本文整理汇总了C++中RVA函数的典型用法代码示例。如果您正苦于以下问题:C++ RVA函数的具体用法?C++ RVA怎么用?C++ RVA使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了RVA函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: VDMInject32
void VDMInject32(HANDLE hProcess, unsigned int hwnd, const GUID* from)
{
TCHAR szPath[MAX_PATH] = {0};
GetPreferredModuleName(g_hModule, true, szPath);
// construct arguments
auto shared = VirtualAllocEx(hProcess, nullptr, sizeof(VDM::Shared32), MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(hProcess, RVA(shared, AddressOf(VDM::Shared32, hwnd)), &hwnd, sizeof(HWND), nullptr);
WriteProcessMemory(hProcess, RVA(shared, AddressOf(VDM::Shared32, guid)), from, sizeof(*from), nullptr);
MODULEINFO kernel32;
GetRemoteModuleInfo(hProcess, _T("kernel32.dll"), &kernel32, true);
auto fnLoadLibrary = GetRemoteProcAddress(hProcess, (HMODULE)kernel32.lpBaseOfDll, "LoadLibraryW", true);
auto remote = VirtualAllocEx(hProcess, nullptr, _countof(szPath), MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(hProcess, remote, szPath, _countof(szPath), nullptr);
CallOnRemoteThread(hProcess, fnLoadLibrary, remote);
MODULEINFO vdmhelper;
GetRemoteModuleInfo(hProcess, _T("VDMHelper32.dll"), &vdmhelper, true);
auto fnVDMProcess = GetRemoteProcAddress(hProcess, (HMODULE)vdmhelper.lpBaseOfDll, "VDMProcess", true);
CallOnRemoteThread(hProcess, fnVDMProcess, shared);
auto fnFreeLibrary = GetRemoteProcAddress(hProcess, (HMODULE)kernel32.lpBaseOfDll, "FreeLibrary", true);
CallOnRemoteThread(hProcess, fnFreeLibrary, vdmhelper.lpBaseOfDll);
VirtualFreeEx(hProcess, remote, 0, MEM_RELEASE);
VirtualFreeEx(hProcess, shared, 0, MEM_RELEASE);
}示例2: LdrPEProcessImportDirectoryEntry
NTSTATUS
NTAPI
LdrPEProcessImportDirectoryEntry(PVOID DriverBase,
PLOADER_MODULE LoaderModule,
PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory)
{
PVOID* ImportAddressList;
PULONG FunctionNameList;
if (ImportModuleDirectory == NULL || ImportModuleDirectory->Name == 0)
{
return STATUS_UNSUCCESSFUL;
}
/* Get the import address list. */
ImportAddressList = (PVOID*)RVA(DriverBase, ImportModuleDirectory->FirstThunk);
/* Get the list of functions to import. */
if (ImportModuleDirectory->OriginalFirstThunk != 0)
{
FunctionNameList = (PULONG)RVA(DriverBase, ImportModuleDirectory->OriginalFirstThunk);
}
else
{
FunctionNameList = (PULONG)RVA(DriverBase, ImportModuleDirectory->FirstThunk);
}
/* Walk through function list and fixup addresses. */
while (*FunctionNameList != 0L)
{
if ((*FunctionNameList) & 0x80000000)
{
DbgPrint("Failed to import ordinal from %s\n", LoaderModule->String);
return STATUS_UNSUCCESSFUL;
}
else
{
IMAGE_IMPORT_BY_NAME *pe_name;
pe_name = RVA(DriverBase, *FunctionNameList);
*ImportAddressList = LdrPEGetExportByName((PVOID)LoaderModule->ModStart, pe_name->Name, pe_name->Hint);
/* Fixup the address to be virtual */
*ImportAddressList = (PVOID)(ULONG_PTR)*ImportAddressList + (ULONG_PTR)KernelBase - (ULONG_PTR)KernelMemory;
//DbgPrint("Looked for: %s and found: %x\n", pe_name->Name, *ImportAddressList);
if ((*ImportAddressList) == NULL)
{
DbgPrint("Failed to import %s from %s\n", pe_name->Name, LoaderModule->String);
return STATUS_UNSUCCESSFUL;
}
}
ImportAddressList++;
FunctionNameList++;
}
return STATUS_SUCCESS;
}示例3: eterm_show
void eterm_show(int m, cmulti **x, func_t *fF, int bmax, int kappa)
{
int kmax,k,db=64;
int *b=NULL,tau;
func_t *fJ=NULL;
cmulti **y=NULL;
rmulti **e=NULL,**eps=NULL,**em=NULL,**r=NULL,*rmax=NULL,**p=NULL;
kmax=(bmax-64)/db; if(kmax<0){ kmax=2; }
tau=cvec_get_exp_max(m,x);
printf("tau=%d\n",tau);
fJ=func_grad(func_retain(fF),func_var1_list(m));
CVA(y,m); RVA(e,kmax); RVA(eps,kmax); RVA(em,kmax); RVA(r,kmax); RVA(p,kmax); RA(rmax);
b=ivec_allocate(kmax);
b[0]=53;
for(k=1; k<kmax; k++){ b[k]=(k-1)*db+64; }
for(k=0; k<kmax; k++){
printf("b=%4d ",b[k]);
set_default_prec(b[k]);
rset_d(eps[k],1); rmul_2exp(eps[k],eps[k],-b[k]+tau);
mpfr_printf("2^(-b+tau)=%8.1Re ",eps[k]);
cvec_round(m,y,b[k]);
csolve_newton_map(m,y,x,fF,fJ);
csolve_newton_e_norm(e[k],m,y,x,fF,fJ,bmax*4);
if(rgt(eps[k],e[k])){ printf("> "); }else{ printf("< "); }
mpfr_printf("e=%8.1Re ",e[k]);
rset_d(em[k],1); rmul_2exp(em[k],em[k],-b[k]+tau+kappa);
if(rgt(e[k],em[k])){ printf("> "); }else{ printf("< "); }
mpfr_printf("em=%8.1Re ",em[k]);
