1/*- 2 * Copyright (c) 2015 Kai Wang 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $Id: pe.h 3441 2016-04-07 15:04:20Z emaste $ 27 */ 28 29#ifndef _PE_H_ 30#define _PE_H_ 31 32#include <stdint.h> 33 34/* 35 * MS-DOS header. 36 */ 37 38typedef struct _PE_DosHdr { 39 char dh_magic[2]; 40 uint16_t dh_lastsize; 41 uint16_t dh_nblock; 42 uint16_t dh_nreloc; 43 uint16_t dh_hdrsize; 44 uint16_t dh_minalloc; 45 uint16_t dh_maxalloc; 46 uint16_t dh_ss; 47 uint16_t dh_sp; 48 uint16_t dh_checksum; 49 uint16_t dh_ip; 50 uint16_t dh_cs; 51 uint16_t dh_relocpos; 52 uint16_t dh_noverlay; 53 uint16_t dh_reserved1[4]; 54 uint16_t dh_oemid; 55 uint16_t dh_oeminfo; 56 uint16_t dh_reserved2[10]; 57 uint32_t dh_lfanew; 58} PE_DosHdr; 59 60/* 61 * Rich header. 62 */ 63 64typedef struct _PE_RichHdr { 65 uint32_t rh_xor; 66 uint32_t rh_total; 67 uint32_t *rh_compid; 68 uint32_t *rh_cnt; 69} PE_RichHdr; 70 71/* 72 * COFF header: Machine Types. 73 */ 74 75#define IMAGE_FILE_MACHINE_UNKNOWN 0x0 /* not specified */ 76#define IMAGE_FILE_MACHINE_AM33 0x1d3 /* Matsushita AM33 */ 77#define IMAGE_FILE_MACHINE_AMD64 0x8664 /* x86-64 */ 78#define IMAGE_FILE_MACHINE_ARM 0x1c0 /* ARM LE */ 79#define IMAGE_FILE_MACHINE_ARMNT 0x1c4 /* ARMv7(or higher) Thumb */ 80#define IMAGE_FILE_MACHINE_ARM64 0xaa64 /* ARMv8 64-bit */ 81#define IMAGE_FILE_MACHINE_EBC 0xebc /* EFI byte code */ 82#define IMAGE_FILE_MACHINE_I386 0x14c /* x86 */ 83#define IMAGE_FILE_MACHINE_IA64 0x200 /* IA64 */ 84#define IMAGE_FILE_MACHINE_M32R 0x9041 /* Mitsubishi M32R LE */ 85#define IMAGE_FILE_MACHINE_MIPS16 0x266 /* MIPS16 */ 86#define IMAGE_FILE_MACHINE_MIPSFPU 0x366 /* MIPS with FPU */ 87#define IMAGE_FILE_MACHINE_MIPSFPU16 0x466 /* MIPS16 with FPU */ 88#define IMAGE_FILE_MACHINE_POWERPC 0x1f0 /* Power PC LE */ 89#define IMAGE_FILE_MACHINE_POWERPCFP 0x1f1 /* Power PC floating point */ 90#define IMAGE_FILE_MACHINE_R4000 0x166 /* MIPS R4000 LE */ 91#define IMAGE_FILE_MACHINE_RISCV32 0x5032 /* RISC-V 32-bit */ 92#define IMAGE_FILE_MACHINE_RISCV64 0x5064 /* RISC-V 64-bit */ 93#define IMAGE_FILE_MACHINE_RISCV128 0x5128 /* RISC-V 128-bit */ 94#define IMAGE_FILE_MACHINE_SH3 0x1a2 /* Hitachi SH3 */ 95#define IMAGE_FILE_MACHINE_SH3DSP 0x1a3 /* Hitachi SH3 DSP */ 96#define IMAGE_FILE_MACHINE_SH4 0x1a6 /* Hitachi SH4 */ 97#define IMAGE_FILE_MACHINE_SH5 0x1a8 /* Hitachi SH5 */ 98#define IMAGE_FILE_MACHINE_THUMB 0x1c2 /* ARM or Thumb interworking */ 99#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x169 /* MIPS LE WCE v2 */ 100 101/* 102 * COFF header: Characteristics 103 */ 104 105#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 106#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 107#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 108#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 109#define IMAGE_FILE_AGGRESSIVE_WS_TRIM 0x0010 110#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020 111#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 112#define IMAGE_FILE_32BIT_MACHINE 0x0100 113#define IMAGE_FILE_DEBUG_STRIPPED 0x0200 114#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400 115#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800 116#define IMAGE_FILE_SYSTEM 0x1000 117#define IMAGE_FILE_DLL 0x2000 118#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 119#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 120 121/* 122 * COFF Header. 123 */ 124 125typedef struct _PE_CoffHdr { 126 uint16_t ch_machine; 127 uint16_t ch_nsec; 128 uint32_t ch_timestamp; 129 uint32_t ch_symptr; 130 uint32_t ch_nsym; 131 uint16_t ch_optsize; 132 uint16_t ch_char; 133} PE_CoffHdr; 134 135 136/* 137 * Optional Header: Subsystem. 138 */ 139 140#define IMAGE_SUBSYSTEM_UNKNOWN 0 141#define IMAGE_SUBSYSTEM_NATIVE 1 142#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 143#define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 144#define IMAGE_SUBSYSTEM_POSIX_CUI 7 145#define IMAGE_SUBSYSTEM_WINDOWS_CE_GUI 9 146#define IMAGE_SUBSYSTEM_EFI_APPLICATION 10 147#define IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER 11 148#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12 149#define IMAGE_SUBSYSTEM_EFI_ROM 13 150#define IMAGE_SUBSYSTEM_XBOX 14 151 152/* 153 * Optional Header: DLL Characteristics 154 */ 155 156#define IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE 0x0040 157#define IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY 0x0080 158#define IMAGE_DLL_CHARACTERISTICS_NX_COMPAT 0x0100 159#define IMAGE_DLL_CHARACTERISTICS_NO_ISOLATION 0x0200 160#define IMAGE_DLL_CHARACTERISTICS_NO_SEH 0x0400 161#define IMAGE_DLL_CHARACTERISTICS_NO_BIND 0x0800 162#define IMAGE_DLL_CHARACTERISTICS_WDM_DRIVER 0x2000 163#define IMAGE_DLL_CHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000 164 165/* 166 * Optional Header. 