VirtualBox

source: vbox/trunk/src/VBox/Runtime/include/internal/ldrPE.h@ 27023

Last change on this file since 27023 was 25341, checked in by vboxsync, 15 years ago

ldrPE.cpp: Added WIN_CERTIFICATE and added very basic verification of it. (IMAGE_DIRECTORY_ENTRY_SECURITY)

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 15.3 KB
Line 
1/* $Id: ldrPE.h 25341 2009-12-12 02:33:26Z vboxsync $ */
2/** @file
3 * IPRT - Windows NT PE Structures and Constants.
4 */
5
6/*
7 * Copyright (C) 2006-2007 Sun Microsystems, Inc.
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 *
26 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
27 * Clara, CA 95054 USA or visit http://www.sun.com if you need
28 * additional information or have any questions.
29 */
30
31#ifndef ___internal_ldrPE_h
32#define ___internal_ldrPE_h
33
34#include <iprt/types.h>
35
36#pragma pack(4)
37
38
39/*******************************************************************************
40* Defined Constants And Macros *
41*******************************************************************************/
42#define IMAGE_NT_SIGNATURE 0x00004550
43
44/* file header */
45#define IMAGE_FILE_MACHINE_I386 0x014c
46#define IMAGE_FILE_MACHINE_AMD64 0x8664
47
48#define IMAGE_FILE_RELOCS_STRIPPED 0x0001
49#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002
50#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004
51#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008
52#define IMAGE_FILE_AGGRESIVE_WS_TRIM 0x0010
53#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020
54#define IMAGE_FILE_16BIT_MACHINE 0x0040
55#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080
56#define IMAGE_FILE_32BIT_MACHINE 0x0100
57#define IMAGE_FILE_DEBUG_STRIPPED 0x0200
58#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400
59#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800
60#define IMAGE_FILE_SYSTEM 0x1000
61#define IMAGE_FILE_DLL 0x2000
62#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000
63#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000
64
65
66/* optional header */
67#define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10B
68#define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20B
69
70#define IMAGE_SUBSYSTEM_UNKNOWN 0x0
71#define IMAGE_SUBSYSTEM_NATIVE 0x1
72#define IMAGE_SUBSYSTEM_WINDOWS_GUI 0x2
73#define IMAGE_SUBSYSTEM_WINDOWS_CUI 0x3
74#define IMAGE_SUBSYSTEM_OS2_GUI 0x4
75#define IMAGE_SUBSYSTEM_OS2_CUI 0x5
76#define IMAGE_SUBSYSTEM_POSIX_CUI 0x7
77
78#define IMAGE_LIBRARY_PROCESS_INIT 0x0001
79#define IMAGE_LIBRARY_PROCESS_TERM 0x0002
80#define IMAGE_LIBRARY_THREAD_INIT 0x0004
81#define IMAGE_LIBRARY_THREAD_TERM 0x0008
82#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION 0x0200
83#define IMAGE_DLLCHARACTERISTICS_NO_SEH 0x0400
84#define IMAGE_DLLCHARACTERISTICS_NO_BIND 0x0800
85#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000
86#define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000
87
88#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 0x10
89
90#define IMAGE_DIRECTORY_ENTRY_EXPORT 0x0
91#define IMAGE_DIRECTORY_ENTRY_IMPORT 0x1
92#define IMAGE_DIRECTORY_ENTRY_RESOURCE 0x2
