LIEF: Library to Instrument Executable Formats Version 0.16.0
Loading...
Searching...
No Matches
OptionalHeader.hpp
Go to the documentation of this file.
1/* Copyright 2017 - 2024 R. Thomas
2 * Copyright 2017 - 2024 Quarkslab
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#ifndef LIEF_PE_OPTIONAL_HEADER_H
17#define LIEF_PE_OPTIONAL_HEADER_H
18#include <ostream>
19#include <vector>
20#include <cstdint>
21
22#include "LIEF/Object.hpp"
23#include "LIEF/visibility.h"
24
25#include "LIEF/enums.hpp"
26#include "LIEF/PE/enums.hpp"
27
28namespace LIEF {
29namespace PE {
30class Parser;
31class Binary;
32
33namespace details {
34struct pe32_optional_header;
35struct pe64_optional_header;
36}
37class LIEF_API OptionalHeader : public Object {
43 friend class Parser;
44 friend class Binary;
45 public:
46
47 enum class DLL_CHARACTERISTICS: size_t {
48 HIGH_ENTROPY_VA = 0x0020,
49 DYNAMIC_BASE = 0x0040,
50 FORCE_INTEGRITY = 0x0080,
51 NX_COMPAT = 0x0100,
52 NO_ISOLATION = 0x0200,
53 NO_SEH = 0x0400,
54 NO_BIND = 0x0800,
55 APPCONTAINER = 0x1000,
56 WDM_DRIVER = 0x2000,
57 GUARD_CF = 0x4000,
58 TERMINAL_SERVER_AWARE = 0x8000
59 };
60
61 enum class SUBSYSTEM: size_t {
62 UNKNOWN = 0,
63 NATIVE = 1,
64 WINDOWS_GUI = 2,
65 WINDOWS_CUI = 3,
66 OS2_CUI = 5,
67 POSIX_CUI = 7,
68 NATIVE_WINDOWS = 8,
69 WINDOWS_CE_GUI = 9,
70 EFI_APPLICATION = 10,
71 EFI_BOOT_SERVICE_DRIVER = 11,
72 EFI_RUNTIME_DRIVER = 12,
73 EFI_ROM = 13,
74 XBOX = 14,
75 WINDOWS_BOOT_APPLICATION = 16
76 };
77
78 OptionalHeader(const details::pe32_optional_header& header);
79 OptionalHeader(const details::pe64_optional_header& header);
80 ~OptionalHeader() override = default;
81
82 OptionalHeader& operator=(const OptionalHeader&) = default;
83 OptionalHeader(const OptionalHeader&) = default;
84
85 static OptionalHeader create(PE_TYPE type);
86 PE_TYPE magic() const {
89 return magic_;
90 }
91 uint8_t major_linker_version() const {
94 return major_linker_version_;
95 }
96 uint8_t minor_linker_version() const {
99 return minor_linker_version_;
100 }
101 uint32_t sizeof_code() const {
105 return sizeof_code_;
106 }
107 uint32_t sizeof_initialized_data() const {
114 return sizeof_initialized_data_;
115 }
116 uint32_t sizeof_uninitialized_data() const {
123 return sizeof_uninitialized_data_;
124 }
125 uint32_t addressof_entrypoint() const {
132 return entrypoint_;
133 }
134 uint32_t baseof_code() const {
137 return baseof_code_;
138 }
139 uint32_t baseof_data() const {
144 return baseof_data_;
145 }
146 uint64_t imagebase() const {
149 return imagebase_;
150 }
151 uint32_t section_alignment() const {
157 return section_align_;
158 }
159 uint32_t file_alignment() const {
163 return file_align_;
164 }
165 uint16_t major_operating_system_version() const {
168 return major_os_version_;
169 }
170 uint16_t minor_operating_system_version() const {
173 return minor_os_version_;
174 }
175 uint16_t major_image_version() const {
178 return major_image_version_;
179 }
180 uint16_t minor_image_version() const {
183 return minor_image_version_;
184 }
185 uint16_t major_subsystem_version() const {
188 return major_subsys_version_;
189 }
190 uint16_t minor_subsystem_version() const {
193 return minor_subsys_version_;
194 }
195 uint32_t win32_version_value() const {
199 return win32_version_value_;
200 }
201 uint32_t sizeof_image() const {
206 return sizeof_image_;
207 }
208 uint32_t sizeof_headers() const {
211 return sizeof_headers_;
212 }
213 uint32_t checksum() const {
219 return checksum_;
220 }
221 SUBSYSTEM subsystem() const {
224 return subsystem_;
225 }
226 uint32_t dll_characteristics() const {
231 return dll_characteristics_;
232 }
233 uint64_t sizeof_stack_reserve() const {
239 return sizeof_stack_reserve_;
240 }
241 uint64_t sizeof_stack_commit() const {
244 return sizeof_stack_commit_;
245 }
246 uint64_t sizeof_heap_reserve() const {
249 return sizeof_heap_reserve_;
250 }
251 uint64_t sizeof_heap_commit() const {
254 return sizeof_heap_commit_;
255 }
256 uint32_t loader_flags() const {
