latest/doxygen/OptionalHeader_8hpp_source.html

/* Copyright 2017 - 2024 R. Thomas

 * Copyright 2017 - 2024 Quarkslab

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef LIEF_PE_OPTIONAL_HEADER_H

#define LIEF_PE_OPTIONAL_HEADER_H

#include <ostream>

#include <vector>

#include <cstdint>


#include "LIEF/Object.hpp"

#include "LIEF/visibility.h"


#include "LIEF/enums.hpp"

#include "LIEF/PE/enums.hpp"


namespace LIEF {

namespace PE {

class Parser;


namespace details {

struct pe32_optional_header;

struct pe64_optional_header;

}


class LIEF_API OptionalHeader : public Object {

  friend class Parser;

  public:


  enum class DLL_CHARACTERISTICS: size_t  {

    HIGH_ENTROPY_VA       = 0x0020,

    DYNAMIC_BASE          = 0x0040,

    FORCE_INTEGRITY       = 0x0080,

    NX_COMPAT             = 0x0100,

    NO_ISOLATION          = 0x0200,

    NO_SEH                = 0x0400,

    NO_BIND               = 0x0800,

    APPCONTAINER          = 0x1000,

    WDM_DRIVER            = 0x2000,

    GUARD_CF              = 0x4000,

    TERMINAL_SERVER_AWARE = 0x8000

  };


  enum class SUBSYSTEM: size_t  {

    UNKNOWN                  = 0,

    NATIVE                   = 1,

    WINDOWS_GUI              = 2,

    WINDOWS_CUI              = 3,

    OS2_CUI                  = 5,

    POSIX_CUI                = 7,

    NATIVE_WINDOWS           = 8,

    WINDOWS_CE_GUI           = 9,

    EFI_APPLICATION          = 10,

    EFI_BOOT_SERVICE_DRIVER  = 11,

    EFI_RUNTIME_DRIVER       = 12,

    EFI_ROM                  = 13,

    XBOX                     = 14,

    WINDOWS_BOOT_APPLICATION = 16

  };


  OptionalHeader(const details::pe32_optional_header& header);

  OptionalHeader(const details::pe64_optional_header& header);

  ~OptionalHeader() override;


  OptionalHeader& operator=(const OptionalHeader&);

  OptionalHeader(const OptionalHeader&);


  static OptionalHeader create(PE_TYPE type);


  PE_TYPE magic() const {

    return magic_;

  }


  uint8_t major_linker_version() const {

    return major_linker_version_;

  }


  uint8_t minor_linker_version() const {

    return minor_linker_version_;

  }


  uint32_t sizeof_code() const {

    return sizeof_code_;

  }


  uint32_t sizeof_initialized_data() const {

    return sizeof_initialized_data_;

  }


  uint32_t sizeof_uninitialized_data() const {

    return sizeof_uninitialized_data_;

  }


  uint32_t addressof_entrypoint() const {

    return entrypoint_;

  }


  uint32_t baseof_code() const {

    return baseof_code_;

  }


  uint32_t baseof_data() const {

    return baseof_data_;

  }


  uint64_t imagebase() const {

    return imagebase_;

  }


  uint32_t section_alignment() const {

    return section_align_;

  }


  uint32_t file_alignment() const {

    return file_align_;

  }


  uint16_t major_operating_system_version() const {

    return major_os_version_;

  }


  uint16_t minor_operating_system_version() const {

    return minor_os_version_;

  }


  uint16_t major_image_version() const {

    return major_image_version_;

  }


  uint16_t minor_image_version() const {

    return minor_image_version_;

  }


  uint16_t major_subsystem_version() const {

    return major_subsys_version_;

  }


  uint16_t minor_subsystem_version() const {

    return minor_subsys_version_;

  }


  uint32_t win32_version_value() const {

    return win32_version_value_;

  }


  uint32_t sizeof_image() const {

    return sizeof_image_;

  }


  uint32_t sizeof_headers() const {

    return sizeof_headers_;

  }


  uint32_t checksum() const {

    return checksum_;

  }


  uint32_t computed_checksum() const {

    return computed_checksum_;

  }


  SUBSYSTEM subsystem() const {

    return subsystem_;

  }


  uint32_t dll_characteristics() const {

    return dll_characteristics_;

