#ifndef __INCLUDE_PE_H
#define __INCLUDE_PE_H
+#define _ANONYMOUS_UNION __extension__
+#define _ANONYMOUS_STRUCT __extension__
+#define NTAPI
+
#define ROUND_UP(N, S) ((((N) + (S) - 1) / (S)) * (S))
#define IMAGE_SECTION_CHAR_CODE 0x00000020
#define IMAGE_DOS_MAGIC 0x5a4d
#define IMAGE_PE_MAGIC 0x00004550
+#define IMAGE_DOS_SIGNATURE 0x5a4d
+#define IMAGE_OS2_SIGNATURE 0x454e
+
+#define IMAGE_OS2_SIGNATURE_LE 0x454c
+#define IMAGE_VXD_SIGNATURE 0x454c
#define IMAGE_NT_SIGNATURE 0x00004550
#define IMAGE_SIZEOF_FILE_HEADER 20
-#if 0
#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 // Relocation info stripped from file.
+#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 // File is executable (i.e. no unresolved externel references).
+#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 // Line nunbers stripped from file.
#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 // Local symbols stripped from file.
#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 // Bytes of machine word are reversed.
#define IMAGE_FILE_32BIT_MACHINE 0x0100 // 32 bit word machine.
#define IMAGE_FILE_DLL 0x2000 // File is a DLL.
#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 // File should only be run on a UP machine
#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 // Bytes of machine word are reversed.
-#endif
#define IMAGE_FILE_MACHINE_UNKNOWN 0
+#define IMAGE_FILE_MACHINE_I386 0x14c // Intel 386.
+#define IMAGE_FILE_MACHINE_R3000 0x162 // MIPS little-endian, 0x160 big-endian
+#define IMAGE_FILE_MACHINE_R4000 0x166 // MIPS little-endian
+#define IMAGE_FILE_MACHINE_R10000 0x168 // MIPS little-endian
+#define IMAGE_FILE_MACHINE_ALPHA 0x184 // Alpha_AXP
+#define IMAGE_FILE_MACHINE_POWERPC 0x1F0 // IBM PowerPC Little-Endian
#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
#define IMAGE_SECTION_INITIALIZED_DATA (0x40)
#define IMAGE_SECTION_UNINITIALIZED_DATA (0x80)
+#pragma pack(push,4)
+typedef struct _IMAGE_FILE_HEADER {
+ WORD Machine;
+ WORD NumberOfSections;
+ DWORD TimeDateStamp;
+ DWORD PointerToSymbolTable;
+ DWORD NumberOfSymbols;
+ WORD SizeOfOptionalHeader;
+ WORD Characteristics;
+} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
+typedef struct _IMAGE_DATA_DIRECTORY {
+ DWORD VirtualAddress;
+ DWORD Size;
+} IMAGE_DATA_DIRECTORY,*PIMAGE_DATA_DIRECTORY;
+typedef struct _IMAGE_OPTIONAL_HEADER {
+ WORD Magic;
+ BYTE MajorLinkerVersion;
+ BYTE MinorLinkerVersion;
+ DWORD SizeOfCode;
+ DWORD SizeOfInitializedData;
+ DWORD SizeOfUninitializedData;
+ DWORD AddressOfEntryPoint;
+ DWORD BaseOfCode;
+ DWORD BaseOfData;