rlog2(p[k],e[k]); rsub_d1(p[k],tau,p[k]); rsub_d1(p[k],b[k],p[k]);
mpfr_printf("b-tau+log2(e)=%+6.2Rf ",p[k]);
rlog2(r[k],e[k]); rsub_d1(r[k],tau,r[k]); rdiv_d2(r[k],r[k],b[k]); rsub_d1(r[k],1,r[k]);
mpfr_printf("κ=1-(tau-log2(e))/b=%+.10Rf ",r[k]);
printf("\n");
}
rvec_max(rmax,kmax,p);
mpfr_printf("cancel bits=%+.2Rf\n",rmax);
rvec_max(rmax,kmax,r);
mpfr_printf("κ_max=%+.10Rf\n",rmax);
// done
fJ=func_del(fJ);
b=ivec_free(b);
CVF(y,m); RVF(e,kmax); RVF(eps,kmax); RVF(em,kmax); RVF(r,kmax); RVF(p,kmax); RF(rmax);
}示例4: PE_FindNearFunctionName
const char * PE_FindNearFunctionName(
WINE_MODREF *wm,
FARPROC funcAddr )
{
unsigned short * ordinal;
unsigned long * function;
unsigned char ** name;
const char *ename = NULL;
int i, j;
PE_MODREF *pem = &(wm->binfmt.pe);
IMAGE_EXPORT_DIRECTORY *exports = pem->pe_export;
unsigned int load_addr = wm->module;
unsigned long rva_start, rva_end, addr;
char * forward;
if (!exports) {
/* Not a fatal problem, some apps do
* GetProcAddress(0,"RegisterPenApp") which triggers this
* case.
*/
WARN("Module %08x(%s)/MODREF %p doesn't have a exports table.\n",wm->module,wm->modname,pem);
return NULL;
}
ordinal= (unsigned short*) RVA(exports->AddressOfNameOrdinals);
function= (unsigned long*) RVA(exports->AddressOfFunctions);
name = (unsigned char **) RVA(exports->AddressOfNames);
forward = NULL;
rva_start = PE_HEADER(wm->module)->OptionalHeader
.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
rva_end = rva_start + PE_HEADER(wm->module)->OptionalHeader
.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size;
void *last_func = 0;
for (j = 0; j < exports->NumberOfNames; j++)
{
int index = ordinal[j];
//printf("%p %p %s\n", function[index], funcAddr, RVA(name[j]));
if(((void*)last_func >= funcAddr-load_addr ) && ((void*)function[index] < funcAddr-load_addr ) )
return (char*)RVA(name[j-1]);
last_func = function[index];
}
//printf("PE_FindFunctionName: could not resolve %p\n", funcAddr);
return 0;
}示例5: dump_exports
static void
dump_exports (HMODULE hModule)
{
#if 0
char *Module;
int i, j;
u_short *ordinal;
u_long *function, *functions;
u_char **name;
unsigned int load_addr = hModule;
DWORD rva_start =
PE_HEADER (hModule)->
OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
DWORD rva_end =
rva_start +
PE_HEADER (hModule)->
OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size;
IMAGE_EXPORT_DIRECTORY *pe_exports =
(IMAGE_EXPORT_DIRECTORY *) RVA (rva_start);
Module = (char *) RVA (pe_exports->Name);
TRACE ("*******EXPORT DATA*******\n");
TRACE ("Module name is %s, %ld functions, %ld names\n",
Module, pe_exports->NumberOfFunctions, pe_exports->NumberOfNames);
ordinal = (u_short *) RVA (pe_exports->AddressOfNameOrdinals);
functions = function = (u_long *) RVA (pe_exports->AddressOfFunctions);
name = (u_char **) RVA (pe_exports->AddressOfNames);
TRACE (" Ord RVA Addr Name\n");
for (i = 0; i < pe_exports->NumberOfFunctions; i++, function++) {
if (!*function)
continue;
if (TRACE_ON (win32)) {
DPRINTF ("%4ld %08lx %p", i + pe_exports->Base, *function,
RVA (*function));
for (j = 0; j < pe_exports->NumberOfNames; j++)
if (ordinal[j] == i) {
DPRINTF (" %s", (char *) RVA (name[j]));
break;
}
if ((*function >= rva_start) && (*function <= rva_end))
DPRINTF (" (forwarded -> %s)", (char *) RVA (*function));
DPRINTF ("\n");
}
}
#endif
}示例6: RVA
static const void *get_dir_and_size(unsigned int idx, unsigned int *size)
{
if(PE_nt_headers->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC)
{
const IMAGE_OPTIONAL_HEADER64 *opt = (const IMAGE_OPTIONAL_HEADER64*)&PE_nt_headers->OptionalHeader;
if (idx >= opt->NumberOfRvaAndSizes)
return NULL;
if(size)
*size = opt->DataDirectory[idx].Size;
return RVA(opt->DataDirectory[idx].VirtualAddress,
opt->DataDirectory[idx].Size);
}
else
{
const IMAGE_OPTIONAL_HEADER32 *opt = (const IMAGE_OPTIONAL_HEADER32*)&PE_nt_headers->OptionalHeader;
if (idx >= opt->NumberOfRvaAndSizes)
return NULL;
if(size)
*size = opt->DataDirectory[idx].Size;
return RVA(opt->DataDirectory[idx].VirtualAddress,
opt->DataDirectory[idx].Size);
}
}示例7: do_relocations
static void
do_relocations (unsigned int load_addr, IMAGE_BASE_RELOCATION * r)
{
int delta = load_addr - PE_HEADER (load_addr)->OptionalHeader.ImageBase;
int hdelta = (delta >> 16) & 0xFFFF;