  }


  uint64_t sizeof_stack_reserve() const {

    return sizeof_stack_reserve_;

  }


  uint64_t sizeof_stack_commit() const {

    return sizeof_stack_commit_;

  }


  uint64_t sizeof_heap_reserve() const {

    return sizeof_heap_reserve_;

  }


  uint64_t sizeof_heap_commit() const {

    return sizeof_heap_commit_;

  }


  uint32_t loader_flags() const {

    return loader_flags_;

  }


  uint32_t numberof_rva_and_size() const {

    return nb_rva_size_;

  }


  bool has(DLL_CHARACTERISTICS c) const;


  std::vector<DLL_CHARACTERISTICS> dll_characteristics_list() const;


  void add(DLL_CHARACTERISTICS c);


  void remove(DLL_CHARACTERISTICS c);


  void magic(PE_TYPE magic) {

    magic_ = magic;

  }


  void major_linker_version(uint8_t value) {

    major_linker_version_ = value;

  }


  void minor_linker_version(uint8_t value) {

    minor_linker_version_ = value;

  }


  void sizeof_code(uint32_t value) {

    sizeof_code_ = value;

  }


  void sizeof_initialized_data(uint32_t value) {

    sizeof_initialized_data_ = value;

  }


  void sizeof_uninitialized_data(uint32_t value) {

    sizeof_uninitialized_data_ = value;

  }


  void addressof_entrypoint(uint32_t value) {

    entrypoint_ = value;

  }


  void baseof_code(uint32_t value) {

    baseof_code_ = value;

  }


  void baseof_data(uint32_t value) {

    baseof_data_ = value;

  }


  void imagebase(uint64_t value) {

    imagebase_ = value;

  }


  void section_alignment(uint32_t value) {

    section_align_ = value;

  }


  void file_alignment(uint32_t value) {

    file_align_ = value;

  }


  void major_operating_system_version(uint16_t value) {

    major_os_version_ = value;

  }


  void minor_operating_system_version(uint16_t value) {

    minor_os_version_ = value;

  }


  void major_image_version(uint16_t value) {

    major_image_version_ = value;

  }


  void minor_image_version(uint16_t value) {

    minor_image_version_ = value;

  }


  void major_subsystem_version(uint16_t value) {

    major_subsys_version_ = value;

  }


  void minor_subsystem_version(uint16_t value) {

    minor_subsys_version_ = value;

  }


  void win32_version_value(uint32_t value) {

    win32_version_value_ = value;

  }


  void sizeof_image(uint32_t value) {

    sizeof_image_ = value;

  }


  void sizeof_headers(uint32_t value) {

    sizeof_headers_ = value;

  }


  void checksum(uint32_t value) {

    checksum_ = value;

  }


  void subsystem(SUBSYSTEM value) {

    subsystem_ = value;

  }


  void dll_characteristics(uint32_t value) {

    dll_characteristics_ = value;

  }


  void sizeof_stack_reserve(uint64_t value) {

    sizeof_stack_reserve_ = value;

  }


  void sizeof_stack_commit(uint64_t value) {

    sizeof_stack_commit_ = value;

  }


  void sizeof_heap_reserve(uint64_t value) {

    sizeof_heap_reserve_ = value;

  }


  void sizeof_heap_commit(uint64_t value) {

    sizeof_heap_commit_ = value;

  }


  void loader_flags(uint32_t value) {

    loader_flags_ = value;

  }


  void numberof_rva_and_size(uint32_t value) {

    nb_rva_size_ = value;

  }


  void accept(Visitor& visitor) const override;


  OptionalHeader& operator+=(DLL_CHARACTERISTICS c);

  OptionalHeader& operator-=(DLL_CHARACTERISTICS c);


  LIEF_API friend std::ostream& operator<<(std::ostream& os, const OptionalHeader& entry);


  private:

  OptionalHeader();


  PE_TYPE   magic_ = PE_TYPE::PE32;

  uint8_t   major_linker_version_ = 0;

  uint8_t   minor_linker_version_ = 0;

  uint32_t  sizeof_code_ = 0;

  uint32_t  sizeof_initialized_data_ = 0;

  uint32_t  sizeof_uninitialized_data_ = 0;

  uint32_t  entrypoint_ = 0;

  uint32_t  baseof_code_ = 0;

  uint32_t  baseof_data_ = 0;

  uint64_t  imagebase_ = 0;

  uint32_t  section_align_ = 0;

  uint32_t  file_align_ = 0;

  uint16_t  major_os_version_ = 0;

  uint16_t  minor_os_version_ = 0;

  uint16_t  major_image_version_ = 0;

  uint16_t  minor_image_version_ = 0;

  uint16_t  major_subsys_version_ = 0;

  uint16_t  minor_subsys_version_ = 0;

  uint32_t  win32_version_value_ = 0;

  uint32_t  sizeof_image_ = 0;

  uint32_t  sizeof_headers_ = 0;

  uint32_t  checksum_ = 0;

  SUBSYSTEM subsystem_ = SUBSYSTEM::UNKNOWN;

  uint32_t  dll_characteristics_ = 0;

  uint64_t  sizeof_stack_reserve_ = 0;

  uint64_t  sizeof_stack_commit_ = 0;

  uint64_t  sizeof_heap_reserve_ = 0;

  uint64_t  sizeof_heap_commit_ = 0;

  uint32_t  loader_flags_ = 0;

  uint32_t  nb_rva_size_ = 0;


  uint32_t  computed_checksum_ = 0;

};


LIEF_API const char* to_string(OptionalHeader::DLL_CHARACTERISTICS);

LIEF_API const char* to_string(OptionalHeader::SUBSYSTEM);


}

}


ENABLE_BITMASK_OPERATORS(LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS);


#endif

LIEF::Object
Definition Object.hpp:25

LIEF::PE::OptionalHeader
Class which represents the PE OptionalHeader structure.
Definition OptionalHeader.hpp:38

LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS
DLL_CHARACTERISTICS
Definition OptionalHeader.hpp:42

LIEF::PE::OptionalHeader::major_image_version
uint16_t major_image_version() const
The major version number of the image.
Definition OptionalHeader.hpp:172

LIEF::PE::OptionalHeader::minor_subsystem_version
uint16_t minor_subsystem_version() const
The minor version number of the subsystem.
Definition OptionalHeader.hpp:187

LIEF::PE::OptionalHeader::SUBSYSTEM
SUBSYSTEM
Definition OptionalHeader.hpp:56

LIEF::PE::OptionalHeader::numberof_rva_and_size
uint32_t numberof_rva_and_size() const
The number of DataDirectory that follow this header.
Definition OptionalHeader.hpp:268

LIEF::PE::OptionalHeader::sizeof_uninitialized_data
uint32_t sizeof_uninitialized_data() const
The size of the uninitialized data which are usually located in the .bss section. If the uninitialize...
Definition OptionalHeader.hpp:117

LIEF::PE::OptionalHeader::dll_characteristics_list
std::vector< DLL_CHARACTERISTICS > dll_characteristics_list() const
Return the list of the dll_characteristics as an std::set of DLL_CHARACTERISTICS.

LIEF::PE::OptionalHeader::sizeof_stack_commit
uint64_t sizeof_stack_commit() const
Size of the stack to commit.
Definition OptionalHeader.hpp:248

LIEF::PE::OptionalHeader::has
bool has(DLL_CHARACTERISTICS c) const
Check if the given DLL_CHARACTERISTICS is included in the dll_characteristics.

LIEF::PE::OptionalHeader::minor_linker_version
uint8_t minor_linker_version() const
The linker minor version.
Definition OptionalHeader.hpp:93

LIEF::PE::OptionalHeader::major_linker_version
uint8_t major_linker_version() const
The linker major version.
Definition OptionalHeader.hpp:88

LIEF::PE::OptionalHeader::sizeof_headers
uint32_t sizeof_headers() const
Size of the DosHeader + PE Header + Section headers rounded up to a multiple of the file_alignment.
Definition OptionalHeader.hpp:205

LIEF::PE::OptionalHeader::remove
void remove(DLL_CHARACTERISTICS c)
Remove a DLL_CHARACTERISTICS from the current characteristics.