+ DWORD ImageBase;
+ DWORD SectionAlignment;
+ DWORD FileAlignment;
+ WORD MajorOperatingSystemVersion;
+ WORD MinorOperatingSystemVersion;
+ WORD MajorImageVersion;
+ WORD MinorImageVersion;
+ WORD MajorSubsystemVersion;
+ WORD MinorSubsystemVersion;
+ DWORD Reserved1;
+ DWORD SizeOfImage;
+ DWORD SizeOfHeaders;
+ DWORD CheckSum;
+ WORD Subsystem;
+ WORD DllCharacteristics;
+ DWORD SizeOfStackReserve;
+ DWORD SizeOfStackCommit;
+ DWORD SizeOfHeapReserve;
+ DWORD SizeOfHeapCommit;
+ DWORD LoaderFlags;
+ DWORD NumberOfRvaAndSizes;
+ IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
+} IMAGE_OPTIONAL_HEADER,*PIMAGE_OPTIONAL_HEADER;
+typedef struct _IMAGE_ROM_OPTIONAL_HEADER {
+ WORD Magic;
+ BYTE MajorLinkerVersion;
+ BYTE MinorLinkerVersion;
+ DWORD SizeOfCode;
+ DWORD SizeOfInitializedData;
+ DWORD SizeOfUninitializedData;
+ DWORD AddressOfEntryPoint;
+ DWORD BaseOfCode;
+ DWORD BaseOfData;
+ DWORD BaseOfBss;
+ DWORD GprMask;
+ DWORD CprMask[4];
+ DWORD GpValue;
+} IMAGE_ROM_OPTIONAL_HEADER,*PIMAGE_ROM_OPTIONAL_HEADER;
+#pragma pack(pop)
+#pragma pack(push,2)
+typedef struct _IMAGE_DOS_HEADER {
+ WORD e_magic;
+ WORD e_cblp;
+ WORD e_cp;
+ WORD e_crlc;
+ WORD e_cparhdr;
+ WORD e_minalloc;
+ WORD e_maxalloc;
+ WORD e_ss;
+ WORD e_sp;
+ WORD e_csum;
+ WORD e_ip;
+ WORD e_cs;
+ WORD e_lfarlc;
+ WORD e_ovno;
+ WORD e_res[4];
+ WORD e_oemid;
+ WORD e_oeminfo;
+ WORD e_res2[10];
+ LONG e_lfanew;
+} IMAGE_DOS_HEADER,*PIMAGE_DOS_HEADER;
+typedef struct _IMAGE_OS2_HEADER {
+ WORD ne_magic;
+ CHAR ne_ver;
+ CHAR ne_rev;
+ WORD ne_enttab;
+ WORD ne_cbenttab;
+ LONG ne_crc;
+ WORD ne_flags;
+ WORD ne_autodata;
+ WORD ne_heap;
+ WORD ne_stack;
+ LONG ne_csip;
+ LONG ne_sssp;
+ WORD ne_cseg;
+ WORD ne_cmod;
+ WORD ne_cbnrestab;
+ WORD ne_segtab;
+ WORD ne_rsrctab;
+ WORD ne_restab;
+ WORD ne_modtab;
+ WORD ne_imptab;
+ LONG ne_nrestab;
+ WORD ne_cmovent;
+ WORD ne_align;
+ WORD ne_cres;
+ BYTE ne_exetyp;
+ BYTE ne_flagsothers;
+ WORD ne_pretthunks;
+ WORD ne_psegrefbytes;
+ WORD ne_swaparea;
+ WORD ne_expver;
+} IMAGE_OS2_HEADER,*PIMAGE_OS2_HEADER;
+#pragma pack(pop)
+#pragma pack(push,4)
+typedef struct _IMAGE_NT_HEADERS {
+ DWORD Signature;
+ IMAGE_FILE_HEADER FileHeader;
+ IMAGE_OPTIONAL_HEADER OptionalHeader;
+} IMAGE_NT_HEADERS,*PIMAGE_NT_HEADERS;
+typedef struct _IMAGE_ROM_HEADERS {
+ IMAGE_FILE_HEADER FileHeader;
+ IMAGE_ROM_OPTIONAL_HEADER OptionalHeader;
+} IMAGE_ROM_HEADERS,*PIMAGE_ROM_HEADERS;
+typedef struct _IMAGE_SECTION_HEADER {
+ BYTE Name[IMAGE_SIZEOF_SHORT_NAME];
+ union {
+ DWORD PhysicalAddress;
+ DWORD VirtualSize;
+ } Misc;
