The Tor Browser / file revision

security/sandbox/chromium/base/win/pe_image.h@b8a032363ba2

security/sandbox/chromium/base/win/pe_image.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

     2 // Use of this source code is governed by a BSD-style license that can be

     3 // found in the LICENSE file.

     4 

     5 // This file was adapted from GreenBorder's Code.

     6 // To understand what this class is about (for other than well known functions

     7 // as GetProcAddress), a good starting point is "An In-Depth Look into the

     8 // Win32 Portable Executable File Format" by Matt Pietrek:

     9 // http://msdn.microsoft.com/msdnmag/issues/02/02/PE/default.aspx

    10 

    11 #ifndef BASE_WIN_PE_IMAGE_H_

    12 #define BASE_WIN_PE_IMAGE_H_

    13 

    14 #include <windows.h>

    15 

    16 #if defined(_WIN32_WINNT_WIN8)

    17 // The Windows 8 SDK defines FACILITY_VISUALCPP in winerror.h.

    18 #undef FACILITY_VISUALCPP

    19 #endif

    20 #include <DelayIMP.h>

    21 

    22 namespace base {

    23 namespace win {

    24 

    25 // This class is a wrapper for the Portable Executable File Format (PE).

    26 // It's main purpose is to provide an easy way to work with imports and exports

    27 // from a file, mapped in memory as image.

    28 class PEImage {

    29  public:

    30   // Callback to enumerate sections.

    31   // cookie is the value passed to the enumerate method.

    32   // Returns true to continue the enumeration.

    33   typedef bool (*EnumSectionsFunction)(const PEImage &image,

    34                                        PIMAGE_SECTION_HEADER header,

    35                                        PVOID section_start, DWORD section_size,

    36                                        PVOID cookie);

    37 

    38   // Callback to enumerate exports.

    39   // function is the actual address of the symbol. If forward is not null, it

    40   // contains the dll and symbol to forward this export to. cookie is the value

    41   // passed to the enumerate method.

    42   // Returns true to continue the enumeration.

    43   typedef bool (*EnumExportsFunction)(const PEImage &image, DWORD ordinal,

    44                                       DWORD hint, LPCSTR name, PVOID function,

    45                                       LPCSTR forward, PVOID cookie);

    46 

    47   // Callback to enumerate import blocks.

    48   // name_table and iat point to the imports name table and address table for

    49   // this block. cookie is the value passed to the enumerate method.

    50   // Returns true to continue the enumeration.

    51   typedef bool (*EnumImportChunksFunction)(const PEImage &image, LPCSTR module,

    52                                            PIMAGE_THUNK_DATA name_table,

    53                                            PIMAGE_THUNK_DATA iat, PVOID cookie);

    54 

    55   // Callback to enumerate imports.

    56   // module is the dll that exports this symbol. cookie is the value passed to

    57   // the enumerate method.

    58   // Returns true to continue the enumeration.

    59   typedef bool (*EnumImportsFunction)(const PEImage &image, LPCSTR module,

    60                                       DWORD ordinal, LPCSTR name, DWORD hint,

    61                                       PIMAGE_THUNK_DATA iat, PVOID cookie);

    62 

    63   // Callback to enumerate dalayed import blocks.

    64   // module is the dll that exports this block of symbols. cookie is the value

    65   // passed to the enumerate method.

    66   // Returns true to continue the enumeration.

    67   typedef bool (*EnumDelayImportChunksFunction)(const PEImage &image,

    68                                                 PImgDelayDescr delay_descriptor,

    69                                                 LPCSTR module,

    70                                                 PIMAGE_THUNK_DATA name_table,

    71                                                 PIMAGE_THUNK_DATA iat,

    72                                                 PIMAGE_THUNK_DATA bound_iat,

    73                                                 PIMAGE_THUNK_DATA unload_iat,

    74                                                 PVOID cookie);

    75 

    76   // Callback to enumerate relocations.

    77   // cookie is the value passed to the enumerate method.

    78   // Returns true to continue the enumeration.

    79   typedef bool (*EnumRelocsFunction)(const PEImage &image, WORD type,

    80                                      PVOID address, PVOID cookie);

    81 

    82   explicit PEImage(HMODULE module) : module_(module) {}

    83   explicit PEImage(const void* module) {

    84     module_ = reinterpret_cast<HMODULE>(const_cast<void*>(module));

    85   }

    86 

    87   // Gets the HMODULE for this object.