167 */ 168 169#define PE_FORMAT_ROM 0x107 170#define PE_FORMAT_32 0x10b 171#define PE_FORMAT_32P 0x20b 172 173typedef struct _PE_OptHdr { 174 uint16_t oh_magic; 175 uint8_t oh_ldvermajor; 176 uint8_t oh_ldverminor; 177 uint32_t oh_textsize; 178 uint32_t oh_datasize; 179 uint32_t oh_bsssize; 180 uint32_t oh_entry; 181 uint32_t oh_textbase; 182 uint32_t oh_database; 183 uint64_t oh_imgbase; 184 uint32_t oh_secalign; 185 uint32_t oh_filealign; 186 uint16_t oh_osvermajor; 187 uint16_t oh_osverminor; 188 uint16_t oh_imgvermajor; 189 uint16_t oh_imgverminor; 190 uint16_t oh_subvermajor; 191 uint16_t oh_subverminor; 192 uint32_t oh_win32ver; 193 uint32_t oh_imgsize; 194 uint32_t oh_hdrsize; 195 uint32_t oh_checksum; 196 uint16_t oh_subsystem; 197 uint16_t oh_dllchar; 198 uint64_t oh_stacksizer; 199 uint64_t oh_stacksizec; 200 uint64_t oh_heapsizer; 201 uint64_t oh_heapsizec; 202 uint32_t oh_ldrflags; 203 uint32_t oh_ndatadir; 204} PE_OptHdr; 205 206/* 207 * Optional Header: Data Directories. 208 */ 209 210#define PE_DD_EXPORT 0 211#define PE_DD_IMPORT 1 212#define PE_DD_RESROUCE 2 213#define PE_DD_EXCEPTION 3 214#define PE_DD_CERTIFICATE 4 215#define PE_DD_BASERELOC 5 216#define PE_DD_DEBUG 6 217#define PE_DD_ARCH 7 218#define PE_DD_GLOBALPTR 8 219#define PE_DD_TLS 9 220#define PE_DD_LOADCONFIG 10 221#define PE_DD_BOUNDIMPORT 11 222#define PE_DD_IAT 12 223#define PE_DD_DELAYIMPORT 13 224#define PE_DD_CLRRUNTIME 14 225#define PE_DD_RESERVED 15 226#define PE_DD_MAX 16 227 228typedef struct _PE_DataDirEntry { 229 uint32_t de_addr; 230 uint32_t de_size; 231} PE_DataDirEntry; 232 233typedef struct _PE_DataDir { 234 PE_DataDirEntry dd_e[PE_DD_MAX]; 235 uint32_t dd_total; 236} PE_DataDir; 237 238/* 239 * Section Headers: Section flags. 240 */ 241 242#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 243#define IMAGE_SCN_CNT_CODE 0x00000020 244#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 245#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 246#define IMAGE_SCN_LNK_OTHER 0x00000100 247#define IMAGE_SCN_LNK_INFO 0x00000200 248#define IMAGE_SCN_LNK_REMOVE 0x00000800 249#define IMAGE_SCN_LNK_COMDAT 0x00001000 250#define IMAGE_SCN_GPREL 0x00008000 251#define IMAGE_SCN_MEM_PURGEABLE 0x00020000 252#define IMAGE_SCN_MEM_16BIT 0x00020000 253#define IMAGE_SCN_MEM_LOCKED 0x00040000 254#define IMAGE_SCN_MEM_PRELOAD 0x00080000 255#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 256#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 257#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 258#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 259#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 260#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 261#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 262#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 263#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 264#define IMAGE_SCN_ALIGN_512BYTES 0x00A00000 265#define IMAGE_SCN_ALIGN_1024BYTES 0x00B00000 266#define IMAGE_SCN_ALIGN_2048BYTES 0x00C00000 267#define IMAGE_SCN_ALIGN_4096BYTES 0x00D00000 268#define IMAGE_SCN_ALIGN_8192BYTES 0x00E00000 269#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 270#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 271#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 272#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 273#define IMAGE_SCN_MEM_SHARED 0x10000000 274#define IMAGE_SCN_MEM_EXECUTE 0x20000000 275#define IMAGE_SCN_MEM_READ 0x40000000 276#define IMAGE_SCN_MEM_WRITE 0x80000000 277 278/* 279 * Section Headers. 280 */ 281 282typedef struct _PE_SecHdr { 283 char sh_name[8]; 284 uint32_t sh_virtsize; 285 uint32_t sh_addr; 286 uint32_t sh_rawsize; 287 uint32_t sh_rawptr; 288 uint32_t sh_relocptr; 289 uint32_t sh_lineptr; 290 uint16_t sh_nreloc; 291 uint16_t sh_nline; 292 uint32_t sh_char; 293} PE_SecHdr; 294 295#endif /* !_PE_H_ */ 296