1263115Semaste/* $FreeBSD$ */ 2263115Semaste/* 3263115Semaste PE32+ header file 4263115Semaste */ 5263115Semaste#ifndef _PE_H 6263115Semaste#define _PE_H 7263115Semaste 8263115Semaste#define IMAGE_DOS_SIGNATURE 0x5A4D // MZ 9263115Semaste#define IMAGE_OS2_SIGNATURE 0x454E // NE 10263115Semaste#define IMAGE_OS2_SIGNATURE_LE 0x454C // LE 11263115Semaste#define IMAGE_NT_SIGNATURE 0x00004550 // PE00 12263115Semaste#define IMAGE_EDOS_SIGNATURE 0x44454550 // PEED 13263115Semaste 14263115Semaste 15263115Semastetypedef struct _IMAGE_DOS_HEADER { // DOS .EXE header 16263115Semaste UINT16 e_magic; // Magic number 17263115Semaste UINT16 e_cblp; // Bytes on last page of file 18263115Semaste UINT16 e_cp; // Pages in file 19263115Semaste UINT16 e_crlc; // Relocations 20263115Semaste UINT16 e_cparhdr; // Size of header in paragraphs 21263115Semaste UINT16 e_minalloc; // Minimum extra paragraphs needed 22263115Semaste UINT16 e_maxalloc; // Maximum extra paragraphs needed 23263115Semaste UINT16 e_ss; // Initial (relative) SS value 24263115Semaste UINT16 e_sp; // Initial SP value 25263115Semaste UINT16 e_csum; // Checksum 26263115Semaste UINT16 e_ip; // Initial IP value 27263115Semaste UINT16 e_cs; // Initial (relative) CS value 28263115Semaste UINT16 e_lfarlc; // File address of relocation table 29263115Semaste UINT16 e_ovno; // Overlay number 30263115Semaste UINT16 e_res[4]; // Reserved words 31263115Semaste UINT16 e_oemid; // OEM identifier (for e_oeminfo) 32263115Semaste UINT16 e_oeminfo; // OEM information; e_oemid specific 33263115Semaste UINT16 e_res2[10]; // Reserved words 34263115Semaste UINT32 e_lfanew; // File address of new exe header 35263115Semaste } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; 36263115Semaste 37263115Semastetypedef struct _IMAGE_OS2_HEADER { // OS/2 .EXE header 38263115Semaste UINT16 ne_magic; // Magic number 39263115Semaste UINT8 ne_ver; // Version number 40263115Semaste UINT8 ne_rev; // Revision number 41263115Semaste UINT16 ne_enttab; // Offset of Entry Table 42263115Semaste UINT16 ne_cbenttab; // Number of bytes in Entry Table 43263115Semaste UINT32 ne_crc; // Checksum of whole file 44263115Semaste UINT16 ne_flags; // Flag UINT16 45263115Semaste UINT16 ne_autodata; // Automatic data segment number 46263115Semaste UINT16 ne_heap; // Initial heap allocation 47263115Semaste UINT16 ne_stack; // Initial stack allocation 48263115Semaste UINT32 ne_csip; // Initial CS:IP setting 49263115Semaste UINT32 ne_sssp; // Initial SS:SP setting 50263115Semaste UINT16 ne_cseg; // Count of file segments 51263115Semaste UINT16 ne_cmod; // Entries in Module Reference Table 52263115Semaste UINT16 ne_cbnrestab; // Size of non-resident name table 53263115Semaste UINT16 ne_segtab; // Offset of Segment Table 54263115Semaste UINT16 ne_rsrctab; // Offset of Resource Table 55263115Semaste UINT16 ne_restab; // Offset of resident name table 56263115Semaste UINT16 ne_modtab; // Offset of Module Reference Table 57263115Semaste UINT16 ne_imptab; // Offset of Imported Names Table 58263115Semaste UINT32 ne_nrestab; // Offset of Non-resident Names Table 59263115Semaste UINT16 ne_cmovent; // Count of movable entries 60263115Semaste UINT16 ne_align; // Segment alignment shift count 61263115Semaste UINT16 ne_cres; // Count of resource segments 62263115Semaste UINT8 ne_exetyp; // Target Operating system 63263115Semaste UINT8 ne_flagsothers; // Other .EXE flags 64263115Semaste UINT16 ne_pretthunks; // offset to return thunks 65263115Semaste UINT16 ne_psegrefbytes; // offset to segment ref. bytes 66263115Semaste UINT16 ne_swaparea; // Minimum code swap area size 67263115Semaste UINT16 ne_expver; // Expected Windows version number 68263115Semaste } IMAGE_OS2_HEADER, *PIMAGE_OS2_HEADER; 69263115Semaste 70263115Semaste// 71263115Semaste// File header format. 