93#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 0x3
94#define IMAGE_DIRECTORY_ENTRY_SECURITY 0x4
95#define IMAGE_DIRECTORY_ENTRY_BASERELOC 0x5
96#define IMAGE_DIRECTORY_ENTRY_DEBUG 0x6
97#define IMAGE_DIRECTORY_ENTRY_ARCHITECTURE 0x7
98#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT IMAGE_DIRECTORY_ENTRY_ARCHITECTURE
99#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 0x8
100#define IMAGE_DIRECTORY_ENTRY_TLS 0x9
101#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 0xa
102#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT 0xb
103#define IMAGE_DIRECTORY_ENTRY_IAT 0xc
104#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT 0xd
105#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 0xe
106
107
108/* section header */
109#define IMAGE_SIZEOF_SHORT_NAME 0x8
110
111#define IMAGE_SCN_TYPE_REG 0x00000000
112#define IMAGE_SCN_TYPE_DSECT 0x00000001
113#define IMAGE_SCN_TYPE_NOLOAD 0x00000002
114#define IMAGE_SCN_TYPE_GROUP 0x00000004
115#define IMAGE_SCN_TYPE_NO_PAD 0x00000008
116#define IMAGE_SCN_TYPE_COPY 0x00000010
117
118#define IMAGE_SCN_CNT_CODE 0x00000020
119#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040
120#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080
121
122#define IMAGE_SCN_LNK_OTHER 0x00000100
123#define IMAGE_SCN_LNK_INFO 0x00000200
124#define IMAGE_SCN_TYPE_OVER 0x00000400
125#define IMAGE_SCN_LNK_REMOVE 0x00000800
126#define IMAGE_SCN_LNK_COMDAT 0x00001000
127#define IMAGE_SCN_MEM_PROTECTED 0x00004000
128#define IMAGE_SCN_NO_DEFER_SPEC_EXC 0x00004000
129#define IMAGE_SCN_GPREL 0x00008000
130#define IMAGE_SCN_MEM_FARDATA 0x00008000
131#define IMAGE_SCN_MEM_SYSHEAP 0x00010000
132#define IMAGE_SCN_MEM_PURGEABLE 0x00020000
133#define IMAGE_SCN_MEM_16BIT 0x00020000
134#define IMAGE_SCN_MEM_LOCKED 0x00040000
135#define IMAGE_SCN_MEM_PRELOAD 0x00080000
136
137#define IMAGE_SCN_ALIGN_1BYTES 0x00100000
138#define IMAGE_SCN_ALIGN_2BYTES 0x00200000
139#define IMAGE_SCN_ALIGN_4BYTES 0x00300000
140#define IMAGE_SCN_ALIGN_8BYTES 0x00400000
141#define IMAGE_SCN_ALIGN_16BYTES 0x00500000
142#define IMAGE_SCN_ALIGN_32BYTES 0x00600000
143#define IMAGE_SCN_ALIGN_64BYTES 0x00700000
144#define IMAGE_SCN_ALIGN_128BYTES 0x00800000
145#define IMAGE_SCN_ALIGN_256BYTES 0x00900000
146#define IMAGE_SCN_ALIGN_512BYTES 0x00A00000
147#define IMAGE_SCN_ALIGN_1024BYTES 0x00B00000
148#define IMAGE_SCN_ALIGN_2048BYTES 0x00C00000
149#define IMAGE_SCN_ALIGN_4096BYTES 0x00D00000
150#define IMAGE_SCN_ALIGN_8192BYTES 0x00E00000
151#define IMAGE_SCN_ALIGN_MASK 0x00F00000
152
153#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000
154#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000
155#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000
156#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000
157#define IMAGE_SCN_MEM_SHARED 0x10000000
158#define IMAGE_SCN_MEM_EXECUTE 0x20000000
159#define IMAGE_SCN_MEM_READ 0x40000000
160#define IMAGE_SCN_MEM_WRITE 0x80000000
161
162
163/* relocations */
164#define IMAGE_REL_BASED_ABSOLUTE 0x0
165#define IMAGE_REL_BASED_HIGH 0x1
166#define IMAGE_REL_BASED_LOW 0x2
167#define IMAGE_REL_BASED_HIGHLOW 0x3
168#define IMAGE_REL_BASED_HIGHADJ 0x4