int ldelta = delta & 0xFFFF;
if (delta == 0)
return;
while (r->VirtualAddress) {
char *page = (char *) RVA (r->VirtualAddress);
int count = (r->SizeOfBlock - 8) / 2;
int i;
/*
TRACE_(fixup)("%x relocations for page %lx\n",
count, r->VirtualAddress);
*/
for (i = 0; i < count; i++) {
int offset = r->TypeOffset[i] & 0xFFF;
int type = r->TypeOffset[i] >> 12;
//TRACE_(fixup)("patching %x type %x\n", offset, type);
switch (type) {
case IMAGE_REL_BASED_ABSOLUTE:
break;
case IMAGE_REL_BASED_HIGH:
*(short *) (page + offset) += hdelta;
break;
case IMAGE_REL_BASED_LOW:
*(short *) (page + offset) += ldelta;
break;
case IMAGE_REL_BASED_HIGHLOW:
*(int *) (page + offset) += delta;
break;
case IMAGE_REL_BASED_HIGHADJ:
FIXME ("Don't know what to do with IMAGE_REL_BASED_HIGHADJ\n");
break;
case IMAGE_REL_BASED_MIPS_JMPADDR:
FIXME ("Is this a MIPS machine ???\n");
break;
default:
FIXME ("Unknown fixup type\n");
break;
}
}
r = (IMAGE_BASE_RELOCATION *) ((char *) r + r->SizeOfBlock);
}
}示例8: LoadPEFile
static tCLIFile* LoadPEFile(void *pData) {
tCLIFile *pRet = TMALLOC(tCLIFile);
unsigned char *pMSDOSHeader = (unsigned char*)&(((unsigned char*)pData)[0]);
unsigned char *pPEHeader;
unsigned char *pPEOptionalHeader;
unsigned char *pPESectionHeaders;
unsigned char *pCLIHeader;
unsigned char *pRawMetaData;
int i;
unsigned int lfanew;
unsigned short machine;
int numSections;
unsigned int imageBase;
int fileAlignment;
unsigned int cliHeaderRVA, cliHeaderSize;
unsigned int metaDataRVA, metaDataSize;
tMetaData *pMetaData;
pRet->pRVA = RVA();
pRet->pMetaData = pMetaData = MetaData();
lfanew = *(unsigned int*)&(pMSDOSHeader[0x3c]);
pPEHeader = pMSDOSHeader + lfanew + 4;
pPEOptionalHeader = pPEHeader + 20;
pPESectionHeaders = pPEOptionalHeader + 224;
machine = *(unsigned short*)&(pPEHeader[0]);
if (machine != DOT_NET_MACHINE) {
return NULL;
}
numSections = *(unsigned short*)&(pPEHeader[2]);
imageBase = *(unsigned int*)&(pPEOptionalHeader[28]);
fileAlignment = *(int*)&(pPEOptionalHeader[36]);
for (i=0; i<numSections; i++) {
unsigned char *pSection = pPESectionHeaders + i * 40;
RVA_Create(pRet->pRVA, pData, pSection);
}
cliHeaderRVA = *(unsigned int*)&(pPEOptionalHeader[208]);
cliHeaderSize = *(unsigned int*)&(pPEOptionalHeader[212]);
pCLIHeader = RVA_FindData(pRet->pRVA, cliHeaderRVA);
metaDataRVA = *(unsigned int*)&(pCLIHeader[8]);
metaDataSize = *(unsigned int*)&(pCLIHeader[12]);
pRet->entryPoint = *(unsigned int*)&(pCLIHeader[20]);
pRawMetaData = RVA_FindData(pRet->pRVA, metaDataRVA);
// Load all metadata
{
unsigned int versionLen = *(unsigned int*)&(pRawMetaData[12]);
unsigned int ofs, numberOfStreams;
void *pTableStream = NULL;
unsigned int tableStreamSize;
pRet->pVersion = &(pRawMetaData[16]);
log_f(1, "CLI version: %s\n", pRet->pVersion);
ofs = 16 + versionLen;
numberOfStreams = *(unsigned short*)&(pRawMetaData[ofs + 2]);
ofs += 4;
for (i=0; i<(signed)numberOfStreams; i++) {
unsigned int streamOffset = *(unsigned int*)&pRawMetaData[ofs];
unsigned int streamSize = *(unsigned int*)&pRawMetaData[ofs+4];
unsigned char *pStreamName = &pRawMetaData[ofs+8];
void *pStream = pRawMetaData + streamOffset;
ofs += (unsigned int)((strlen(pStreamName)+4) & (~0x3)) + 8;
if (strcasecmp(pStreamName, "#Strings") == 0) {
MetaData_LoadStrings(pMetaData, pStream, streamSize);
} else if (strcasecmp(pStreamName, "#US") == 0) {
MetaData_LoadUserStrings(pMetaData, pStream, streamSize);
} else if (strcasecmp(pStreamName, "#Blob") == 0) {
MetaData_LoadBlobs(pMetaData, pStream, streamSize);
} else if (strcasecmp(pStreamName, "#GUID") == 0) {
MetaData_LoadGUIDs(pMetaData, pStream, streamSize);
} else if (strcasecmp(pStreamName, "#~") == 0) {
pTableStream = pStream;
tableStreamSize = streamSize;
}
}
// Must load tables last
if (pTableStream != NULL) {
MetaData_LoadTables(pMetaData, pRet->pRVA, pTableStream, tableStreamSize);
}
}
// Mark all generic definition types and methods as such
for (i=pMetaData->tables.numRows[MD_TABLE_GENERICPARAM]; i>0; i--) {
tMD_GenericParam *pGenericParam;
IDX_TABLE ownerIdx;
pGenericParam = (tMD_GenericParam*)MetaData_GetTableRow
(pMetaData, MAKE_TABLE_INDEX(MD_TABLE_GENERICPARAM, i));
ownerIdx = pGenericParam->owner;
switch (TABLE_ID(ownerIdx)) {
case MD_TABLE_TYPEDEF:
{
//.........这里部分代码省略.........