72263115Semaste// 73263115Semaste 74263115Semastetypedef struct _IMAGE_FILE_HEADER { 75263115Semaste UINT16 Machine; 76263115Semaste UINT16 NumberOfSections; 77263115Semaste UINT32 TimeDateStamp; 78263115Semaste UINT32 PointerToSymbolTable; 79263115Semaste UINT32 NumberOfSymbols; 80263115Semaste UINT16 SizeOfOptionalHeader; 81263115Semaste UINT16 Characteristics; 82263115Semaste} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; 83263115Semaste 84263115Semaste#define IMAGE_SIZEOF_FILE_HEADER 20 85263115Semaste 86263115Semaste#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 // Relocation info stripped from file. 87263115Semaste#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 // File is executable (i.e. no unresolved externel references). 88263115Semaste#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 // Line nunbers stripped from file. 89263115Semaste#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 // Local symbols stripped from file. 90263115Semaste#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 // Bytes of machine word are reversed. 91263115Semaste#define IMAGE_FILE_32BIT_MACHINE 0x0100 // 32 bit word machine. 92263115Semaste#define IMAGE_FILE_DEBUG_STRIPPED 0x0200 // Debugging info stripped from file in .DBG file 93263115Semaste#define IMAGE_FILE_SYSTEM 0x1000 // System File. 94263115Semaste#define IMAGE_FILE_DLL 0x2000 // File is a DLL. 95263115Semaste#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 // Bytes of machine word are reversed. 96263115Semaste 97263115Semaste#define IMAGE_FILE_MACHINE_UNKNOWN 0 98263115Semaste#define IMAGE_FILE_MACHINE_I386 0x14c // Intel 386. 99263115Semaste#define IMAGE_FILE_MACHINE_R3000 0x162 // MIPS little-endian, 0540 big-endian 100263115Semaste#define IMAGE_FILE_MACHINE_R4000 0x166 // MIPS little-endian 101263115Semaste#define IMAGE_FILE_MACHINE_ALPHA 0x184 // Alpha_AXP 102263115Semaste#define IMAGE_FILE_MACHINE_POWERPC 0x1F0 // IBM PowerPC Little-Endian 103263115Semaste#define IMAGE_FILE_MACHINE_TAHOE 0x7cc // Intel EM machine 104263115Semaste// 105263115Semaste// Directory format. 106263115Semaste// 107263115Semaste 108263115Semastetypedef struct _IMAGE_DATA_DIRECTORY { 109263115Semaste UINT32 VirtualAddress; 110263115Semaste UINT32 Size; 111263115Semaste} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; 112263115Semaste 113263115Semaste#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16 114263115Semaste 115263115Semaste// 116263115Semaste// Optional header format. 117263115Semaste// 118263115Semaste 119263115Semastetypedef struct _IMAGE_OPTIONAL_HEADER { 120263115Semaste // 121263115Semaste // Standard fields. 122263115Semaste // 123263115Semaste 124263115Semaste UINT16 Magic; 125263115Semaste UINT8 MajorLinkerVersion; 126263115Semaste UINT8 MinorLinkerVersion; 127263115Semaste UINT32 SizeOfCode; 128263115Semaste UINT32 SizeOfInitializedData; 129263115Semaste UINT32 SizeOfUninitializedData; 130263115Semaste UINT32 AddressOfEntryPoint; 131263115Semaste UINT32 BaseOfCode; 132263115Semaste UINT32 BaseOfData; 133263115Semaste 134263115Semaste // 135263115Semaste // NT additional fields. 