+ DWORD VirtualAddress;
+ DWORD SizeOfRawData;
+ DWORD PointerToRawData;
+ DWORD PointerToRelocations;
+ DWORD PointerToLinenumbers;
+ WORD NumberOfRelocations;
+ WORD NumberOfLinenumbers;
+ DWORD Characteristics;
+} IMAGE_SECTION_HEADER,*PIMAGE_SECTION_HEADER;
+#pragma pack(pop)
+#pragma pack(push,2)
+typedef struct _IMAGE_SYMBOL {
+ union {
+ BYTE ShortName[8];
+ struct {
+ DWORD Short;
+ DWORD Long;
+ } Name;
+ PBYTE LongName[2];
+ } N;
+ DWORD Value;
+ SHORT SectionNumber;
+ WORD Type;
+ BYTE StorageClass;
+ BYTE NumberOfAuxSymbols;
+} IMAGE_SYMBOL,*PIMAGE_SYMBOL;
+typedef union _IMAGE_AUX_SYMBOL {
+ struct {
+ DWORD TagIndex;
+ union {
+ struct {
+ WORD Linenumber;
+ WORD Size;
+ } LnSz;
+ DWORD TotalSize;
+ } Misc;
+ union {
+ struct {
+ DWORD PointerToLinenumber;
+ DWORD PointerToNextFunction;
+ } Function;
+ struct {
+ WORD Dimension[4];
+ } Array;
+ } FcnAry;
+ WORD TvIndex;
+ } Sym;
+ struct {
+ BYTE Name[IMAGE_SIZEOF_SYMBOL];
+ } File;
+ struct {
+ DWORD Length;
+ WORD NumberOfRelocations;
+ WORD NumberOfLinenumbers;
+ DWORD CheckSum;
+ SHORT Number;
+ BYTE Selection;
+ } Section;
+} IMAGE_AUX_SYMBOL,*PIMAGE_AUX_SYMBOL;
+typedef struct _IMAGE_COFF_SYMBOLS_HEADER {
+ DWORD NumberOfSymbols;
+ DWORD LvaToFirstSymbol;
+ DWORD NumberOfLinenumbers;
+ DWORD LvaToFirstLinenumber;
+ DWORD RvaToFirstByteOfCode;
+ DWORD RvaToLastByteOfCode;
+ DWORD RvaToFirstByteOfData;
+ DWORD RvaToLastByteOfData;
+} IMAGE_COFF_SYMBOLS_HEADER,*PIMAGE_COFF_SYMBOLS_HEADER;
+typedef struct _IMAGE_RELOCATION {
+ _ANONYMOUS_UNION union {
+ DWORD VirtualAddress;
+ DWORD RelocCount;
+ } DUMMYUNIONNAME;
+ DWORD SymbolTableIndex;
+ WORD Type;
+} IMAGE_RELOCATION,*PIMAGE_RELOCATION;
+#pragma pack(pop)
+#pragma pack(push,4)
+typedef struct _IMAGE_BASE_RELOCATION {
+ DWORD VirtualAddress;
+ DWORD SizeOfBlock;
+} IMAGE_BASE_RELOCATION,*PIMAGE_BASE_RELOCATION;
+#pragma pack(pop)
+#pragma pack(push,2)
+typedef struct _IMAGE_LINENUMBER {
+ union {
+ DWORD SymbolTableIndex;
+ DWORD VirtualAddress;
+ } Type;
+ WORD Linenumber;
+} IMAGE_LINENUMBER,*PIMAGE_LINENUMBER;
+#pragma pack(pop)
+#pragma pack(push,4)
+typedef struct _IMAGE_ARCHIVE_MEMBER_HEADER {
+ BYTE Name[16];
+ BYTE Date[12];
+ BYTE UserID[6];
+ BYTE GroupID[6];
+ BYTE Mode[8];
+ BYTE Size[10];
+ BYTE EndHeader[2];
+} IMAGE_ARCHIVE_MEMBER_HEADER,*PIMAGE_ARCHIVE_MEMBER_HEADER;
+typedef struct _IMAGE_EXPORT_DIRECTORY {
+ DWORD Characteristics;
+ DWORD TimeDateStamp;
+ WORD MajorVersion;
+ WORD MinorVersion;
+ DWORD Name;
+ DWORD Base;
+ DWORD NumberOfFunctions;
+ DWORD NumberOfNames;
+ PDWORD *AddressOfFunctions;