示例9: LoadLibraryExA
/***********************************************************************
* LoadLibraryExA (KERNEL32)
*/
HMODULE WINAPI LoadLibraryExA(LPCSTR libname, HANDLE hfile, DWORD flags)
{
WINE_MODREF *wm = 0;
char* listpath[] = { "", "", "/usr/lib/win32", "/usr/local/lib/win32", 0 };
extern char* def_path;
char path[512];
char checked[2000];
int i = -1;
checked[0] = 0;
if(!libname)
{
SetLastError(ERROR_INVALID_PARAMETER);
return 0;
}
wm=MODULE_FindModule(libname);
if(wm) return wm->module;
// if(fs_installed==0)
// install_fs();
while (wm == 0 && listpath[++i])
{
if (i < 2)
{
if (i == 0)
/* check just original file name */
strncpy(path, libname, 511);
else
/* check default user path */
strncpy(path, def_path, 300);
}
else if (strcmp(def_path, listpath[i]))
/* path from the list */
strncpy(path, listpath[i], 300);
else
continue;
if (i > 0)
{
strcat(path, "/");
strncat(path, libname, 100);
}
path[511] = 0;
wm = MODULE_LoadLibraryExA( path, hfile, flags );
if (!wm)
{
if (checked[0])
strcat(checked, ", ");
strcat(checked, path);
checked[1500] = 0;
}
}
if ( wm )
{
if ( !MODULE_DllProcessAttach( wm, NULL ) )
{
WARN_(module)("Attach failed for module '%s', \n", libname);
MODULE_FreeLibrary(wm);
SetLastError(ERROR_DLL_INIT_FAILED);
MODULE_RemoveFromList(wm);
wm = NULL;
}
}
if (!wm)
printf("Win32 LoadLibrary failed to load: %s\n", checked);
#define RVA(x) ((char *)wm->module+(unsigned int)(x))
if (strstr(libname,"vp31vfw.dll") && wm)
{
int i;
// sse hack moved from patch dll into runtime patching
if (PE_FindExportedFunction(wm, "DriverProc", TRUE)==RVA(0x1000)) {
fprintf(stderr, "VP3 DLL found\n");
for (i=0;i<18;i++) RVA(0x4bd6)[i]=0x90;
}
}
// remove a few divs in the VP codecs that make trouble
if (strstr(libname,"vp5vfw.dll") && wm)
{
int i;
if (PE_FindExportedFunction(wm, "DriverProc", TRUE)==RVA(0x3930)) {
for (i=0;i<3;i++) RVA(0x4e86)[i]=0x90;
for (i=0;i<3;i++) RVA(0x5a23)[i]=0x90;
for (i=0;i<3;i++) RVA(0x5bff)[i]=0x90;
} else {
fprintf(stderr, "Unsupported VP5 version\n");
return 0;
}
}
//.........这里部分代码省略.........
