEHLP_GetSectionOffset( hdr
, num_sections
, ".idata", &size
,
725 /* If CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO is set, the entire
726 * section is reported. Otherwise, the debug info section is
727 * decoded and reported piecemeal. See tests. However, I haven't been
728 * able to figure out how the native implementation decides which values
729 * to report. Either it's buggy or my understanding is flawed.
731 if( DigestLevel
& CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO
)
732 ret
= IMAGEHLP_ReportSectionFromOffset( offset
, size
, map
, fileSize
,
733 DigestFunction
, DigestHandle
);
736 FIXME("not supported except for CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO\n");
737 SetLastError(ERROR_INVALID_PARAMETER
);
744 /***********************************************************************
745 * ImageGetDigestStream (IMAGEHLP.@)
747 * Gets a stream of bytes from a PE file over which a hash might be computed to
748 * verify that the image has not changed. Useful for creating a certificate to
749 * be added to the file with ImageAddCertificate.
752 * FileHandle [In] File for which to return a stream.
753 * DigestLevel [In] Flags to control which portions of the file to return.
754 * 0 is allowed, as is any combination of:
755 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO: reports the entire
756 * import section rather than selected portions of it.
757 * CERT_PE_IMAGE_DIGEST_DEBUG_INFO: reports the debug section.
758 * CERT_PE_IMAGE_DIGEST_RESOURCES: reports the resources
760 * DigestFunction [In] Callback function.
761 * DigestHandle [In] Handle passed as first parameter to DigestFunction.
764 * TRUE if successful.
765 * FALSE if unsuccessful. GetLastError returns more about the error.
768 * Only supports 32-bit PE files, not tested with any other format.
769 * Reports data in the following order:
770 * 1. The file headers are reported first
771 * 2. Any code sections are reported next.
772 * 3. The data (".data" and ".rdata") sections are reported next.
773 * 4. The import section is reported next.
774 * 5. If CERT_PE_IMAGE_DIGEST_DEBUG_INFO is set in DigestLevel, the debug section is
776 * 6. If CERT_PE_IMAGE_DIGEST_RESOURCES is set in DigestLevel, the resources section
780 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO must be specified, returns an error if not.
782 BOOL WINAPI
ImageGetDigestStream(
783 HANDLE FileHandle
, DWORD DigestLevel
,
784 DIGEST_FUNCTION DigestFunction
, DIGEST_HANDLE DigestHandle
)
788 DWORD offset
, size
, num_sections
, fileSize
;
789 HANDLE hMap
= INVALID_HANDLE_VALUE
;
791 IMAGE_DOS_HEADER
*dos_hdr
;
792 IMAGE_NT_HEADERS
*nt_hdr
;
793 IMAGE_SECTION_HEADER
*section_headers
;
795 TRACE("(%p, %ld, %p, %p)\n", FileHandle
, DigestLevel
, DigestFunction
,
798 /* Get the file size */
800 goto invalid_parameter
;
801 fileSize
= GetFileSize( FileHandle
, NULL
);
802 if(fileSize
== INVALID_FILE_SIZE
)
803 goto invalid_parameter
;
806 hMap
= CreateFileMappingW( FileHandle
, NULL
, PAGE_READONLY
, 0, 0, NULL
);
807 if( hMap
== INVALID_HANDLE_VALUE
)
808 goto invalid_parameter
;
809 map
= MapViewOfFile( hMap
, FILE_MAP_COPY
, 0, 0, 0 );
811 goto invalid_parameter
;
813 /* Read the file header */
814 if( fileSize
< sizeof(IMAGE_DOS_HEADER
) )
815 goto invalid_parameter
;
816 dos_hdr
= (IMAGE_DOS_HEADER
*)map
;
818 if( dos_hdr
->e_magic
!= IMAGE_DOS_SIGNATURE
)
819 goto invalid_parameter
;
820 offset
= dos_hdr
->e_lfanew
;
821 if( !offset
|| offset
> fileSize
)
822 goto invalid_parameter
;
823 ret
= DigestFunction( DigestHandle
, map
, offset
);
827 /* Read the NT header */
828 if( offset
+ sizeof(IMAGE_NT_HEADERS
) > fileSize
)
829 goto invalid_parameter
;
830 nt_hdr
= (IMAGE_NT_HEADERS
*)(map
+ offset
);
831 if( nt_hdr
->Signature
!= IMAGE_NT_SIGNATURE
)
832 goto invalid_parameter
;
833 /* It's clear why the checksum is cleared, but why only these size headers?