169#define IMAGE_REL_BASED_MIPS_JMPADDR 0x5
170#define IMAGE_REL_BASED_MIPS_JMPADDR16 0x9
171#define IMAGE_REL_BASED_IA64_IMM64 0x9
172#define IMAGE_REL_BASED_DIR64 0xa
173#define IMAGE_REL_BASED_HIGH3ADJ 0xb
174
175
176/* imports */
177#define IMAGE_ORDINAL_FLAG32 0x80000000
178#define IMAGE_ORDINAL32(ord) ((ord) & 0xffff)
179#define IMAGE_SNAP_BY_ORDINAL32(ord) (!!((ord) & IMAGE_ORDINAL_FLAG32))
180
181#define IMAGE_ORDINAL_FLAG64 0x8000000000000000ULL
182#define IMAGE_ORDINAL64(ord) ((ord) & 0xffff)
183#define IMAGE_SNAP_BY_ORDINAL64(ord) (!!((ord) & IMAGE_ORDINAL_FLAG64))
184
185
186/* debug dir */
187#define IMAGE_DEBUG_TYPE_UNKNOWN 0x0
188#define IMAGE_DEBUG_TYPE_COFF 0x1
189#define IMAGE_DEBUG_TYPE_CODEVIEW 0x2
190#define IMAGE_DEBUG_TYPE_FPO 0x3
191#define IMAGE_DEBUG_TYPE_MISC 0x4
192#define IMAGE_DEBUG_TYPE_EXCEPTION 0x5
193#define IMAGE_DEBUG_TYPE_FIXUP 0x6
194#define IMAGE_DEBUG_TYPE_OMAP_TO_SRC 0x7
195#define IMAGE_DEBUG_TYPE_OMAP_FROM_SRC 0x8
196#define IMAGE_DEBUG_TYPE_BORLAND 0x9
197#define IMAGE_DEBUG_TYPE_RESERVED10 0x10
198
199/* security directory */
200#define WIN_CERT_REVISION_1_0 UINT16_C(0x0100)
201#define WIN_CERT_REVISION_2_0 UINT16_C(0x0200)
202
203#define WIN_CERT_TYPE_X509 UINT16_C(1)
204#define WIN_CERT_TYPE_PKCS_SIGNED_DATA UINT16_C(2)
205#define WIN_CERT_TYPE_RESERVED_1 UINT16_C(3)
206#define WIN_CERT_TYPE_TS_STACK_SIGNED UINT16_C(4)
207#define WIN_CERT_TYPE_EFI_PKCS115 UINT16_C(0x0ef0)
208#define WIN_CERT_TYPE_EFI_GUID UINT16_C(0x0ef1)
209
210
211/*******************************************************************************
212* Structures and Typedefs *
213*******************************************************************************/
214typedef struct _IMAGE_FILE_HEADER
215{
216 uint16_t Machine;
217 uint16_t NumberOfSections;
218 uint32_t TimeDateStamp;
219 uint32_t PointerToSymbolTable;
220 uint32_t NumberOfSymbols;
221 uint16_t SizeOfOptionalHeader;
222 uint16_t Characteristics;
223} IMAGE_FILE_HEADER;
224typedef IMAGE_FILE_HEADER *PIMAGE_FILE_HEADER;
225
226
227typedef struct _IMAGE_DATA_DIRECTORY
228{
229 uint32_t VirtualAddress;
230 uint32_t Size;
231} IMAGE_DATA_DIRECTORY;
232typedef IMAGE_DATA_DIRECTORY *PIMAGE_DATA_DIRECTORY;
233
234
235typedef struct _IMAGE_OPTIONAL_HEADER32
236{
237 uint16_t Magic;
238 uint8_t MajorLinkerVersion;
239 uint8_t MinorLinkerVersion;
240 uint32_t SizeOfCode;
241 uint32_t SizeOfInitializedData;
242 uint32_t SizeOfUninitializedData;
243 uint32_t AddressOfEntryPoint;
244 uint32_t BaseOfCode;
245 uint32_t BaseOfData;
246 uint32_t ImageBase;
247 uint32_t SectionAlignment;
248 uint32_t FileAlignment;
249 uint16_t MajorOperatingSystemVersion;
250 uint16_t MinorOperatingSystemVersion;
251 uint16_t MajorImageVersion;
252 uint16_t MinorImageVersion;
253 uint16_t MajorSubsystemVersion;
254 uint16_t MinorSubsystemVersion;
255 uint32_t Win32VersionValue;
256 uint32_t SizeOfImage;
257 uint32_t SizeOfHeaders;
258 uint32_t CheckSum;
259 uint16_t Subsystem;
260 uint16_t DllCharacteristics;
261 uint32_t SizeOfStackReserve;
262 uint32_t SizeOfStackCommit;
263 uint32_t SizeOfHeapReserve;
264 uint32_t SizeOfHeapCommit;
265 uint32_t LoaderFlags;
