loader/pe_image.c

   1 /*
   2  *  Copyright   1994    Eric Youndale & Erik Bos
   3  *
   4  *      based on Eric Youndale's pe-test and:
   5  *
   6  *      ftp.microsoft.com:/pub/developer/MSDN/CD8/PEFILE.ZIP
   7  */
   8
   9 #include <ctype.h>
  10 #include <stdio.h>
  11 #include <stdlib.h>
  12 #include <string.h>
  13 #include <unistd.h>
  14 #include <sys/types.h>
  15 #include <sys/mman.h>
  16 #include "windows.h"
  17 #include "dlls.h"
  18 #include "neexe.h"
  19 #include "peexe.h"
  20 #include "pe_image.h"
  21
  22 #define MAP_ANONYMOUS   0x20
  23
  24 unsigned int load_addr;
  25
  26 void my_wcstombs(char * result, u_short * source, int len)
  27 {
  28   while(len--) {
  29     if(isascii(*source)) *result++ = *source++;
  30     else {
  31       printf("Unable to handle unicode right now\n");
  32       exit(0);
  33     }
  34   };
  35 }
  36
  37 char * xmmap(char * vaddr, unsigned int v_size, int prot, int flags,
  38              int fd, unsigned int file_offset)
  39 {
  40   char * result;
  41   result = mmap(vaddr, v_size, prot, flags, fd, file_offset);
  42   if((unsigned int) result != 0xffffffff) return result;
  43
  44   /* Sigh.  Alignment must be wrong for mmap.  Do this the hard way. */
  45   if(!(flags & MAP_FIXED)) {
  46     vaddr = (char *)0x40000000;
  47     flags |= MAP_FIXED;
  48   };
  49
  50   mmap(vaddr, v_size, prot, MAP_ANONYMOUS | flags, 0, 0);
  51   lseek(fd, file_offset, SEEK_SET);
  52   read(fd, vaddr, v_size);
  53   return vaddr;
  54 };
  55
  56 void dump_exports(struct PE_Export_Directory * pe_exports)
  57 {
  58   char * Module;
  59   int i;
  60   u_short * ordinal;
  61   u_long * function;
  62   u_char ** name, *ename;
  63
  64   Module = ((char *) load_addr) + pe_exports->Name;
  65   printf("\n*******EXPORT DATA*******\nModule name is %s, %ld functions, %ld names\n",
  66          Module,
  67          pe_exports->Number_Of_Functions,
  68          pe_exports->Number_Of_Names);
  69
  70   ordinal = (u_short *) (((char *) load_addr) + (int) pe_exports->Address_Of_Name_Ordinals);
  71   function = (u_long *)  (((char *) load_addr) + (int) pe_exports->AddressOfFunctions);
  72   name = (u_char **)  (((char *) load_addr) + (int) pe_exports->AddressOfNames);
  73
  74   printf("%-32s Ordinal Virt Addr\n", "Function Name");
  75   for(i=0; i< pe_exports->Number_Of_Functions; i++)
  76     {
  77       ename =  (char *) (((char *) load_addr) + (int) *name++);
  78       printf("%-32s %4d    %8.8lx\n", ename, *ordinal++, *function++);
  79     }
  80 }
  81
  82 void dump_imports(struct PE_Import_Directory *pe_imports)
  83 {
  84   struct PE_Import_Directory * pe_imp;
  85
  86  /* OK, now dump the import list */
  87   printf("\nDumping imports list\n");
  88   pe_imp = pe_imports;
  89   while (pe_imp->ModuleName)
  90     {
  91       char * Module;
  92       struct pe_import_name * pe_name;
  93       unsigned int * import_list;
  94       char * c;
  95
  96       Module = ((char *) load_addr) + pe_imp->ModuleName;
  97       printf("%s\n", Module);
  98       c = strchr(Module, '.');
  99       if (c) *c = 0;
 100
 101       import_list = (unsigned int *)
 102         (((unsigned int) load_addr) + pe_imp->Import_List);
 103
 104       while(*import_list)
 105         {
 106           pe_name = (struct pe_import_name *) ((int) load_addr + *import_list);
 107           printf("--- %s %s.%d\n", pe_name->Name, Module, pe_name->Hint);
 108           import_list++;
 109         }
 110       pe_imp++;
 111     };
 112 }
 113
 114 static void dump_table(struct w_files *wpnt)
 115 {
 116   int i;
 117
 118   printf("Dump of segment table\n");
 119   printf("   Name    VSz  Vaddr     SzRaw   Fileadr  *Reloc *Lineum #Reloc #Linum Char\n");
 120   for(i=0; i< wpnt->pe->pe_header->coff.NumberOfSections; i++)
 121     {