835 nt_hdr
->OptionalHeader
.SizeOfInitializedData
= 0;
836 nt_hdr
->OptionalHeader
.SizeOfImage
= 0;
837 nt_hdr
->OptionalHeader
.CheckSum
= 0;
838 size
= sizeof(nt_hdr
->Signature
) + sizeof(nt_hdr
->FileHeader
) +
839 nt_hdr
->FileHeader
.SizeOfOptionalHeader
;
840 ret
= DigestFunction( DigestHandle
, map
+ offset
, size
);
844 /* Read the section headers */
846 num_sections
= nt_hdr
->FileHeader
.NumberOfSections
;
847 size
= num_sections
* sizeof(IMAGE_SECTION_HEADER
);
848 if( offset
+ size
> fileSize
)
849 goto invalid_parameter
;
850 ret
= DigestFunction( DigestHandle
, map
+ offset
, size
);
854 section_headers
= (IMAGE_SECTION_HEADER
*)(map
+ offset
);
855 IMAGEHLP_ReportCodeSections( section_headers
, num_sections
,
856 map
, fileSize
, DigestFunction
, DigestHandle
);
857 IMAGEHLP_ReportSection( section_headers
, num_sections
, ".data",
858 map
, fileSize
, DigestFunction
, DigestHandle
);
859 IMAGEHLP_ReportSection( section_headers
, num_sections
, ".rdata",
860 map
, fileSize
, DigestFunction
, DigestHandle
);
861 IMAGEHLP_ReportImportSection( section_headers
, num_sections
,
862 map
, fileSize
, DigestLevel
, DigestFunction
, DigestHandle
);
863 if( DigestLevel
& CERT_PE_IMAGE_DIGEST_DEBUG_INFO
)
864 IMAGEHLP_ReportSection( section_headers
, num_sections
, ".debug",
865 map
, fileSize
, DigestFunction
, DigestHandle
);
866 if( DigestLevel
& CERT_PE_IMAGE_DIGEST_RESOURCES
)
867 IMAGEHLP_ReportSection( section_headers
, num_sections
, ".rsrc",
868 map
, fileSize
, DigestFunction
, DigestHandle
);
872 UnmapViewOfFile( map
);
873 if( hMap
!= INVALID_HANDLE_VALUE
)
880 error
= ERROR_INVALID_PARAMETER
;
884 /***********************************************************************
885 * ImageRemoveCertificate (IMAGEHLP.@)
887 BOOL WINAPI
ImageRemoveCertificate(HANDLE FileHandle
, DWORD Index
)
889 DWORD size
= 0, count
= 0, sd_VirtualAddr
= 0, offset
= 0;
890 DWORD data_size
= 0, cert_size
= 0, cert_size_padded
= 0, ret
= 0;
894 TRACE("(%p, %ld)\n", FileHandle
, Index
);
896 r
= ImageEnumerateCertificates(FileHandle
, CERT_SECTION_TYPE_ANY
, &count
, NULL
, 0);
898 if ((!r
) || (count
== 0))
901 if ((!IMAGEHLP_GetSecurityDirOffset(FileHandle
, &sd_VirtualAddr
, &size
)) ||
902 (!IMAGEHLP_GetCertificateOffset(FileHandle
, Index
, &offset
, &cert_size
)))
905 /* Ignore any padding we have, too */
907 cert_size_padded
= cert_size
+ (8 - (cert_size
% 8));
909 cert_size_padded
= cert_size
;
911 data_size
= size
- (offset
- sd_VirtualAddr
) - cert_size_padded
;
915 ret
= SetFilePointer(FileHandle
, sd_VirtualAddr
, NULL
, FILE_BEGIN
);
917 if (ret
== INVALID_SET_FILE_POINTER
)
922 cert_data
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, data_size
);
927 ret
= SetFilePointer(FileHandle
, offset
+ cert_size_padded
, NULL
, FILE_BEGIN
);
929 if (ret
== INVALID_SET_FILE_POINTER
)
932 /* Read any subsequent certificates */
933 r
= ReadFile(FileHandle
, cert_data
, data_size
, &count
, NULL
);
935 if ((!r
) || (count
!= data_size
))
938 SetFilePointer(FileHandle
, offset
, NULL
, FILE_BEGIN
);
940 /* Write them one index back */
941 r
= WriteFile(FileHandle
, cert_data
, data_size
, &count
, NULL
);
943 if ((!r
) || (count
!= data_size
))
946 HeapFree(GetProcessHeap(), 0, cert_data
);
949 /* If security directory is at end of file, trim the file */
950 if (GetFileSize(FileHandle
, NULL
) == sd_VirtualAddr
+ size
)
951 SetEndOfFile(FileHandle
);
954 r
= IMAGEHLP_SetSecurityDirOffset(FileHandle
, 0, 0);
956 r
= IMAGEHLP_SetSecurityDirOffset(FileHandle
, sd_VirtualAddr
, size
- cert_size_padded
);
961 if (!IMAGEHLP_RecalculateChecksum(FileHandle
))
967 HeapFree(GetProcessHeap(), 0, cert_data
);