136263115Semaste // 137263115Semaste 138263115Semaste UINT32 ImageBase; 139263115Semaste UINT32 SectionAlignment; 140263115Semaste UINT32 FileAlignment; 141263115Semaste UINT16 MajorOperatingSystemVersion; 142263115Semaste UINT16 MinorOperatingSystemVersion; 143263115Semaste UINT16 MajorImageVersion; 144263115Semaste UINT16 MinorImageVersion; 145263115Semaste UINT16 MajorSubsystemVersion; 146263115Semaste UINT16 MinorSubsystemVersion; 147263115Semaste UINT32 Reserved1; 148263115Semaste UINT32 SizeOfImage; 149263115Semaste UINT32 SizeOfHeaders; 150263115Semaste UINT32 CheckSum; 151263115Semaste UINT16 Subsystem; 152263115Semaste UINT16 DllCharacteristics; 153263115Semaste UINT32 SizeOfStackReserve; 154263115Semaste UINT32 SizeOfStackCommit; 155263115Semaste UINT32 SizeOfHeapReserve; 156263115Semaste UINT32 SizeOfHeapCommit; 157263115Semaste UINT32 LoaderFlags; 158263115Semaste UINT32 NumberOfRvaAndSizes; 159263115Semaste IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; 160263115Semaste} IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER; 161263115Semaste 162263115Semastetypedef struct _IMAGE_ROM_OPTIONAL_HEADER { 163263115Semaste UINT16 Magic; 164263115Semaste UINT8 MajorLinkerVersion; 165263115Semaste UINT8 MinorLinkerVersion; 166263115Semaste UINT32 SizeOfCode; 167263115Semaste UINT32 SizeOfInitializedData; 168263115Semaste UINT32 SizeOfUninitializedData; 169263115Semaste UINT32 AddressOfEntryPoint; 170263115Semaste UINT32 BaseOfCode; 171263115Semaste UINT32 BaseOfData; 172263115Semaste UINT32 BaseOfBss; 173263115Semaste UINT32 GprMask; 174263115Semaste UINT32 CprMask[4]; 175263115Semaste UINT32 GpValue; 176263115Semaste} IMAGE_ROM_OPTIONAL_HEADER, *PIMAGE_ROM_OPTIONAL_HEADER; 177263115Semaste 178263115Semaste#define IMAGE_SIZEOF_ROM_OPTIONAL_HEADER 56 179263115Semaste#define IMAGE_SIZEOF_STD_OPTIONAL_HEADER 28 180263115Semaste#define IMAGE_SIZEOF_NT_OPTIONAL_HEADER 224 181263115Semaste 182263115Semaste#define IMAGE_NT_OPTIONAL_HDR_MAGIC 0x10b 183263115Semaste#define IMAGE_ROM_OPTIONAL_HDR_MAGIC 0x107 184263115Semaste 185263115Semastetypedef struct _IMAGE_NT_HEADERS { 186263115Semaste UINT32 Signature; 187263115Semaste IMAGE_FILE_HEADER FileHeader; 188263115Semaste IMAGE_OPTIONAL_HEADER OptionalHeader; 189263115Semaste} IMAGE_NT_HEADERS, *PIMAGE_NT_HEADERS; 190263115Semaste 191263115Semastetypedef struct _IMAGE_ROM_HEADERS { 192263115Semaste IMAGE_FILE_HEADER FileHeader; 193263115Semaste IMAGE_ROM_OPTIONAL_HEADER OptionalHeader; 194263115Semaste} IMAGE_ROM_HEADERS, *PIMAGE_ROM_HEADERS; 195263115Semaste 196263115Semaste#define IMAGE_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER) \ 197263115Semaste ((UINT32)ntheader + \ 198263115Semaste FIELD_OFFSET( IMAGE_NT_HEADERS, OptionalHeader ) + \ 199263115Semaste ((PIMAGE_NT_HEADERS)(ntheader))->FileHeader.SizeOfOptionalHeader \ 200263115Semaste )) 201263115Semaste 202263115Semaste 203263115Semaste// Subsystem Values 204263115Semaste 205263115Semaste#define IMAGE_SUBSYSTEM_UNKNOWN 0 // Unknown subsystem. 206263115Semaste#define IMAGE_SUBSYSTEM_NATIVE 1 // Image doesn't require a subsystem. 207263115Semaste#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 // Image runs in the Windows GUI subsystem. 208263115Semaste#define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 // Image runs in the Windows character subsystem. 209263115Semaste#define IMAGE_SUBSYSTEM_OS2_CUI 5 // image runs in the OS/2 character subsystem. 210263115Semaste#define IMAGE_SUBSYSTEM_POSIX_CUI 7 // image run in the Posix character subsystem. 