 122       printf("%8s: %4.4lx %8.8lx %8.8lx %8.8lx %8.8lx %8.8lx %4.4x %4.4x %8.8lx\n",
 123              wpnt->pe->pe_seg[i].Name,
 124              wpnt->pe->pe_seg[i].Virtual_Size,
 125              wpnt->pe->pe_seg[i].Virtual_Address,
 126              wpnt->pe->pe_seg[i].Size_Of_Raw_Data,
 127              wpnt->pe->pe_seg[i].PointerToRawData,
 128              wpnt->pe->pe_seg[i].PointerToRelocations,
 129              wpnt->pe->pe_seg[i].PointerToLinenumbers,
 130              wpnt->pe->pe_seg[i].NumberOfRelocations,
 131              wpnt->pe->pe_seg[i].NumberOfLinenumbers,
 132              wpnt->pe->pe_seg[i].Characteristics);
 133     }
 134 }
 135
 136 /**********************************************************************
 137  *                      PE_LoadImage
 138  * Load one PE format executable into memory
 139  */
 140 HINSTANCE PE_LoadImage(struct w_files *wpnt)
 141 {
 142         int i, result;
 143
 144         wpnt->pe = malloc(sizeof(struct pe_data));
 145         wpnt->pe->pe_header = malloc(sizeof(struct pe_header_s));
 146
 147         /* read PE header */
 148         lseek(wpnt->fd, wpnt->mz_header->ne_offset, SEEK_SET);
 149         read(wpnt->fd, wpnt->pe->pe_header, sizeof(struct pe_header_s));
 150
 151         /* read sections */
 152         wpnt->pe->pe_seg = malloc(sizeof(struct pe_segment_table) *
 153                                 wpnt->pe->pe_header->coff.NumberOfSections);
 154         read(wpnt->fd, wpnt->pe->pe_seg, sizeof(struct pe_segment_table) *
 155                         wpnt->pe->pe_header->coff.NumberOfSections);
 156
 157         load_addr = wpnt->pe->pe_header->opt_coff.BaseOfImage;
 158         dump_table(wpnt);
 159
 160         for(i=0; i < wpnt->pe->pe_header->coff.NumberOfSections; i++)
 161         {
 162         if(!load_addr) {
 163                 result = xmmap((char *)0, wpnt->pe->pe_seg[i].Size_Of_Raw_Data, 7,
 164                         MAP_PRIVATE, wpnt->fd, wpnt->pe->pe_seg[i].PointerToRawData);
 165                 load_addr = (unsigned int) result -  wpnt->pe->pe_seg[i].Virtual_Address;
 166         } else {
 167                 result = xmmap((char *) load_addr + wpnt->pe->pe_seg[i].Virtual_Address,
 168                       wpnt->pe->pe_seg[i].Size_Of_Raw_Data, 7, MAP_PRIVATE | MAP_FIXED,
 169                       wpnt->fd, wpnt->pe->pe_seg[i].PointerToRawData);
 170         }
 171
 172         if(strcmp(wpnt->pe->pe_seg[i].Name, ".idata") == 0)
 173                 wpnt->pe->pe_import = (struct PE_Import_Directory *) result;
 174
 175         if(strcmp(wpnt->pe->pe_seg[i].Name, ".edata") == 0)
 176                 wpnt->pe->pe_export = (struct PE_Export_Directory *) result;
 177
 178         if(strcmp(wpnt->pe->pe_seg[i].Name, ".rsrc") == 0) {
 179             wpnt->pe->pe_resource = (struct PE_Resource_Directory *) result;
 180
 181             /* save offset for PE_FindResource */
 182             wpnt->pe->resource_offset = wpnt->pe->pe_seg[i].Virtual_Address -
 183                                         wpnt->pe->pe_seg[i].PointerToRawData;
 184             }
 185         }
 186
 187         if(wpnt->pe->pe_import) dump_imports(wpnt->pe->pe_import);
 188         if(wpnt->pe->pe_export) dump_exports(wpnt->pe->pe_export);
 189
 190         wpnt->hinstance = 0x8000;
 191         return (wpnt->hinstance);
 192 }
 193
 194 int PE_UnloadImage(struct w_files *wpnt)
 195 {
 196         printf("PEunloadImage() called!\n");
 197         /* free resources, image, unmap */
 198         return 1;
 199 }
 200
 201 int PE_StartProgram(struct w_files *wpnt)
 202 {
 203         printf("StartPEprogram() called!\n");
 204         return 0;
 205 }
 206
 207 void PE_InitDLL(struct w_files *wpnt)
 208 {
 209         /* Is this a library? */
 210         if (wpnt->pe->pe_header->coff.Characteristics & IMAGE_FILE_DLL) {
 211                 printf("InitPEDLL() called!\n");
 212         }
 213 }