    88   HMODULE module() const;

    89 

    90   // Sets this object's HMODULE.

    91   void set_module(HMODULE module);

    92 

    93   // Checks if this symbol is actually an ordinal.

    94   static bool IsOrdinal(LPCSTR name);

    95 

    96   // Converts a named symbol to the corresponding ordinal.

    97   static WORD ToOrdinal(LPCSTR name);

    98 

    99   // Returns the DOS_HEADER for this PE.

   100   PIMAGE_DOS_HEADER GetDosHeader() const;

   101 

   102   // Returns the NT_HEADER for this PE.

   103   PIMAGE_NT_HEADERS GetNTHeaders() const;

   104 

   105   // Returns number of sections of this PE.

   106   WORD GetNumSections() const;

   107 

   108   // Returns the header for a given section.

   109   // returns NULL if there is no such section.

   110   PIMAGE_SECTION_HEADER GetSectionHeader(UINT section) const;

   111 

   112   // Returns the size of a given directory entry.

   113   DWORD GetImageDirectoryEntrySize(UINT directory) const;

   114 

   115   // Returns the address of a given directory entry.

   116   PVOID GetImageDirectoryEntryAddr(UINT directory) const;

   117 

   118   // Returns the section header for a given address.

   119   // Use: s = image.GetImageSectionFromAddr(a);

   120   // Post: 's' is the section header of the section that contains 'a'

   121   //       or NULL if there is no such section.

   122   PIMAGE_SECTION_HEADER GetImageSectionFromAddr(PVOID address) const;

   123 

   124   // Returns the section header for a given section.

   125   PIMAGE_SECTION_HEADER GetImageSectionHeaderByName(LPCSTR section_name) const;

   126 

   127   // Returns the first block of imports.

   128   PIMAGE_IMPORT_DESCRIPTOR GetFirstImportChunk() const;

   129 

   130   // Returns the exports directory.

   131   PIMAGE_EXPORT_DIRECTORY GetExportDirectory() const;

   132 

   133   // Returns a given export entry.

   134   // Use: e = image.GetExportEntry(f);

   135   // Pre: 'f' is either a zero terminated string or ordinal

   136   // Post: 'e' is a pointer to the export directory entry

   137   //       that contains 'f's export RVA, or NULL if 'f'

   138   //       is not exported from this image

   139   PDWORD GetExportEntry(LPCSTR name) const;

   140 

   141   // Returns the address for a given exported symbol.

   142   // Use: p = image.GetProcAddress(f);

   143   // Pre: 'f' is either a zero terminated string or ordinal.

   144   // Post: if 'f' is a non-forwarded export from image, 'p' is

   145   //       the exported function. If 'f' is a forwarded export

   146   //       then p is the special value 0xFFFFFFFF. In this case

   147   //       RVAToAddr(*GetExportEntry) can be used to resolve

   148   //       the string that describes the forward.

   149   FARPROC GetProcAddress(LPCSTR function_name) const;

   150 

   151   // Retrieves the ordinal for a given exported symbol.

   152   // Returns true if the symbol was found.

   153   bool GetProcOrdinal(LPCSTR function_name, WORD *ordinal) const;

   154 

   155   // Enumerates PE sections.

   156   // cookie is a generic cookie to pass to the callback.

   157   // Returns true on success.

   158   bool EnumSections(EnumSectionsFunction callback, PVOID cookie) const;

   159 

   160   // Enumerates PE exports.

   161   // cookie is a generic cookie to pass to the callback.

   162   // Returns true on success.

   163   bool EnumExports(EnumExportsFunction callback, PVOID cookie) const;

   164 

   165   // Enumerates PE imports.

   166   // cookie is a generic cookie to pass to the callback.

   167   // Returns true on success.

   168   bool EnumAllImports(EnumImportsFunction callback, PVOID cookie) const;

   169 

   170   // Enumerates PE import blocks.

   171   // cookie is a generic cookie to pass to the callback.

   172   // Returns true on success.

   173   bool EnumImportChunks(EnumImportChunksFunction callback, PVOID cookie) const;

   174 

   175   // Enumerates the imports from a single PE import block.