266 uint32_t NumberOfRvaAndSizes;
267 IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
268} IMAGE_OPTIONAL_HEADER32;
269typedef IMAGE_OPTIONAL_HEADER32 *PIMAGE_OPTIONAL_HEADER32;
270
271typedef struct _IMAGE_OPTIONAL_HEADER64
272{
273 uint16_t Magic;
274 uint8_t MajorLinkerVersion;
275 uint8_t MinorLinkerVersion;
276 uint32_t SizeOfCode;
277 uint32_t SizeOfInitializedData;
278 uint32_t SizeOfUninitializedData;
279 uint32_t AddressOfEntryPoint;
280 uint32_t BaseOfCode;
281 uint64_t ImageBase;
282 uint32_t SectionAlignment;
283 uint32_t FileAlignment;
284 uint16_t MajorOperatingSystemVersion;
285 uint16_t MinorOperatingSystemVersion;
286 uint16_t MajorImageVersion;
287 uint16_t MinorImageVersion;
288 uint16_t MajorSubsystemVersion;
289 uint16_t MinorSubsystemVersion;
290 uint32_t Win32VersionValue;
291 uint32_t SizeOfImage;
292 uint32_t SizeOfHeaders;
293 uint32_t CheckSum;
294 uint16_t Subsystem;
295 uint16_t DllCharacteristics;
296 uint64_t SizeOfStackReserve;
297 uint64_t SizeOfStackCommit;
298 uint64_t SizeOfHeapReserve;
299 uint64_t SizeOfHeapCommit;
300 uint32_t LoaderFlags;
301 uint32_t NumberOfRvaAndSizes;
302 IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
303} IMAGE_OPTIONAL_HEADER64;
304typedef IMAGE_OPTIONAL_HEADER64 *PIMAGE_OPTIONAL_HEADER64;
305
306
307typedef struct _IMAGE_NT_HEADERS
308{
309 uint32_t Signature;
310 IMAGE_FILE_HEADER FileHeader;
311 IMAGE_OPTIONAL_HEADER32 OptionalHeader;
312} IMAGE_NT_HEADERS32;
313typedef IMAGE_NT_HEADERS32 *PIMAGE_NT_HEADERS32;
314
315typedef struct _IMAGE_NT_HEADERS64
316{
317 uint32_t Signature;
318 IMAGE_FILE_HEADER FileHeader;
319 IMAGE_OPTIONAL_HEADER64 OptionalHeader;
320} IMAGE_NT_HEADERS64;
321typedef IMAGE_NT_HEADERS64 *PIMAGE_NT_HEADERS64;
322
323
324typedef struct _IMAGE_SECTION_HEADER
325{
326 uint8_t Name[IMAGE_SIZEOF_SHORT_NAME];
327 union
328 {
329 uint32_t PhysicalAddress;
330 uint32_t VirtualSize;
331 } Misc;
332 uint32_t VirtualAddress;
333 uint32_t SizeOfRawData;
334 uint32_t PointerToRawData;
335 uint32_t PointerToRelocations;
336 uint32_t PointerToLinenumbers;
337 uint16_t NumberOfRelocations;
338 uint16_t NumberOfLinenumbers;
339 uint32_t Characteristics;
340} IMAGE_SECTION_HEADER;
341typedef IMAGE_SECTION_HEADER *PIMAGE_SECTION_HEADER;
342
343
344typedef struct _IMAGE_BASE_RELOCATION
345{
346 uint32_t VirtualAddress;
347 uint32_t SizeOfBlock;
348} IMAGE_BASE_RELOCATION;
349typedef IMAGE_BASE_RELOCATION *PIMAGE_BASE_RELOCATION;
350
351
352typedef struct _IMAGE_EXPORT_DIRECTORY
353{
354 uint32_t Characteristics;
355 uint32_t TimeDateStamp;
356 uint16_t MajorVersion;
357 uint16_t MinorVersion;
358 uint32_t Name;
359 uint32_t Base;
360 uint32_t NumberOfFunctions;
361 uint32_t NumberOfNames;
362 uint32_t AddressOfFunctions;
363 uint32_t AddressOfNames;
364 uint32_t AddressOfNameOrdinals;
365} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
366
367
368typedef struct _IMAGE_IMPORT_DESCRIPTOR
369{
370 union
371 {
372 uint32_t Characteristics;
373 uint32_t OriginalFirstThunk;
374 } u;
375 uint32_t TimeDateStamp;
376 uint32_t ForwarderChain;
377 uint32_t Name;
378 uint32_t FirstThunk;
379} IMAGE_IMPORT_DESCRIPTOR;