211263115Semaste 212263115Semaste 213263115Semaste// Directory Entries 214263115Semaste 215263115Semaste#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory 216263115Semaste#define IMAGE_DIRECTORY_ENTRY_IMPORT 1 // Import Directory 217263115Semaste#define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 // Resource Directory 218263115Semaste#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 // Exception Directory 219263115Semaste#define IMAGE_DIRECTORY_ENTRY_SECURITY 4 // Security Directory 220263115Semaste#define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 // Base Relocation Table 221263115Semaste#define IMAGE_DIRECTORY_ENTRY_DEBUG 6 // Debug Directory 222263115Semaste#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 // Description String 223263115Semaste#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 // Machine Value (MIPS GP) 224263115Semaste#define IMAGE_DIRECTORY_ENTRY_TLS 9 // TLS Directory 225263115Semaste#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 10 // Load Configuration Directory 226263115Semaste 227263115Semaste// 228263115Semaste// Section header format. 229263115Semaste// 230263115Semaste 231263115Semaste#define IMAGE_SIZEOF_SHORT_NAME 8 232263115Semaste 233263115Semastetypedef struct _IMAGE_SECTION_HEADER { 234263115Semaste UINT8 Name[IMAGE_SIZEOF_SHORT_NAME]; 235263115Semaste union { 236263115Semaste UINT32 PhysicalAddress; 237263115Semaste UINT32 VirtualSize; 238263115Semaste } Misc; 239263115Semaste UINT32 VirtualAddress; 240263115Semaste UINT32 SizeOfRawData; 241263115Semaste UINT32 PointerToRawData; 242263115Semaste UINT32 PointerToRelocations; 243263115Semaste UINT32 PointerToLinenumbers; 244263115Semaste UINT16 NumberOfRelocations; 245263115Semaste UINT16 NumberOfLinenumbers; 246263115Semaste UINT32 Characteristics; 247263115Semaste} IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; 248263115Semaste 249263115Semaste#define IMAGE_SIZEOF_SECTION_HEADER 40 250263115Semaste 251263115Semaste#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 // Reserved. 252263115Semaste 253263115Semaste#define IMAGE_SCN_CNT_CODE 0x00000020 // Section contains code. 254263115Semaste#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 // Section contains initialized data. 255263115Semaste#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 // Section contains uninitialized data. 256263115Semaste 257263115Semaste#define IMAGE_SCN_LNK_OTHER 0x00000100 // Reserved. 258263115Semaste#define IMAGE_SCN_LNK_INFO 0x00000200 // Section contains comments or some other type of information. 259263115Semaste#define IMAGE_SCN_LNK_REMOVE 0x00000800 // Section contents will not become part of image. 260263115Semaste#define IMAGE_SCN_LNK_COMDAT 0x00001000 // Section contents comdat. 261263115Semaste 262263115Semaste#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 // 263263115Semaste#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 // 264263115Semaste#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 // 265263115Semaste#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 // 266263115Semaste#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 // Default alignment if no others are specified. 267263115Semaste#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 // 268263115Semaste#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 // 269263115Semaste 270263115Semaste#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 // Section can be discarded. 271263115Semaste#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 // Section is not cachable. 272263115Semaste#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 // Section is not pageable. 273263115Semaste#define IMAGE_SCN_MEM_SHARED 0x10000000 // Section is shareable. 274263115Semaste#define IMAGE_SCN_MEM_EXECUTE 0x20000000 // Section is executable. 275263115Semaste#define IMAGE_SCN_MEM_READ 0x40000000 // Section is readable. 276263115Semaste#define IMAGE_SCN_MEM_WRITE 0x80000000 // Section is writeable. 