   176   // cookie is a generic cookie to pass to the callback.

   177   // Returns true on success.

   178   bool EnumOneImportChunk(EnumImportsFunction callback, LPCSTR module_name,

   179                           PIMAGE_THUNK_DATA name_table, PIMAGE_THUNK_DATA iat,

   180                           PVOID cookie) const;

   181 

   182 

   183   // Enumerates PE delay imports.

   184   // cookie is a generic cookie to pass to the callback.

   185   // Returns true on success.

   186   bool EnumAllDelayImports(EnumImportsFunction callback, PVOID cookie) const;

   187 

   188   // Enumerates PE delay import blocks.

   189   // cookie is a generic cookie to pass to the callback.

   190   // Returns true on success.

   191   bool EnumDelayImportChunks(EnumDelayImportChunksFunction callback,

   192                              PVOID cookie) const;

   193 

   194   // Enumerates imports from a single PE delay import block.

   195   // cookie is a generic cookie to pass to the callback.

   196   // Returns true on success.

   197   bool EnumOneDelayImportChunk(EnumImportsFunction callback,

   198                                PImgDelayDescr delay_descriptor,

   199                                LPCSTR module_name,

   200                                PIMAGE_THUNK_DATA name_table,

   201                                PIMAGE_THUNK_DATA iat,

   202                                PIMAGE_THUNK_DATA bound_iat,

   203                                PIMAGE_THUNK_DATA unload_iat,

   204                                PVOID cookie) const;

   205 

   206   // Enumerates PE relocation entries.

   207   // cookie is a generic cookie to pass to the callback.

   208   // Returns true on success.

   209   bool EnumRelocs(EnumRelocsFunction callback, PVOID cookie) const;

   210 

   211   // Verifies the magic values on the PE file.

   212   // Returns true if all values are correct.

   213   bool VerifyMagic() const;

   214 

   215   // Converts an rva value to the appropriate address.

   216   virtual PVOID RVAToAddr(DWORD rva) const;

   217 

   218   // Converts an rva value to an offset on disk.

   219   // Returns true on success.

   220   bool ImageRVAToOnDiskOffset(DWORD rva, DWORD *on_disk_offset) const;

   221 

   222   // Converts an address to an offset on disk.

   223   // Returns true on success.

   224   bool ImageAddrToOnDiskOffset(LPVOID address, DWORD *on_disk_offset) const;

   225 

   226  private:

   227   HMODULE module_;

   228 };

   229 

   230 // This class is an extension to the PEImage class that allows working with PE

   231 // files mapped as data instead of as image file.

   232 class PEImageAsData : public PEImage {

   233  public:

   234   explicit PEImageAsData(HMODULE hModule) : PEImage(hModule) {}

   235 

   236   virtual PVOID RVAToAddr(DWORD rva) const;

   237 };

   238 

   239 inline bool PEImage::IsOrdinal(LPCSTR name) {

   240 #pragma warning(push)

   241 #pragma warning(disable: 4311)

   242   // This cast generates a warning because it is 32 bit specific.

   243   return reinterpret_cast<DWORD>(name) <= 0xFFFF;

   244 #pragma warning(pop)

   245 }

   246 

   247 inline WORD PEImage::ToOrdinal(LPCSTR name) {

   248   return reinterpret_cast<WORD>(name);

   249 }

   250 

   251 inline HMODULE PEImage::module() const {

   252   return module_;

   253 }

   254 

   255 inline PIMAGE_IMPORT_DESCRIPTOR PEImage::GetFirstImportChunk() const {

   256   return reinterpret_cast<PIMAGE_IMPORT_DESCRIPTOR>(

   257              GetImageDirectoryEntryAddr(IMAGE_DIRECTORY_ENTRY_IMPORT));

   258 }

   259 

   260 inline PIMAGE_EXPORT_DIRECTORY PEImage::GetExportDirectory() const {

   261   return reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(

   262              GetImageDirectoryEntryAddr(IMAGE_DIRECTORY_ENTRY_EXPORT));

   263 }

   264 

   265 }  // namespace win

   266 }  // namespace base

   267 

   268 #endif  // BASE_WIN_PE_IMAGE_H_

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial