Beispiel #1
0
 private static BoundImportDirectoryTable readBoundImportDirectoryTable(byte[] b)
     throws IOException {
   DataReader dr = new DataReader(b);
   BoundImportDirectoryTable bidt = new BoundImportDirectoryTable();
   List<BoundImport> imports = new ArrayList<BoundImport>();
   BoundImport bi = null;
   while ((bi = readBoundImport(dr)) != null) {
     bidt.add(bi);
     imports.add(bi);
   }
   Collections.sort(
       imports,
       new Comparator<BoundImport>() {
         @Override
         public int compare(BoundImport o1, BoundImport o2) {
           return o1.getOffsetToModuleName() - o2.getOffsetToModuleName();
         }
       });
   IntMap names = new IntMap();
   for (int i = 0; i < imports.size(); i++) {
     bi = imports.get(i);
     int offset = bi.getOffsetToModuleName();
     String n = (String) names.get(offset);
     if (n == null) {
       dr.jumpTo(offset);
       n = dr.readUtf();
       names.put(offset, n);
     }
     bi.setModuleName(n);
   }
   return bidt;
 }
Beispiel #2
0
  public static LoadConfigDirectory readLoadConfigDirectory(PE pe, byte[] b) throws IOException {
    DataReader dr = new DataReader(b);
    LoadConfigDirectory lcd = new LoadConfigDirectory();
    lcd.set(b);
    lcd.setSize(dr.readDoubleWord());
    lcd.setTimeDateStamp(dr.readDoubleWord());
    lcd.setMajorVersion(dr.readWord());
    lcd.setMinorVersion(dr.readWord());
    lcd.setGlobalFlagsClear(dr.readDoubleWord());
    lcd.setGlobalFlagsSet(dr.readDoubleWord());
    lcd.setCriticalSectionDefaultTimeout(dr.readDoubleWord());
    lcd.setDeCommitFreeBlockThreshold(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setDeCommitTotalFreeThreshold(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setLockPrefixTable(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setMaximumAllocationSize(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setVirtualMemoryThreshold(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setProcessAffinityMask(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    lcd.setProcessHeapFlags(dr.readDoubleWord());
    lcd.setCsdVersion(dr.readWord());
    lcd.setReserved(dr.readWord());
    lcd.setEditList(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    if (dr.hasMore()) // optional
    lcd.setSecurityCookie(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    if (dr.hasMore()) // optional
    lcd.setSeHandlerTable(pe.is64() ? dr.readLong() : dr.readDoubleWord());
    if (dr.hasMore()) // optional
    lcd.setSeHandlerCount(pe.is64() ? dr.readLong() : dr.readDoubleWord());

    return lcd;
  }
Beispiel #3
0
 public static ExportDirectory readExportDirectory(byte[] b) throws IOException {
   DataReader dr = new DataReader(b);
   ExportDirectory edt = new ExportDirectory();
   edt.set(b);
   edt.setExportFlags(dr.readDoubleWord());
   edt.setTimeDateStamp(dr.readDoubleWord());
   edt.setMajorVersion(dr.readWord());
   edt.setMinorVersion(dr.readWord());
   edt.setNameRVA(dr.readDoubleWord());
   edt.setOrdinalBase(dr.readDoubleWord());
   edt.setAddressTableEntries(dr.readDoubleWord());
   edt.setNumberOfNamePointers(dr.readDoubleWord());
   edt.setExportAddressTableRVA(dr.readDoubleWord());
   edt.setNamePointerRVA(dr.readDoubleWord());
   edt.setOrdinalTableRVA(dr.readDoubleWord());
   return edt;
 }