277263115Semaste 278263115Semaste// 279263115Semaste// Symbol format. 280263115Semaste// 281263115Semaste 282263115Semaste 283263115Semaste#define IMAGE_SIZEOF_SYMBOL 18 284263115Semaste 285263115Semaste// 286263115Semaste// Section values. 287263115Semaste// 288263115Semaste// Symbols have a section number of the section in which they are 289263115Semaste// defined. Otherwise, section numbers have the following meanings: 290263115Semaste// 291263115Semaste 292263115Semaste#define IMAGE_SYM_UNDEFINED (UINT16)0 // Symbol is undefined or is common. 293263115Semaste#define IMAGE_SYM_ABSOLUTE (UINT16)-1 // Symbol is an absolute value. 294263115Semaste#define IMAGE_SYM_DEBUG (UINT16)-2 // Symbol is a special debug item. 295263115Semaste 296263115Semaste// 297263115Semaste// Type (fundamental) values. 298263115Semaste// 299263115Semaste 300263115Semaste#define IMAGE_SYM_TYPE_NULL 0 // no type. 301263115Semaste#define IMAGE_SYM_TYPE_VOID 1 // 302263115Semaste#define IMAGE_SYM_TYPE_CHAR 2 // type character. 303263115Semaste#define IMAGE_SYM_TYPE_SHORT 3 // type short integer. 304263115Semaste#define IMAGE_SYM_TYPE_INT 4 // 305263115Semaste#define IMAGE_SYM_TYPE_LONG 5 // 306263115Semaste#define IMAGE_SYM_TYPE_FLOAT 6 // 307263115Semaste#define IMAGE_SYM_TYPE_DOUBLE 7 // 308263115Semaste#define IMAGE_SYM_TYPE_STRUCT 8 // 309263115Semaste#define IMAGE_SYM_TYPE_UNION 9 // 310263115Semaste#define IMAGE_SYM_TYPE_ENUM 10 // enumeration. 311263115Semaste#define IMAGE_SYM_TYPE_MOE 11 // member of enumeration. 312263115Semaste#define IMAGE_SYM_TYPE_BYTE 12 // 313263115Semaste#define IMAGE_SYM_TYPE_WORD 13 // 314263115Semaste#define IMAGE_SYM_TYPE_UINT 14 // 315263115Semaste#define IMAGE_SYM_TYPE_DWORD 15 // 316263115Semaste 317263115Semaste// 318263115Semaste// Type (derived) values. 319263115Semaste// 320263115Semaste 321263115Semaste#define IMAGE_SYM_DTYPE_NULL 0 // no derived type. 322263115Semaste#define IMAGE_SYM_DTYPE_POINTER 1 // pointer. 323263115Semaste#define IMAGE_SYM_DTYPE_FUNCTION 2 // function. 324263115Semaste#define IMAGE_SYM_DTYPE_ARRAY 3 // array. 325263115Semaste 326263115Semaste// 327263115Semaste// Storage classes. 328263115Semaste// 329263115Semaste 330263115Semaste#define IMAGE_SYM_CLASS_END_OF_FUNCTION (BYTE )-1 331263115Semaste#define IMAGE_SYM_CLASS_NULL 0 332263115Semaste#define IMAGE_SYM_CLASS_AUTOMATIC 1 333263115Semaste#define IMAGE_SYM_CLASS_EXTERNAL 2 334263115Semaste#define IMAGE_SYM_CLASS_STATIC 3 335263115Semaste#define IMAGE_SYM_CLASS_REGISTER 4 336263115Semaste#define IMAGE_SYM_CLASS_EXTERNAL_DEF 5 337263115Semaste#define IMAGE_SYM_CLASS_LABEL 6 338263115Semaste#define IMAGE_SYM_CLASS_UNDEFINED_LABEL 7 339263115Semaste#define IMAGE_SYM_CLASS_MEMBER_OF_STRUCT 8 340263115Semaste#define IMAGE_SYM_CLASS_ARGUMENT 9 341263115Semaste#define IMAGE_SYM_CLASS_STRUCT_TAG 10 342263115Semaste#define IMAGE_SYM_CLASS_MEMBER_OF_UNION 11 343263115Semaste#define IMAGE_SYM_CLASS_UNION_TAG 12 344263115Semaste#define IMAGE_SYM_CLASS_TYPE_DEFINITION 13 345263115Semaste#define IMAGE_SYM_CLASS_UNDEFINED_STATIC 14 346263115Semaste#define IMAGE_SYM_CLASS_ENUM_TAG 15 347263115Semaste#define IMAGE_SYM_CLASS_MEMBER_OF_ENUM 16 348263115Semaste#define IMAGE_SYM_CLASS_REGISTER_PARAM 17 349263115Semaste#define IMAGE_SYM_CLASS_BIT_FIELD 18 350263115Semaste#define IMAGE_SYM_CLASS_BLOCK 100 351263115Semaste#define IMAGE_SYM_CLASS_FUNCTION 101 352263115Semaste#define IMAGE_SYM_CLASS_END_OF_STRUCT 102 353263115Semaste#define IMAGE_SYM_CLASS_FILE 103 354263115Semaste// new 355263115Semaste#define IMAGE_SYM_CLASS_SECTION 104 356263115Semaste#define IMAGE_SYM_CLASS_WEAK_EXTERNAL 105 357263115Semaste 358263115Semaste// type packing constants 359263115Semaste 360263115Semaste#define N_BTMASK 017 361263115Semaste#define N_TMASK 060 362263115Semaste#define N_TMASK1 0300 363263115Semaste#define N_TMASK2 0360 364263115Semaste#define N_BTSHFT 4 365263115Semaste#define N_TSHIFT 2 366263115Semaste 367263115Semaste// MACROS 368263115Semaste 369263115Semaste// 370263115Semaste// Communal selection types. 371263115Semaste// 372263115Semaste 373263115Semaste#define IMAGE_COMDAT_SELECT_NODUPLICATES 1 374263115Semaste#define IMAGE_COMDAT_SELECT_ANY 2 375263115Semaste#define IMAGE_COMDAT_SELECT_SAME_SIZE 3 376263115Semaste#define IMAGE_COMDAT_SELECT_EXACT_MATCH 4 377263115Semaste#define IMAGE_COMDAT_SELECT_ASSOCIATIVE 5 378263115Semaste 379263115Semaste#define IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY 1 380263115Semaste#define IMAGE_WEAK_EXTERN_SEARCH_LIBRARY 2 381263115Semaste#define IMAGE_WEAK_EXTERN_SEARCH_ALIAS 3 382263115Semaste 383263115Semaste 384263115Semaste// 385263115Semaste// Relocation format. 386263115Semaste// 387263115Semaste 388263115Semastetypedef struct _IMAGE_RELOCATION { 389263115Semaste UINT32 VirtualAddress; 390263115Semaste UINT32 SymbolTableIndex; 391263115Semaste UINT16 Type; 392263115Semaste} IMAGE_RELOCATION; 393263115Semaste 394263115Semaste#define IMAGE_SIZEOF_RELOCATION 10 395263115Semaste 396263115Semaste// 397263115Semaste// I386 relocation types. 398263115Semaste// 399263115Semaste 400263115Semaste#define IMAGE_REL_I386_ABSOLUTE 0 // Reference is absolute, no relocation is necessary 401263115Semaste#define IMAGE_REL_I386_DIR16 01 // Direct 16-bit reference to the symbols virtual address 402263115Semaste#define IMAGE_REL_I386_REL16 02 // PC-relative 16-bit reference to the symbols virtual address 403263115Semaste#define IMAGE_REL_I386_DIR32 06 // Direct 32-bit reference to the symbols virtual address 404263115Semaste#define IMAGE_REL_I386_DIR32NB 07 // Direct 32-bit reference to the symbols virtual address, base not included 405263115Semaste#define IMAGE_REL_I386_SEG12 011 // Direct 16-bit reference to the segment-selector bits of a 32-bit virtual address 406263115Semaste#define IMAGE_REL_I386_SECTION 012 407263115Semaste#define IMAGE_REL_I386_SECREL 013 408263115Semaste#define IMAGE_REL_I386_REL32 024 // PC-relative 32-bit reference to the symbols virtual address 409263115Semaste 410263115Semaste// 411263115Semaste// MIPS relocation types. 412263115Semaste// 413263115Semaste 414263115Semaste#define IMAGE_REL_MIPS_ABSOLUTE 0 // Reference is absolute, no relocation is necessary 415263115Semaste#define IMAGE_REL_MIPS_REFHALF 01 416263115Semaste#define IMAGE_REL_MIPS_REFWORD 02 417263115Semaste#define IMAGE_REL_MIPS_JMPADDR 03 418263115Semaste#define IMAGE_REL_MIPS_REFHI 04 419263115Semaste#define IMAGE_REL_MIPS_REFLO 05 420263115Semaste#define IMAGE_REL_MIPS_GPREL 06 421263115Semaste#define IMAGE_REL_MIPS_LITERAL 07 422263115Semaste#define IMAGE_REL_MIPS_SECTION 012 423263115Semaste#define IMAGE_REL_MIPS_SECREL 013 424263115Semaste#define IMAGE_REL_MIPS_REFWORDNB 042 425263115Semaste#define IMAGE_REL_MIPS_PAIR 045 426263115Semaste 427263115Semaste// 428263115Semaste// Alpha Relocation types. 