+ PDWORD *AddressOfNames;
+ PWORD *AddressOfNameOrdinals;
+} IMAGE_EXPORT_DIRECTORY,*PIMAGE_EXPORT_DIRECTORY;
+typedef struct _IMAGE_IMPORT_BY_NAME {
+ WORD Hint;
+ BYTE Name[1];
+} IMAGE_IMPORT_BY_NAME,*PIMAGE_IMPORT_BY_NAME;
+typedef struct _IMAGE_THUNK_DATA {
+ union {
+ PBYTE ForwarderString;
+ PDWORD Function;
+ DWORD Ordinal;
+ PIMAGE_IMPORT_BY_NAME AddressOfData;
+ } u1;
+} IMAGE_THUNK_DATA,*PIMAGE_THUNK_DATA;
+typedef struct _IMAGE_IMPORT_DESCRIPTOR {
+ _ANONYMOUS_UNION union {
+ DWORD Characteristics;
+ PIMAGE_THUNK_DATA OriginalFirstThunk;
+ } DUMMYUNIONNAME;
+ DWORD TimeDateStamp;
+ DWORD ForwarderChain;
+ DWORD Name;
+ PIMAGE_THUNK_DATA FirstThunk;
+} IMAGE_IMPORT_DESCRIPTOR,*PIMAGE_IMPORT_DESCRIPTOR;
+typedef struct _IMAGE_BOUND_IMPORT_DESCRIPTOR {
+ DWORD TimeDateStamp;
+ WORD OffsetModuleName;
+ WORD NumberOfModuleForwarderRefs;
+} IMAGE_BOUND_IMPORT_DESCRIPTOR,*PIMAGE_BOUND_IMPORT_DESCRIPTOR;
+typedef struct _IMAGE_BOUND_FORWARDER_REF {
+ DWORD TimeDateStamp;
+ WORD OffsetModuleName;
+ WORD Reserved;
+} IMAGE_BOUND_FORWARDER_REF,*PIMAGE_BOUND_FORWARDER_REF;
+typedef void(NTAPI *PIMAGE_TLS_CALLBACK)(PVOID,DWORD,PVOID);
+typedef struct _IMAGE_TLS_DIRECTORY {
+ DWORD StartAddressOfRawData;
+ DWORD EndAddressOfRawData;
+ PDWORD AddressOfIndex;
+ PIMAGE_TLS_CALLBACK *AddressOfCallBacks;
+ DWORD SizeOfZeroFill;
+ DWORD Characteristics;
+} IMAGE_TLS_DIRECTORY,*PIMAGE_TLS_DIRECTORY;
+typedef struct _IMAGE_RESOURCE_DIRECTORY {
+ DWORD Characteristics;
+ DWORD TimeDateStamp;
+ WORD MajorVersion;
+ WORD MinorVersion;
+ WORD NumberOfNamedEntries;
+ WORD NumberOfIdEntries;
+} IMAGE_RESOURCE_DIRECTORY,*PIMAGE_RESOURCE_DIRECTORY;
+/*_ANONYMOUS_STRUCT typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY {
+ _ANONYMOUS_UNION union {
+ _ANONYMOUS_STRUCT struct {
+ DWORD NameOffset:31;
+ DWORD NameIsString:1;
+ }DUMMYSTRUCTNAME;
+ DWORD Name;
+ WORD Id;
+ } DUMMYUNIONNAME;
+ _ANONYMOUS_UNION union {
+ DWORD OffsetToData;
+ _ANONYMOUS_STRUCT struct {
+ DWORD OffsetToDirectory:31;
+ DWORD DataIsDirectory:1;
+ } DUMMYSTRUCTNAME2;
+ } DUMMYUNIONNAME2;
+} IMAGE_RESOURCE_DIRECTORY_ENTRY,*PIMAGE_RESOURCE_DIRECTORY_ENTRY;
+*/
+typedef struct _IMAGE_RESOURCE_DIRECTORY_STRING {
+ WORD Length;
+ CHAR NameString[1];
+} IMAGE_RESOURCE_DIRECTORY_STRING,*PIMAGE_RESOURCE_DIRECTORY_STRING;
+typedef struct _IMAGE_RESOURCE_DIR_STRING_U {
+ WORD Length;
+ WCHAR NameString[1];
+} IMAGE_RESOURCE_DIR_STRING_U,*PIMAGE_RESOURCE_DIR_STRING_U;
+typedef struct _IMAGE_RESOURCE_DATA_ENTRY {
+ DWORD OffsetToData;
+ DWORD Size;
+ DWORD CodePage;
+ DWORD Reserved;