380typedef IMAGE_IMPORT_DESCRIPTOR *PIMAGE_IMPORT_DESCRIPTOR;
381
382
383typedef struct _IMAGE_IMPORT_BY_NAME
384{
385 uint16_t Hint;
386 uint8_t Name[1];
387} IMAGE_IMPORT_BY_NAME;
388typedef IMAGE_IMPORT_BY_NAME *PIMAGE_IMPORT_BY_NAME;
389
390
391/* The image_thunk_data32/64 structures are not very helpful except for getting RSI. keep them around till all the code has been converted. */
392typedef struct _IMAGE_THUNK_DATA64
393{
394 union
395 {
396 uint64_t ForwarderString;
397 uint64_t Function;
398 uint64_t Ordinal;
399 uint64_t AddressOfData;
400 } u1;
401} IMAGE_THUNK_DATA64;
402typedef IMAGE_THUNK_DATA64 *PIMAGE_THUNK_DATA64;
403
404typedef struct _IMAGE_THUNK_DATA32
405{
406 union
407 {
408 uint32_t ForwarderString;
409 uint32_t Function;
410 uint32_t Ordinal;
411 uint32_t AddressOfData;
412 } u1;
413} IMAGE_THUNK_DATA32;
414typedef IMAGE_THUNK_DATA32 *PIMAGE_THUNK_DATA32;
415
416
417typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY32
418{
419 uint32_t Size;
420 uint32_t TimeDateStamp;
421 uint16_t MajorVersion;
422 uint16_t MinorVersion;
423 uint32_t GlobalFlagsClear;
424 uint32_t GlobalFlagsSet;
425 uint32_t CriticalSectionDefaultTimeout;
426 uint32_t DeCommitFreeBlockThreshold;
427 uint32_t DeCommitTotalFreeThreshold;
428 uint32_t LockPrefixTable;
429 uint32_t MaximumAllocationSize;
430 uint32_t VirtualMemoryThreshold;
431 uint32_t ProcessHeapFlags;
432 uint32_t ProcessAffinityMask;
433 uint16_t CSDVersion;
434 uint16_t Reserved1;
435 uint32_t EditList;
436 uint32_t SecurityCookie;
437 uint32_t SEHandlerTable;
438 uint32_t SEHandlerCount;
439} IMAGE_LOAD_CONFIG_DIRECTORY32;
440typedef IMAGE_LOAD_CONFIG_DIRECTORY32 PIMAGE_LOAD_CONFIG_DIRECTORY32;
441
442typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY64
443{
444 uint32_t Size;
445 uint32_t TimeDateStamp;
446 uint16_t MajorVersion;
447 uint16_t MinorVersion;
448 uint32_t GlobalFlagsClear;
449 uint32_t GlobalFlagsSet;
450 uint32_t CriticalSectionDefaultTimeout;
451 uint64_t DeCommitFreeBlockThreshold;
452 uint64_t DeCommitTotalFreeThreshold;
453 uint64_t LockPrefixTable;
454 uint64_t MaximumAllocationSize;
455 uint64_t VirtualMemoryThreshold;
456 uint64_t ProcessAffinityMask;
457 uint32_t ProcessHeapFlags;
458 uint16_t CSDVersion;
459 uint16_t Reserved1;
460 uint64_t EditList;
461 uint64_t SecurityCookie;
462 uint64_t SEHandlerTable;
463 uint64_t SEHandlerCount;
464} IMAGE_LOAD_CONFIG_DIRECTORY64;
465typedef IMAGE_LOAD_CONFIG_DIRECTORY64 *PIMAGE_LOAD_CONFIG_DIRECTORY64;
466
467
468typedef struct _IMAGE_DEBUG_DIRECTORY
469{
470 uint32_t Characteristics;
471 uint32_t TimeDateStamp;
472 uint16_t MajorVersion;
473 uint16_t MinorVersion;
474 uint32_t Type;
475 uint32_t SizeOfData;
476 uint32_t AddressOfRawData;
477 uint32_t PointerToRawData;
478} IMAGE_DEBUG_DIRECTORY;
479typedef IMAGE_DEBUG_DIRECTORY *PIMAGE_DEBUG_DIRECTORY;
480
481
482typedef struct WIN_CERTIFICATE
483{
484 uint32_t dwLength;
485 uint16_t wRevision;
486 uint16_t wCertificateType;
487 uint8_t bCertificate[8];
488} WIN_CERTIFICATE;
489typedef WIN_CERTIFICATE *PWIN_CERTIFICATE;
490
491#pragma pack()
492
493#endif
494
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette