virtualx-engine/tools/pe_bliss/pe_debug.h

325 lines
9.8 KiB
C
Raw Normal View History

2015-11-08 23:54:41 +01:00
/*************************************************************************/
/* Copyright (c) 2015 dx, http://kaimi.ru */
/* */
/* Permission is hereby granted, free of charge, to any person */
/* obtaining a copy of this software and associated documentation */
/* files (the "Software"), to deal in the Software without */
/* restriction, including without limitation the rights to use, */
/* copy, modify, merge, publish, distribute, sublicense, and/or */
/* sell copies of the Software, and to permit persons to whom the */
/* Software is furnished to do so, subject to the following conditions: */
/* The above copyright notice and this permission notice shall be */
/* included in all copies or substantial portions of the Software. */
/* */
/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */
/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */
/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/
/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */
/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */
/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */
/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
/*************************************************************************/
#pragma once
#include <vector>
#include "pe_structures.h"
#include "pe_base.h"
namespace pe_bliss
{
//Class representing advanced RSDS (PDB 7.0) information
class pdb_7_0_info
{
public:
//Default constructor
pdb_7_0_info();
//Constructor from data
explicit pdb_7_0_info(const pe_win::CV_INFO_PDB70* info);
//Returns debug PDB 7.0 structure GUID
const pe_win::guid get_guid() const;
//Returns age of build
uint32_t get_age() const;
//Returns PDB file name / path
const std::string& get_pdb_file_name() const;
private:
uint32_t age_;
pe_win::guid guid_;
std::string pdb_file_name_;
};
//Class representing advanced NB10 (PDB 2.0) information
class pdb_2_0_info
{
public:
//Default constructor
pdb_2_0_info();
//Constructor from data
explicit pdb_2_0_info(const pe_win::CV_INFO_PDB20* info);
//Returns debug PDB 2.0 structure signature
uint32_t get_signature() const;
//Returns age of build
uint32_t get_age() const;
//Returns PDB file name / path
const std::string& get_pdb_file_name() const;
private:
uint32_t age_;
uint32_t signature_;
std::string pdb_file_name_;
};
//Class representing advanced misc (IMAGE_DEBUG_TYPE_MISC) info
class misc_debug_info
{
public:
//Default constructor
misc_debug_info();
//Constructor from data
explicit misc_debug_info(const pe_win::image_debug_misc* info);
//Returns debug data type
uint32_t get_data_type() const;
//Returns true if data type is exe name
bool is_exe_name() const;
//Returns true if debug data is UNICODE
bool is_unicode() const;
//Returns debug data (ANSI or UNICODE)
const std::string& get_data_ansi() const;
const std::wstring& get_data_unicode() const;
private:
uint32_t data_type_;
bool unicode_;
std::string debug_data_ansi_;
std::wstring debug_data_unicode_;
};
//Class representing COFF (IMAGE_DEBUG_TYPE_COFF) debug info
class coff_debug_info
{
public:
//Structure representing COFF symbol
struct coff_symbol
{
public:
//Default constructor
coff_symbol();
//Returns storage class
uint32_t get_storage_class() const;
//Returns symbol index
uint32_t get_index() const;
//Returns section number
uint32_t get_section_number() const;
//Returns RVA
uint32_t get_rva() const;
//Returns type
uint16_t get_type() const;
//Returns true if structure contains file name
bool is_file() const;
//Returns text data (symbol or file name)
const std::string& get_symbol() const;
public: //These functions do not change everything inside image, they are used by PE class
//Sets storage class
void set_storage_class(uint32_t storage_class);
//Sets symbol index
void set_index(uint32_t index);
//Sets section number
void set_section_number(uint32_t section_number);
//Sets RVA
void set_rva(uint32_t rva);
//Sets type
void set_type(uint16_t type);
//Sets file name
void set_file_name(const std::string& file_name);
//Sets symbol name
void set_symbol_name(const std::string& symbol_name);
private:
uint32_t storage_class_;
uint32_t index_;
uint32_t section_number_, rva_;
uint16_t type_;
bool is_filename_;
std::string name_;
};
public:
typedef std::vector<coff_symbol> coff_symbols_list;
public:
//Default constructor
coff_debug_info();
//Constructor from data
explicit coff_debug_info(const pe_win::image_coff_symbols_header* info);
//Returns number of symbols
uint32_t get_number_of_symbols() const;
//Returns virtual address of the first symbol
uint32_t get_lva_to_first_symbol() const;
//Returns number of line-number entries
uint32_t get_number_of_line_numbers() const;
//Returns virtual address of the first line-number entry
uint32_t get_lva_to_first_line_number() const;
//Returns relative virtual address of the first byte of code
uint32_t get_rva_to_first_byte_of_code() const;
//Returns relative virtual address of the last byte of code
uint32_t get_rva_to_last_byte_of_code() const;
//Returns relative virtual address of the first byte of data
uint32_t get_rva_to_first_byte_of_data() const;
//Returns relative virtual address of the last byte of data
uint32_t get_rva_to_last_byte_of_data() const;
//Returns COFF symbols list
const coff_symbols_list& get_symbols() const;
public: //These functions do not change everything inside image, they are used by PE class
//Adds COFF symbol
void add_symbol(const coff_symbol& sym);
private:
uint32_t number_of_symbols_;
uint32_t lva_to_first_symbol_;
uint32_t number_of_line_numbers_;
uint32_t lva_to_first_line_number_;
uint32_t rva_to_first_byte_of_code_;
uint32_t rva_to_last_byte_of_code_;
uint32_t rva_to_first_byte_of_data_;
uint32_t rva_to_last_byte_of_data_;
private:
coff_symbols_list symbols_;
};
//Class representing debug information
class debug_info
{
public:
//Enumeration of debug information types
enum debug_info_type
{
debug_type_unknown,
debug_type_coff,
debug_type_codeview,
debug_type_fpo,
debug_type_misc,
debug_type_exception,
debug_type_fixup,
debug_type_omap_to_src,
debug_type_omap_from_src,
debug_type_borland,
debug_type_reserved10,
debug_type_clsid
};
public:
//Enumeration of advanced debug information types
enum advanced_info_type
{
advanced_info_none, //No advanced info
advanced_info_pdb_7_0, //PDB 7.0
advanced_info_pdb_2_0, //PDB 2.0
advanced_info_misc, //MISC debug info
advanced_info_coff, //COFF debug info
//No advanced info structures available for types below
advanced_info_codeview_4_0, //CodeView 4.0
advanced_info_codeview_5_0, //CodeView 5.0
advanced_info_codeview //CodeView
};
public:
//Default constructor
debug_info();
//Constructor from data
explicit debug_info(const pe_win::image_debug_directory& debug);
//Copy constructor
debug_info(const debug_info& info);
//Copy assignment operator
debug_info& operator=(const debug_info& info);
//Destructor
~debug_info();
//Returns debug characteristics
uint32_t get_characteristics() const;
//Returns debug datetimestamp
uint32_t get_time_stamp() const;
//Returns major version
uint32_t get_major_version() const;
//Returns minor version
uint32_t get_minor_version() const;
//Returns type of debug info (unchecked)
uint32_t get_type_raw() const;
//Returns type of debug info from debug_info_type enumeration
debug_info_type get_type() const;
//Returns size of debug data (internal, .pdb or other file doesn't count)
uint32_t get_size_of_data() const;
//Returns RVA of debug info when mapped to memory or zero, if info is not mapped
uint32_t get_rva_of_raw_data() const;
//Returns raw file pointer to raw data
uint32_t get_pointer_to_raw_data() const;
//Returns advanced debug information type
advanced_info_type get_advanced_info_type() const;
//Returns advanced debug information or throws an exception,
//if requested information type is not contained by structure
template<typename AdvancedInfo>
const AdvancedInfo get_advanced_debug_info() const;
public: //These functions do not change everything inside image, they are used by PE class
//Sets advanced debug information
void set_advanced_debug_info(const pdb_7_0_info& info);
void set_advanced_debug_info(const pdb_2_0_info& info);
void set_advanced_debug_info(const misc_debug_info& info);
void set_advanced_debug_info(const coff_debug_info& info);
//Sets advanced debug information type, if no advanced info structure available
void set_advanced_info_type(advanced_info_type type);
private:
uint32_t characteristics_;
uint32_t time_stamp_;
uint32_t major_version_, minor_version_;
uint32_t type_;
uint32_t size_of_data_;
uint32_t address_of_raw_data_; //RVA when mapped or 0
uint32_t pointer_to_raw_data_; //RAW file offset
//Union containing advanced debug information pointer
union advanced_info
{
public:
//Default constructor
advanced_info();
//Returns true if advanced debug info is present
bool is_present() const;
public:
pdb_7_0_info* adv_pdb_7_0_info;
pdb_2_0_info* adv_pdb_2_0_info;
misc_debug_info* adv_misc_info;
coff_debug_info* adv_coff_info;
};
//Helper for advanced debug information copying
void copy_advanced_info(const debug_info& info);
//Helper for clearing any present advanced debug information
void free_present_advanced_info();
advanced_info advanced_debug_info_;
//Advanced information type
advanced_info_type advanced_info_type_;
};
typedef std::vector<debug_info> debug_info_list;
//Returns debug information list
const debug_info_list get_debug_information(const pe_base& pe);
}