+} IMAGE_RESOURCE_DATA_ENTRY,*PIMAGE_RESOURCE_DATA_ENTRY;
+typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY {
+ DWORD Characteristics;
+ DWORD TimeDateStamp;
+ WORD MajorVersion;
+ WORD MinorVersion;
+ DWORD GlobalFlagsClear;
+ DWORD GlobalFlagsSet;
+ DWORD CriticalSectionDefaultTimeout;
+ DWORD DeCommitFreeBlockThreshold;
+ DWORD DeCommitTotalFreeThreshold;
+ PVOID LockPrefixTable;
+ DWORD MaximumAllocationSize;
+ DWORD VirtualMemoryThreshold;
+ DWORD ProcessHeapFlags;
+ DWORD Reserved[4];
+} IMAGE_LOAD_CONFIG_DIRECTORY,*PIMAGE_LOAD_CONFIG_DIRECTORY;
+typedef struct _IMAGE_RUNTIME_FUNCTION_ENTRY {
+ DWORD BeginAddress;
+ DWORD EndAddress;
+ PVOID ExceptionHandler;
+ PVOID HandlerData;
+ DWORD PrologEndAddress;
+} IMAGE_RUNTIME_FUNCTION_ENTRY,*PIMAGE_RUNTIME_FUNCTION_ENTRY;
+typedef struct _IMAGE_DEBUG_DIRECTORY {
+ DWORD Characteristics;
+ DWORD TimeDateStamp;
+ WORD MajorVersion;
+ WORD MinorVersion;
+ DWORD Type;
+ DWORD SizeOfData;
+ DWORD AddressOfRawData;
+ DWORD PointerToRawData;
+} IMAGE_DEBUG_DIRECTORY,*PIMAGE_DEBUG_DIRECTORY;
+typedef struct _FPO_DATA {
+ DWORD ulOffStart;
+ DWORD cbProcSize;
+ DWORD cdwLocals;
+ WORD cdwParams;
+ WORD cbProlog:8;
+ WORD cbRegs:3;
+ WORD fHasSEH:1;
+ WORD fUseBP:1;
+ WORD reserved:1;
+ WORD cbFrame:2;
+} FPO_DATA,*PFPO_DATA;
+typedef struct _IMAGE_DEBUG_MISC {
+ DWORD DataType;
+ DWORD Length;
+ BOOLEAN Unicode;
+ BYTE Reserved[3];
+ BYTE Data[1];
+} IMAGE_DEBUG_MISC,*PIMAGE_DEBUG_MISC;
+typedef struct _IMAGE_FUNCTION_ENTRY {
+ DWORD StartingAddress;
+ DWORD EndingAddress;
+ DWORD EndOfPrologue;
+} IMAGE_FUNCTION_ENTRY,*PIMAGE_FUNCTION_ENTRY;
+typedef struct _IMAGE_SEPARATE_DEBUG_HEADER {
+ WORD Signature;
+ WORD Flags;
+ WORD Machine;
+ WORD Characteristics;
+ DWORD TimeDateStamp;
+ DWORD CheckSum;
+ DWORD ImageBase;
+ DWORD SizeOfImage;
+ DWORD NumberOfSections;
+ DWORD ExportedNamesSize;
+ DWORD DebugDirectorySize;
+ DWORD Reserved[3];
+} IMAGE_SEPARATE_DEBUG_HEADER,*PIMAGE_SEPARATE_DEBUG_HEADER;
+#pragma pack(pop)
+
//
// Import Format
//
#define IMAGE_ORDINAL_FLAG 0x80000000
+#define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
// Predefined resource types ... there may be some more, but I don't have
// set to indicate this. Otherwise the high bit is clear and the offset
// field points to a resource data entry.
//
+typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY {
+ DWORD Name;
+ DWORD OffsetToData;
+} IMAGE_RESOURCE_DIRECTORY_ENTRY, *PIMAGE_RESOURCE_DIRECTORY_ENTRY;
/*
typedef struct _IMAGE_RESOURCE_DIRECTORY {
DWORD Characteristics;
projects / reactos.git / blobdiff