429263115Semaste// 430263115Semaste 431263115Semaste#define IMAGE_REL_ALPHA_ABSOLUTE 0x0 432263115Semaste#define IMAGE_REL_ALPHA_REFLONG 0x1 433263115Semaste#define IMAGE_REL_ALPHA_REFQUAD 0x2 434263115Semaste#define IMAGE_REL_ALPHA_GPREL32 0x3 435263115Semaste#define IMAGE_REL_ALPHA_LITERAL 0x4 436263115Semaste#define IMAGE_REL_ALPHA_LITUSE 0x5 437263115Semaste#define IMAGE_REL_ALPHA_GPDISP 0x6 438263115Semaste#define IMAGE_REL_ALPHA_BRADDR 0x7 439263115Semaste#define IMAGE_REL_ALPHA_HINT 0x8 440263115Semaste#define IMAGE_REL_ALPHA_INLINE_REFLONG 0x9 441263115Semaste#define IMAGE_REL_ALPHA_REFHI 0xA 442263115Semaste#define IMAGE_REL_ALPHA_REFLO 0xB 443263115Semaste#define IMAGE_REL_ALPHA_PAIR 0xC 444263115Semaste#define IMAGE_REL_ALPHA_MATCH 0xD 445263115Semaste#define IMAGE_REL_ALPHA_SECTION 0xE 446263115Semaste#define IMAGE_REL_ALPHA_SECREL 0xF 447263115Semaste#define IMAGE_REL_ALPHA_REFLONGNB 0x10 448263115Semaste 449263115Semaste// 450263115Semaste// IBM PowerPC relocation types. 451263115Semaste// 452263115Semaste 453263115Semaste#define IMAGE_REL_PPC_ABSOLUTE 0x0000 // NOP 454263115Semaste#define IMAGE_REL_PPC_ADDR64 0x0001 // 64-bit address 455263115Semaste#define IMAGE_REL_PPC_ADDR32 0x0002 // 32-bit address 456263115Semaste#define IMAGE_REL_PPC_ADDR24 0x0003 // 26-bit address, shifted left 2 (branch absolute) 457263115Semaste#define IMAGE_REL_PPC_ADDR16 0x0004 // 16-bit address 458263115Semaste#define IMAGE_REL_PPC_ADDR14 0x0005 // 16-bit address, shifted left 2 (load doubleword) 459263115Semaste#define IMAGE_REL_PPC_REL24 0x0006 // 26-bit PC-relative offset, shifted left 2 (branch relative) 460263115Semaste#define IMAGE_REL_PPC_REL14 0x0007 // 16-bit PC-relative offset, shifted left 2 (br cond relative) 461263115Semaste#define IMAGE_REL_PPC_TOCREL16 0x0008 // 16-bit offset from TOC base 462263115Semaste#define IMAGE_REL_PPC_TOCREL14 0x0009 // 16-bit offset from TOC base, shifted left 2 (load doubleword) 463263115Semaste 464263115Semaste#define IMAGE_REL_PPC_ADDR32NB 0x000A // 32-bit addr w/o image base 465263115Semaste#define IMAGE_REL_PPC_SECREL 0x000B // va of containing section (as in an image sectionhdr) 466263115Semaste#define IMAGE_REL_PPC_SECTION 0x000C // sectionheader number 467263115Semaste#define IMAGE_REL_PPC_IFGLUE 0x000D // substitute TOC restore instruction iff symbol is glue code 468263115Semaste#define IMAGE_REL_PPC_IMGLUE 0x000E // symbol is glue code; virtual address is TOC restore instruction 469263115Semaste 470263115Semaste#define IMAGE_REL_PPC_TYPEMASK 0x00FF // mask to isolate above values in IMAGE_RELOCATION.Type 471263115Semaste 472263115Semaste// Flag bits in IMAGE_RELOCATION.TYPE 473263115Semaste 474263115Semaste#define IMAGE_REL_PPC_NEG 0x0100 // subtract reloc value rather than adding it 475263115Semaste#define IMAGE_REL_PPC_BRTAKEN 0x0200 // fix branch prediction bit to predict branch taken 476263115Semaste#define IMAGE_REL_PPC_BRNTAKEN 0x0400 // fix branch prediction bit to predict branch not taken 477263115Semaste#define IMAGE_REL_PPC_TOCDEFN 0x0800 // toc slot defined in file (or, data in toc) 478263115Semaste 479263115Semaste// 480263115Semaste// Based relocation format. 481263115Semaste// 482263115Semaste 483263115Semastetypedef struct _IMAGE_BASE_RELOCATION { 484263115Semaste UINT32 VirtualAddress; 485263115Semaste UINT32 SizeOfBlock; 486263115Semaste// UINT16 TypeOffset[1]; 487263115Semaste} IMAGE_BASE_RELOCATION, *PIMAGE_BASE_RELOCATION; 488263115Semaste 489263115Semaste#define IMAGE_SIZEOF_BASE_RELOCATION 8 490263115Semaste 491263115Semaste// 492263115Semaste// Based relocation types. 493263115Semaste// 494263115Semaste 495263115Semaste#define IMAGE_REL_BASED_ABSOLUTE 0 496263115Semaste#define IMAGE_REL_BASED_HIGH 1 497263115Semaste#define IMAGE_REL_BASED_LOW 2 498263115Semaste#define IMAGE_REL_BASED_HIGHLOW 3 499263115Semaste#define IMAGE_REL_BASED_HIGHADJ 4 500263115Semaste#define IMAGE_REL_BASED_MIPS_JMPADDR 5 501263115Semaste#define IMAGE_REL_BASED_IA64_IMM64 9 502263115Semaste#define IMAGE_REL_BASED_DIR64 10 503263115Semaste 504263115Semaste// 505263115Semaste// Line number format. 