示例10: WinLdrpBindImportName
static BOOLEAN
WinLdrpBindImportName(IN OUT PLIST_ENTRY ModuleListHead,
IN PVOID DllBase,
IN PVOID ImageBase,
IN PIMAGE_THUNK_DATA ThunkData,
IN PIMAGE_EXPORT_DIRECTORY ExportDirectory,
IN ULONG ExportSize,
IN BOOLEAN ProcessForwards,
IN PCSTR DirectoryPath)
{
ULONG Ordinal;
PULONG NameTable, FunctionTable;
PUSHORT OrdinalTable;
LONG High, Low, Middle, Result;
ULONG Hint;
PIMAGE_IMPORT_BY_NAME ImportData;
PCHAR ExportName, ForwarderName;
BOOLEAN Success;
//TRACE("WinLdrpBindImportName(): DllBase 0x%X, ImageBase 0x%X, ThunkData 0x%X, ExportDirectory 0x%X, ExportSize %d, ProcessForwards 0x%X\n",
// DllBase, ImageBase, ThunkData, ExportDirectory, ExportSize, ProcessForwards);
/* Check passed DllBase param */
if(DllBase == NULL)
{
WARN("DllBase == NULL!\n");
return FALSE;
}
/* Convert all non-critical pointers to PA from VA */
ThunkData = VaToPa(ThunkData);
/* Is the reference by ordinal? */
if (IMAGE_SNAP_BY_ORDINAL(ThunkData->u1.Ordinal) && !ProcessForwards)
{
/* Yes, calculate the ordinal */
Ordinal = (ULONG)(IMAGE_ORDINAL(ThunkData->u1.Ordinal) - (UINT32)ExportDirectory->Base);
//TRACE("WinLdrpBindImportName(): Ordinal %d\n", Ordinal);
}
else
{
/* It's reference by name, we have to look it up in the export directory */
if (!ProcessForwards)
{
/* AddressOfData in thunk entry will become a virtual address (from relative) */
//TRACE("WinLdrpBindImportName(): ThunkData->u1.AOD was %p\n", ThunkData->u1.AddressOfData);
ThunkData->u1.AddressOfData =
(ULONG_PTR)RVA(ImageBase, ThunkData->u1.AddressOfData);
//TRACE("WinLdrpBindImportName(): ThunkData->u1.AOD became %p\n", ThunkData->u1.AddressOfData);
}
/* Get the import name */
ImportData = VaToPa((PVOID)ThunkData->u1.AddressOfData);
/* Get pointers to Name and Ordinal tables (RVA -> VA) */
NameTable = VaToPa(RVA(DllBase, ExportDirectory->AddressOfNames));
OrdinalTable = VaToPa(RVA(DllBase, ExportDirectory->AddressOfNameOrdinals));
//TRACE("NameTable 0x%X, OrdinalTable 0x%X, ED->AddressOfNames 0x%X, ED->AOFO 0x%X\n",
// NameTable, OrdinalTable, ExportDirectory->AddressOfNames, ExportDirectory->AddressOfNameOrdinals);
/* Get the hint, convert it to a physical pointer */
Hint = ((PIMAGE_IMPORT_BY_NAME)VaToPa((PVOID)ThunkData->u1.AddressOfData))->Hint;
//TRACE("HintIndex %d\n", Hint);
/* Get the export name from the hint */
ExportName = VaToPa(RVA(DllBase, NameTable[Hint]));
/* If Hint is less than total number of entries in the export directory,
and import name == export name, then we can just get it from the OrdinalTable */
if ((Hint < ExportDirectory->NumberOfNames) &&
(strcmp(ExportName, (PCHAR)ImportData->Name) == 0))
{
Ordinal = OrdinalTable[Hint];
//TRACE("WinLdrpBindImportName(): Ordinal %d\n", Ordinal);
}
else
{
/* It's not the easy way, we have to lookup import name in the name table.
Let's use a binary search for this task. */
//TRACE("WinLdrpBindImportName() looking up the import name using binary search...\n");
/* Low boundary is set to 0, and high boundary to the maximum index */
Low = 0;
High = ExportDirectory->NumberOfNames - 1;
/* Perform a binary-search loop */
while (High >= Low)
{
/* Divide by 2 by shifting to the right once */
Middle = (Low + High) / 2;
/* Get the name from the name table */
ExportName = VaToPa(RVA(DllBase, NameTable[Middle]));
/* Compare the names */
Result = strcmp(ExportName, (PCHAR)ImportData->Name);
/*TRACE("Binary search: comparing Import '__', Export '%s'\n",*/
//.........这里部分代码省略.........
示例11: WinLdrScanImportDescriptorTable
BOOLEAN
WinLdrScanImportDescriptorTable(IN OUT PLIST_ENTRY ModuleListHead,
IN PCCH DirectoryPath,
IN PLDR_DATA_TABLE_ENTRY ScanDTE)
{
PLDR_DATA_TABLE_ENTRY DataTableEntry;
PIMAGE_IMPORT_DESCRIPTOR ImportTable;
ULONG ImportTableSize;
PCH ImportName;
BOOLEAN Success;
/* Get a pointer to the import table of this image */
ImportTable = (PIMAGE_IMPORT_DESCRIPTOR)RtlImageDirectoryEntryToData(VaToPa(ScanDTE->DllBase),
TRUE, IMAGE_DIRECTORY_ENTRY_IMPORT, &ImportTableSize);
{
UNICODE_STRING BaseName;
BaseName.Buffer = VaToPa(ScanDTE->BaseDllName.Buffer);
BaseName.MaximumLength = ScanDTE->BaseDllName.MaximumLength;
BaseName.Length = ScanDTE->BaseDllName.Length;
TRACE("WinLdrScanImportDescriptorTable(): %wZ ImportTable = 0x%X\n",
&BaseName, ImportTable);
}
/* If image doesn't have any import directory - just return success */
if (ImportTable == NULL)
return TRUE;
/* Loop through all entries */
for (;(ImportTable->Name != 0) && (ImportTable->FirstThunk != 0);ImportTable++)
{
/* Get pointer to the name */
ImportName = (PCH)VaToPa(RVA(ScanDTE->DllBase, ImportTable->Name));
TRACE("WinLdrScanImportDescriptorTable(): Looking at %s\n", ImportName);
/* In case we get a reference to ourselves - just skip it */
if (WinLdrpCompareDllName(ImportName, &ScanDTE->BaseDllName))
continue;
/* Load the DLL if it is not already loaded */
if (!WinLdrCheckForLoadedDll(ModuleListHead, ImportName, &DataTableEntry))
{
Success = WinLdrpLoadAndScanReferencedDll(ModuleListHead,
DirectoryPath,
ImportName,
&DataTableEntry);
if (!Success)
{
ERR("WinLdrpLoadAndScanReferencedDll() failed\n");
return Success;
}
}
/* Scan its import address table */
Success = WinLdrpScanImportAddressTable(ModuleListHead,
DataTableEntry->DllBase,
ScanDTE->DllBase,
(PIMAGE_THUNK_DATA)RVA(ScanDTE->DllBase, ImportTable->FirstThunk),
DirectoryPath);
if (!Success)
{
ERR("WinLdrpScanImportAddressTable() failed: ImportName = '%s', DirectoryPath = '%s'\n",
ImportName, DirectoryPath);
return Success;
}
}
return TRUE;
}示例12: PE_HEADER
/**********************************************************************
* PE_CreateModule
*
* Create WINE_MODREF structure for loaded HMODULE32, link it into
* process modref_list, and fixup all imports.