LIEF::PE::OptionalHeader::major_operating_system_version
uint16_t major_operating_system_version() const
The major version number of the required operating system.
Definition OptionalHeader.hpp:162

LIEF::PE::OptionalHeader::win32_version_value
uint32_t win32_version_value() const
According to the official PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:193

LIEF::PE::OptionalHeader::sizeof_heap_commit
uint64_t sizeof_heap_commit() const
Size of the heap to commit.
Definition OptionalHeader.hpp:258

LIEF::PE::OptionalHeader::sizeof_image
uint32_t sizeof_image() const
The size (in bytes) of the image, including all headers, as the image is loaded in memory.
Definition OptionalHeader.hpp:200

LIEF::PE::OptionalHeader::imagebase
uint64_t imagebase() const
The preferred base address when mapping the binary in memory.
Definition OptionalHeader.hpp:143

LIEF::PE::OptionalHeader::baseof_data
uint32_t baseof_data() const
Address relative to the imagebase where the binary's data starts.
Definition OptionalHeader.hpp:138

LIEF::PE::OptionalHeader::section_alignment
uint32_t section_alignment() const
The alignment (in bytes) of sections when they are loaded into memory.
Definition OptionalHeader.hpp:151

LIEF::PE::OptionalHeader::sizeof_code
uint32_t sizeof_code() const
The size of the code .text section or the sum of all the sections that contain code (ie....
Definition OptionalHeader.hpp:99

LIEF::PE::OptionalHeader::minor_operating_system_version
uint16_t minor_operating_system_version() const
The minor version number of the required operating system.
Definition OptionalHeader.hpp:167

LIEF::PE::OptionalHeader::major_subsystem_version
uint16_t major_subsystem_version() const
The major version number of the subsystem.
Definition OptionalHeader.hpp:182

LIEF::PE::OptionalHeader::loader_flags
uint32_t loader_flags() const
According to the PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:263

LIEF::PE::OptionalHeader::subsystem
SUBSYSTEM subsystem() const
Target subsystem like Driver, XBox, Windows GUI, ...
Definition OptionalHeader.hpp:227

LIEF::PE::OptionalHeader::file_alignment
uint32_t file_alignment() const
The section's file alignment. This value must be a power of 2 between 512 and 64K....
Definition OptionalHeader.hpp:157

LIEF::PE::OptionalHeader::baseof_code
uint32_t baseof_code() const
Address relative to the imagebase where the binary's code starts.
Definition OptionalHeader.hpp:131

LIEF::PE::OptionalHeader::sizeof_stack_reserve
uint64_t sizeof_stack_reserve() const
Size of the stack to reserve when loading the PE binary.
Definition OptionalHeader.hpp:243

LIEF::PE::OptionalHeader::sizeof_initialized_data
uint32_t sizeof_initialized_data() const
The size of the initialized data which are usually located in the .data section. If the initialized d...
Definition OptionalHeader.hpp:108

LIEF::PE::OptionalHeader::dll_characteristics
uint32_t dll_characteristics() const
Some characteristics of the underlying binary like the support of the PIE. The prefix dll comes from ...
Definition OptionalHeader.hpp:235

LIEF::PE::OptionalHeader::checksum
uint32_t checksum() const
The image file checksum. The algorithm for computing the checksum is incorporated into IMAGHELP....
Definition OptionalHeader.hpp:213

LIEF::PE::OptionalHeader::minor_image_version
uint16_t minor_image_version() const
The minor version number of the image.
Definition OptionalHeader.hpp:177

LIEF::PE::OptionalHeader::addressof_entrypoint
uint32_t addressof_entrypoint() const
The address of the entry point relative to the image base when the executable file is loaded into mem...
Definition OptionalHeader.hpp:126

LIEF::PE::OptionalHeader::add
void add(DLL_CHARACTERISTICS c)
Add a DLL_CHARACTERISTICS to the current characteristics.

LIEF::PE::OptionalHeader::sizeof_heap_reserve
uint64_t sizeof_heap_reserve() const
Size of the heap to reserve when loading the PE binary.
Definition OptionalHeader.hpp:253

LIEF::PE::OptionalHeader::magic
PE_TYPE magic() const
Magic bytes: either PE32 or PE32+ for 64-bits PE files.
Definition OptionalHeader.hpp:83

LIEF::PE::OptionalHeader::computed_checksum
uint32_t computed_checksum() const
The re-computed value of the OptionalHeader::checksum. If both values do not match,...
Definition OptionalHeader.hpp:222

LIEF::PE::Parser
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47

LIEF::PE::PE_TYPE
PE_TYPE
Definition PE/enums.hpp:680

LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:32