506263115Semaste// 507263115Semaste 508263115Semastetypedef struct _IMAGE_LINENUMBER { 509263115Semaste union { 510263115Semaste UINT32 SymbolTableIndex; // Symbol table index of function name if Linenumber is 0. 511263115Semaste UINT32 VirtualAddress; // Virtual address of line number. 512263115Semaste } Type; 513263115Semaste UINT16 Linenumber; // Line number. 514263115Semaste} IMAGE_LINENUMBER; 515263115Semaste 516263115Semaste#define IMAGE_SIZEOF_LINENUMBER 6 517263115Semaste 518263115Semaste// 519263115Semaste// Archive format. 520263115Semaste// 521263115Semaste 522263115Semaste#define IMAGE_ARCHIVE_START_SIZE 8 523263115Semaste#define IMAGE_ARCHIVE_START "!<arch>\n" 524263115Semaste#define IMAGE_ARCHIVE_END "`\n" 525263115Semaste#define IMAGE_ARCHIVE_PAD "\n" 526263115Semaste#define IMAGE_ARCHIVE_LINKER_MEMBER "/ " 527263115Semaste#define IMAGE_ARCHIVE_LONGNAMES_MEMBER "// " 528263115Semaste 529263115Semastetypedef struct _IMAGE_ARCHIVE_MEMBER_HEADER { 530263115Semaste UINT8 Name[16]; // File member name - `/' terminated. 531263115Semaste UINT8 Date[12]; // File member date - decimal. 532263115Semaste UINT8 UserID[6]; // File member user id - decimal. 533263115Semaste UINT8 GroupID[6]; // File member group id - decimal. 534263115Semaste UINT8 Mode[8]; // File member mode - octal. 535263115Semaste UINT8 Size[10]; // File member size - decimal. 536263115Semaste UINT8 EndHeader[2]; // String to end header. 537263115Semaste} IMAGE_ARCHIVE_MEMBER_HEADER, *PIMAGE_ARCHIVE_MEMBER_HEADER; 538263115Semaste 539263115Semaste#define IMAGE_SIZEOF_ARCHIVE_MEMBER_HDR 60 540263115Semaste 541263115Semaste// 542263115Semaste// DLL support. 543263115Semaste// 544263115Semaste 545263115Semaste// 546263115Semaste// Export Format 547263115Semaste// 548263115Semaste 549263115Semastetypedef struct _IMAGE_EXPORT_DIRECTORY { 550263115Semaste UINT32 Characteristics; 551263115Semaste UINT32 TimeDateStamp; 552263115Semaste UINT16 MajorVersion; 553263115Semaste UINT16 MinorVersion; 554263115Semaste UINT32 Name; 555263115Semaste UINT32 Base; 556263115Semaste UINT32 NumberOfFunctions; 557263115Semaste UINT32 NumberOfNames; 558263115Semaste UINT32 *AddressOfFunctions; 559263115Semaste UINT32 *AddressOfNames; 560263115Semaste UINT32 *AddressOfNameOrdinals; 561263115Semaste} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY; 562263115Semaste 563263115Semaste// 564263115Semaste// Import Format 565263115Semaste// 566263115Semaste 567263115Semastetypedef struct _IMAGE_IMPORT_BY_NAME { 568263115Semaste UINT16 Hint; 569263115Semaste UINT8 Name[1]; 570263115Semaste} IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME; 571263115Semaste 572263115Semastetypedef struct _IMAGE_THUNK_DATA { 573263115Semaste union { 574263115Semaste UINT32 Function; 575263115Semaste UINT32 Ordinal; 576263115Semaste PIMAGE_IMPORT_BY_NAME AddressOfData; 577263115Semaste } u1; 578263115Semaste} IMAGE_THUNK_DATA, *PIMAGE_THUNK_DATA; 579263115Semaste 580263115Semaste#define IMAGE_ORDINAL_FLAG 0x80000000 581263115Semaste#define IMAGE_SNAP_BY_ORDINAL(Ordinal) ((Ordinal & IMAGE_ORDINAL_FLAG) != 0) 582263115Semaste#define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff) 583263115Semaste 584263115Semastetypedef struct _IMAGE_IMPORT_DESCRIPTOR { 585263115Semaste UINT32 Characteristics; 586263115Semaste UINT32 TimeDateStamp; 587263115Semaste UINT32 ForwarderChain; 588263115Semaste UINT32 Name; 589263115Semaste PIMAGE_THUNK_DATA FirstThunk; 590263115Semaste} IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR; 591263115Semaste 592263115Semaste#endif 593