*
* Note: hModule must point to a correctly allocated PE image,
* with base relocations applied; the 16-bit dummy module
* associated to hModule must already exist.
*
* Note: This routine must always be called in the context of the
* process that is to own the module to be created.
*/
WINE_MODREF *PE_CreateModule( HMODULE hModule,
LPCSTR filename, DWORD flags, WIN_BOOL builtin )
{
DWORD load_addr = (DWORD)hModule;
IMAGE_NT_HEADERS *nt = PE_HEADER(hModule);
IMAGE_DATA_DIRECTORY *dir;
IMAGE_IMPORT_DESCRIPTOR *pe_import = NULL;
IMAGE_EXPORT_DIRECTORY *pe_export = NULL;
IMAGE_RESOURCE_DIRECTORY *pe_resource = NULL;
WINE_MODREF *wm;
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_EXPORT;
if (dir->Size)
pe_export = (PIMAGE_EXPORT_DIRECTORY)RVA(dir->VirtualAddress);
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_IMPORT;
if (dir->Size)
pe_import = (PIMAGE_IMPORT_DESCRIPTOR)RVA(dir->VirtualAddress);
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_RESOURCE;
if (dir->Size)
pe_resource = (PIMAGE_RESOURCE_DIRECTORY)RVA(dir->VirtualAddress);
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_EXCEPTION;
if (dir->Size) FIXME("Exception directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_SECURITY;
if (dir->Size) FIXME("Security directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_DEBUG;
if (dir->Size) TRACE("Debug directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_COPYRIGHT;
if (dir->Size) FIXME("Copyright string ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_GLOBALPTR;
if (dir->Size) FIXME("Global Pointer (MIPS) ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG;
if (dir->Size) FIXME("Load Configuration directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT;
if (dir->Size) TRACE("Bound Import directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_IAT;
if (dir->Size) TRACE("Import Address Table directory ignored\n" );
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT;
if (dir->Size)
{
TRACE("Delayed import, stub calls LoadLibrary\n" );
/*
* Nothing to do here.
*/
#ifdef ImgDelayDescr
/*
* This code is useful to observe what the heck is going on.
*/
{
ImgDelayDescr *pe_delay = NULL;
pe_delay = (PImgDelayDescr)RVA(dir->VirtualAddress);
TRACE_(delayhlp)("pe_delay->grAttrs = %08x\n", pe_delay->grAttrs);
TRACE_(delayhlp)("pe_delay->szName = %s\n", pe_delay->szName);
TRACE_(delayhlp)("pe_delay->phmod = %08x\n", pe_delay->phmod);
TRACE_(delayhlp)("pe_delay->pIAT = %08x\n", pe_delay->pIAT);
TRACE_(delayhlp)("pe_delay->pINT = %08x\n", pe_delay->pINT);
TRACE_(delayhlp)("pe_delay->pBoundIAT = %08x\n", pe_delay->pBoundIAT);
TRACE_(delayhlp)("pe_delay->pUnloadIAT = %08x\n", pe_delay->pUnloadIAT);
TRACE_(delayhlp)("pe_delay->dwTimeStamp = %08x\n", pe_delay->dwTimeStamp);
}
#endif
}
dir = nt->OptionalHeader.DataDirectory+IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR;
if (dir->Size) FIXME("Unknown directory 14 ignored\n" );
dir = nt->OptionalHeader.DataDirectory+15;
if (dir->Size) FIXME("Unknown directory 15 ignored\n" );
//.........这里部分代码省略.........