259 return loader_flags_;
260 }
261 uint32_t numberof_rva_and_size() const {
264 return nb_rva_size_;
265 }
266 bool has(DLL_CHARACTERISTICS c) const {
269 return (dll_characteristics() & static_cast<uint32_t>(c)) != 0;
270 }
271 std::vector<DLL_CHARACTERISTICS> dll_characteristics_list() const;
274 void add(DLL_CHARACTERISTICS c) {
277 dll_characteristics(dll_characteristics() | static_cast<uint32_t>(c));
278 }
279 void remove(DLL_CHARACTERISTICS c) {
282 dll_characteristics(dll_characteristics() & (~ static_cast<uint32_t>(c)));
283 }
284
285 void magic(PE_TYPE magic) {
286 magic_ = magic;
287 }
288
289 void major_linker_version(uint8_t value) {
290 major_linker_version_ = value;
291 }
292
293 void minor_linker_version(uint8_t value) {
294 minor_linker_version_ = value;
295 }
296
297 void sizeof_code(uint32_t value) {
298 sizeof_code_ = value;
299 }
300
301 void sizeof_initialized_data(uint32_t value) {
302 sizeof_initialized_data_ = value;
303 }
304
305 void sizeof_uninitialized_data(uint32_t value) {
306 sizeof_uninitialized_data_ = value;
307 }
308
309 void addressof_entrypoint(uint32_t value) {
310 entrypoint_ = value;
311 }
312
313 void baseof_code(uint32_t value) {
314 baseof_code_ = value;
315 }
316
317 void baseof_data(uint32_t value) {
318 baseof_data_ = value;
319 }
320
321 void imagebase(uint64_t value) {
322 imagebase_ = value;
323 }
324
325 void section_alignment(uint32_t value) {
326 section_align_ = value;
327 }
328
329 void file_alignment(uint32_t value) {
330 file_align_ = value;
331 }
332
333 void major_operating_system_version(uint16_t value) {
334 major_os_version_ = value;
335 }
336
337 void minor_operating_system_version(uint16_t value) {
338 minor_os_version_ = value;
339 }
340
341 void major_image_version(uint16_t value) {
342 major_image_version_ = value;
343 }
344
345 void minor_image_version(uint16_t value) {
346 minor_image_version_ = value;
347 }
348
349 void major_subsystem_version(uint16_t value) {
350 major_subsys_version_ = value;
351 }
352
353 void minor_subsystem_version(uint16_t value) {
354 minor_subsys_version_ = value;
355 }
356
357 void win32_version_value(uint32_t value) {
358 win32_version_value_ = value;
359 }
360
361 void sizeof_image(uint32_t value) {
362 sizeof_image_ = value;
363 }
364
365 void sizeof_headers(uint32_t value) {
366 sizeof_headers_ = value;
367 }
368
369 void checksum(uint32_t value) {
370 checksum_ = value;
371 }
372
373 void subsystem(SUBSYSTEM value) {
374 subsystem_ = value;
375 }
376
377 void dll_characteristics(uint32_t value) {
378 dll_characteristics_ = value;
379 }
380
381 void sizeof_stack_reserve(uint64_t value) {
382 sizeof_stack_reserve_ = value;
383 }
384
385 void sizeof_stack_commit(uint64_t value) {
386 sizeof_stack_commit_ = value;
387 }
388
389 void sizeof_heap_reserve(uint64_t value) {
390 sizeof_heap_reserve_ = value;
391 }
392
393 void sizeof_heap_commit(uint64_t value) {
394 sizeof_heap_commit_ = value;
395 }
396
397 void loader_flags(uint32_t value) {
398 loader_flags_ = value;
399 }
400
401 void numberof_rva_and_size(uint32_t value) {
402 nb_rva_size_ = value;
403 }
404
405 void accept(Visitor& visitor) const override;
406
407 OptionalHeader& operator+=(DLL_CHARACTERISTICS c) {
408 add(c);
409 return *this;
410 }
411 OptionalHeader& operator-=(DLL_CHARACTERISTICS c) {
412 remove(c);
413 return *this;
414 }
415
416 LIEF_API friend std::ostream& operator<<(std::ostream& os, const OptionalHeader& entry);
417
418 private:
419 OptionalHeader() = default;
420
421 PE_TYPE magic_ = PE_TYPE::PE32;
422 uint8_t major_linker_version_ = 0;
423 uint8_t minor_linker_version_ = 0;
424 uint32_t sizeof_code_ = 0;
425 uint32_t sizeof_initialized_data_ = 0;
426 uint32_t sizeof_uninitialized_data_ = 0;
427 uint32_t entrypoint_ = 0;
428 uint32_t baseof_code_ = 0;
429 uint32_t baseof_data_ = 0;
430 uint64_t imagebase_ = 0;
431 uint32_t section_align_ = 0;
432 uint32_t file_align_ = 0;
433 uint16_t major_os_version_ = 0;
434 uint16_t minor_os_version_ = 0;