示例13: WinLdrAllocateDataTableEntry
BOOLEAN
WinLdrAllocateDataTableEntry(IN OUT PLIST_ENTRY ModuleListHead,
IN PCCH BaseDllName,
IN PCCH FullDllName,
IN PVOID BasePA,
OUT PLDR_DATA_TABLE_ENTRY *NewEntry)
{
PVOID BaseVA = PaToVa(BasePA);
PWSTR Buffer;
PLDR_DATA_TABLE_ENTRY DataTableEntry;
PIMAGE_NT_HEADERS NtHeaders;
USHORT Length;
TRACE("WinLdrAllocateDataTableEntry(, '%s', '%s', %p)\n",
BaseDllName, FullDllName, BasePA);
/* Allocate memory for a data table entry, zero-initialize it */
DataTableEntry = (PLDR_DATA_TABLE_ENTRY)FrLdrHeapAlloc(sizeof(LDR_DATA_TABLE_ENTRY),
TAG_WLDR_DTE);
if (DataTableEntry == NULL)
return FALSE;
RtlZeroMemory(DataTableEntry, sizeof(LDR_DATA_TABLE_ENTRY));
/* Get NT headers from the image */
NtHeaders = RtlImageNtHeader(BasePA);
/* Initialize corresponding fields of DTE based on NT headers value */
DataTableEntry->DllBase = BaseVA;
DataTableEntry->SizeOfImage = NtHeaders->OptionalHeader.SizeOfImage;
DataTableEntry->EntryPoint = RVA(BaseVA, NtHeaders->OptionalHeader.AddressOfEntryPoint);
DataTableEntry->SectionPointer = 0;
DataTableEntry->CheckSum = NtHeaders->OptionalHeader.CheckSum;
/* Initialize BaseDllName field (UNICODE_STRING) from the Ansi BaseDllName
by simple conversion - copying each character */
Length = (USHORT)(strlen(BaseDllName) * sizeof(WCHAR));
Buffer = (PWSTR)FrLdrHeapAlloc(Length, TAG_WLDR_NAME);
if (Buffer == NULL)
{
FrLdrHeapFree(DataTableEntry, TAG_WLDR_DTE);
return FALSE;
}
RtlZeroMemory(Buffer, Length);
DataTableEntry->BaseDllName.Length = Length;
DataTableEntry->BaseDllName.MaximumLength = Length;
DataTableEntry->BaseDllName.Buffer = PaToVa(Buffer);
while (*BaseDllName != 0)
{
*Buffer++ = *BaseDllName++;
}
/* Initialize FullDllName field (UNICODE_STRING) from the Ansi FullDllName
using the same method */
Length = (USHORT)(strlen(FullDllName) * sizeof(WCHAR));
Buffer = (PWSTR)FrLdrHeapAlloc(Length, TAG_WLDR_NAME);
if (Buffer == NULL)
{
FrLdrHeapFree(DataTableEntry, TAG_WLDR_DTE);
return FALSE;
}
RtlZeroMemory(Buffer, Length);
DataTableEntry->FullDllName.Length = Length;
DataTableEntry->FullDllName.MaximumLength = Length;
DataTableEntry->FullDllName.Buffer = PaToVa(Buffer);
while (*FullDllName != 0)
{
*Buffer++ = *FullDllName++;
}
/* Initialize what's left - LoadCount which is 1, and set Flags so that
we know this entry is processed */
DataTableEntry->Flags = LDRP_ENTRY_PROCESSED;
DataTableEntry->LoadCount = 1;
/* Insert this DTE to a list in the LPB */
InsertTailList(ModuleListHead, &DataTableEntry->InLoadOrderLinks);
TRACE("Inserting DTE %p, name='%.*S' DllBase=%p \n", DataTableEntry,
DataTableEntry->BaseDllName.Length / 2,
VaToPa(DataTableEntry->BaseDllName.Buffer),
DataTableEntry->DllBase);
/* Save pointer to a newly allocated and initialized entry */
*NewEntry = DataTableEntry;
/* Return success */
return TRUE;
}示例14: fixup_imports
static DWORD fixup_imports( WINE_MODREF *wm )
{
IMAGE_IMPORT_DESCRIPTOR *pe_imp;
PE_MODREF *pem;
unsigned int load_addr = wm->module;
int i,characteristics_detection=1;
char *modname;
assert(wm->type==MODULE32_PE);
pem = &(wm->binfmt.pe);
if (pem->pe_export)
modname = (char*) RVA(pem->pe_export->Name);
else
modname = "<unknown>";
TRACE("Dumping imports list\n");
pe_imp = pem->pe_import;
if (!pe_imp) return 0;
/* We assume that we have at least one import with !0 characteristics and
* detect broken imports with all characteristsics 0 (notably Borland) and
* switch the detection off for them.
*/
for (i = 0; pe_imp->Name ; pe_imp++) {
if (!i && !pe_imp->u.Characteristics)
characteristics_detection = 0;
if (characteristics_detection && !pe_imp->u.Characteristics)
break;
i++;
}
if (!i) return 0;
wm->nDeps = i;
wm->deps = HeapAlloc( GetProcessHeap(), 0, i*sizeof(WINE_MODREF *) );
/* load the imported modules. They are automatically
* added to the modref list of the process.
*/
for (i = 0, pe_imp = pem->pe_import; pe_imp->Name ; pe_imp++) {
IMAGE_IMPORT_BY_NAME *pe_name;
PIMAGE_THUNK_DATA import_list,thunk_list;
char *name = (char *) RVA(pe_imp->Name);
if (characteristics_detection && !pe_imp->u.Characteristics)
break;
/* FIXME: here we should fill imports */
TRACE("Loading imports for %s.dll\n", name);
if (pe_imp->u.OriginalFirstThunk != 0) {
TRACE("Microsoft style imports used\n");
import_list =(PIMAGE_THUNK_DATA) RVA(pe_imp->u.OriginalFirstThunk);
thunk_list = (PIMAGE_THUNK_DATA) RVA(pe_imp->FirstThunk);
while (import_list->u1.Ordinal) {
if (IMAGE_SNAP_BY_ORDINAL(import_list->u1.Ordinal)) {
int ordinal = IMAGE_ORDINAL(import_list->u1.Ordinal);
// TRACE("--- Ordinal %s,%d\n", name, ordinal);
thunk_list->u1.Function=LookupExternal(name, ordinal);
} else {
pe_name = (PIMAGE_IMPORT_BY_NAME)RVA(import_list->u1.AddressOfData);
// TRACE("--- %s %s.%d\n", pe_name->Name, name, pe_name->Hint);
thunk_list->u1.Function=LookupExternalByName(name, pe_name->Name);
}
import_list++;
thunk_list++;
}
} else {
TRACE("Borland style imports used\n");
thunk_list = (PIMAGE_THUNK_DATA) RVA(pe_imp->FirstThunk);
while (thunk_list->u1.Ordinal) {
if (IMAGE_SNAP_BY_ORDINAL(thunk_list->u1.Ordinal)) {
int ordinal = IMAGE_ORDINAL(thunk_list->u1.Ordinal);
TRACE("--- Ordinal %s.%d\n",name,ordinal);
thunk_list->u1.Function=LookupExternal(
name, ordinal);
} else {
pe_name=(PIMAGE_IMPORT_BY_NAME) RVA(thunk_list->u1.AddressOfData);
TRACE("--- %s %s.%d\n",
pe_name->Name,name,pe_name->Hint);
thunk_list->u1.Function=LookupExternalByName(
name, pe_name->Name);
}
thunk_list++;
}
}
}
return 0;
}示例15: PE_LoadImage
//.........这里部分代码省略.........
reloc = dir->VirtualAddress;
else
{
FIXME( "FATAL: Need to relocate %s, but no relocation records present (%s). Try to run that file directly !\n",
filename,
(nt->FileHeader.Characteristics&IMAGE_FILE_RELOCS_STRIPPED)?
"stripped during link" : "unknown reason" );
goto error;
}
/* FIXME: If we need to relocate a system DLL (base > 2GB) we should
* really make sure that the *new* base address is also > 2GB.
* Some DLLs really check the MSB of the module handle :-/
*/
if ( nt->OptionalHeader.ImageBase & 0x80000000 )
ERR( "Forced to relocate system DLL (base > 2GB). This is not good.\n" );
load_addr = (DWORD)VirtualAlloc( NULL, vma_size,
MEM_RESERVE | MEM_COMMIT,
PAGE_EXECUTE_READWRITE );
if (!load_addr) {
FIXME_(win32)(
"FATAL: Couldn't load module %s (out of memory, %d needed)!\n", filename, vma_size);
goto error;
}
}
TRACE("Load addr is %lx (base %lx), range %x\n",
load_addr, nt->OptionalHeader.ImageBase, vma_size );
TRACE_(segment)("Loading %s at %lx, range %x\n",
filename, load_addr, vma_size );
#if 0
*(PIMAGE_DOS_HEADER)load_addr = *(PIMAGE_DOS_HEADER)hModule;
*PE_HEADER( load_addr ) = *nt;
memcpy( PE_SECTIONS(load_addr), PE_SECTIONS(hModule),
sizeof(IMAGE_SECTION_HEADER) * nt->FileHeader.NumberOfSections );
memcpy( load_addr, hModule, lowest_fa );
#endif
if ((void*)FILE_dommap( handle, (void *)load_addr, 0, nt->OptionalHeader.SizeOfHeaders,
0, 0, PROT_EXEC | PROT_WRITE | PROT_READ,
MAP_PRIVATE | MAP_FIXED ) != (void*)load_addr)
{
ERR_(win32)( "Critical Error: failed to map PE header to necessary address.\n");
goto error;
}
pe_sec = PE_SECTIONS( hModule );
for (i = 0; i < nt->FileHeader.NumberOfSections; i++, pe_sec++)
{
if (!pe_sec->SizeOfRawData || !pe_sec->PointerToRawData) continue;
TRACE("%s: mmaping section %s at %p off %lx size %lx/%lx\n",
filename, pe_sec->Name, (void*)RVA(pe_sec->VirtualAddress),
pe_sec->PointerToRawData, pe_sec->SizeOfRawData, pe_sec->Misc.VirtualSize );
if ((void*)FILE_dommap( unix_handle, (void*)RVA(pe_sec->VirtualAddress),
0, pe_sec->SizeOfRawData, 0, pe_sec->PointerToRawData,
PROT_EXEC | PROT_WRITE | PROT_READ,
MAP_PRIVATE | MAP_FIXED ) != (void*)RVA(pe_sec->VirtualAddress))
{
ERR_(win32)( "Critical Error: failed to map PE section to necessary address.\n");
goto error;
}
if ((pe_sec->SizeOfRawData < pe_sec->Misc.VirtualSize) &&
(pe_sec->SizeOfRawData & (page_size-1)))
{
DWORD end = (pe_sec->SizeOfRawData & ~(page_size-1)) + page_size;
if (end > pe_sec->Misc.VirtualSize) end = pe_sec->Misc.VirtualSize;
TRACE("clearing %p - %p\n",
RVA(pe_sec->VirtualAddress) + pe_sec->SizeOfRawData,
RVA(pe_sec->VirtualAddress) + end );
memset( (char*)RVA(pe_sec->VirtualAddress) + pe_sec->SizeOfRawData, 0,
end - pe_sec->SizeOfRawData );
}
}
if ( reloc )
do_relocations( load_addr, (IMAGE_BASE_RELOCATION *)RVA(reloc) );
*version = ( (nt->OptionalHeader.MajorSubsystemVersion & 0xff) << 8 )
| (nt->OptionalHeader.MinorSubsystemVersion & 0xff);
UnmapViewOfFile( (LPVOID)hModule );
return (HMODULE)load_addr;
error:
if (unix_handle != -1) close( unix_handle );
if (load_addr)
VirtualFree( (LPVOID)load_addr, 0, MEM_RELEASE );
UnmapViewOfFile( (LPVOID)hModule );
return 0;
}