435 uint16_t major_image_version_ = 0;
436 uint16_t minor_image_version_ = 0;
437 uint16_t major_subsys_version_ = 0;
438 uint16_t minor_subsys_version_ = 0;
439 uint32_t win32_version_value_ = 0;
440 uint32_t sizeof_image_ = 0;
441 uint32_t sizeof_headers_ = 0;
442 uint32_t checksum_ = 0;
443 SUBSYSTEM subsystem_ = SUBSYSTEM::UNKNOWN;
444 uint32_t dll_characteristics_ = 0;
445 uint64_t sizeof_stack_reserve_ = 0;
446 uint64_t sizeof_stack_commit_ = 0;
447 uint64_t sizeof_heap_reserve_ = 0;
448 uint64_t sizeof_heap_commit_ = 0;
449 uint32_t loader_flags_ = 0;
450 uint32_t nb_rva_size_ = 0;
451};
452
453LIEF_API const char* to_string(OptionalHeader::DLL_CHARACTERISTICS);
454LIEF_API const char* to_string(OptionalHeader::SUBSYSTEM);
455
456}
457}
458
459ENABLE_BITMASK_OPERATORS(LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS);
460
461#endif
Object.hpp
enums.hpp
LIEF::PE::Binary
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:52
LIEF::PE::OptionalHeader
Class which represents the PE OptionalHeader structure.
Definition OptionalHeader.hpp:42
LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS
DLL_CHARACTERISTICS
Definition OptionalHeader.hpp:47
LIEF::PE::OptionalHeader::major_image_version
uint16_t major_image_version() const
The major version number of the image.
Definition OptionalHeader.hpp:177
LIEF::PE::OptionalHeader::baseof_data
void baseof_data(uint32_t value)
Definition OptionalHeader.hpp:317
LIEF::PE::OptionalHeader::minor_subsystem_version
uint16_t minor_subsystem_version() const
The minor version number of the subsystem.
Definition OptionalHeader.hpp:192
LIEF::PE::OptionalHeader::sizeof_code
void sizeof_code(uint32_t value)
Definition OptionalHeader.hpp:297
LIEF::PE::OptionalHeader::SUBSYSTEM
SUBSYSTEM
Definition OptionalHeader.hpp:61
LIEF::PE::OptionalHeader::numberof_rva_and_size
uint32_t numberof_rva_and_size() const
The number of DataDirectory that follow this header.
Definition OptionalHeader.hpp:263
LIEF::PE::OptionalHeader::operator<<
friend std::ostream & operator<<(std::ostream &os, const OptionalHeader &entry)
LIEF::PE::OptionalHeader::sizeof_uninitialized_data
uint32_t sizeof_uninitialized_data() const
The size of the uninitialized data which are usually located in the .bss section. If the uninitialize...
Definition OptionalHeader.hpp:122
LIEF::PE::OptionalHeader::win32_version_value
void win32_version_value(uint32_t value)
Definition OptionalHeader.hpp:357
LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const details::pe64_optional_header &header)
LIEF::PE::OptionalHeader::dll_characteristics_list
std::vector< DLL_CHARACTERISTICS > dll_characteristics_list() const
Return the list of the dll_characteristics as an std::set of DLL_CHARACTERISTICS.
LIEF::PE::OptionalHeader::sizeof_stack_commit
uint64_t sizeof_stack_commit() const
Size of the stack to commit.
Definition OptionalHeader.hpp:243
LIEF::PE::OptionalHeader::major_subsystem_version
void major_subsystem_version(uint16_t value)
Definition OptionalHeader.hpp:349
LIEF::PE::OptionalHeader::major_operating_system_version
void major_operating_system_version(uint16_t value)
Definition OptionalHeader.hpp:333
LIEF::PE::OptionalHeader::operator=
OptionalHeader & operator=(const OptionalHeader &)=default
LIEF::PE::OptionalHeader::dll_characteristics
void dll_characteristics(uint32_t value)
Definition OptionalHeader.hpp:377
LIEF::PE::OptionalHeader::has
bool has(DLL_CHARACTERISTICS c) const
Check if the given DLL_CHARACTERISTICS is included in the dll_characteristics.
Definition OptionalHeader.hpp:268
LIEF::PE::OptionalHeader::sizeof_initialized_data
void sizeof_initialized_data(uint32_t value)
Definition OptionalHeader.hpp:301
LIEF::PE::OptionalHeader::addressof_entrypoint
void addressof_entrypoint(uint32_t value)
Definition OptionalHeader.hpp:309
LIEF::PE::OptionalHeader::magic
void magic(PE_TYPE magic)
Definition OptionalHeader.hpp:285
LIEF::PE::OptionalHeader::minor_linker_version
uint8_t minor_linker_version() const
The linker minor version.
Definition OptionalHeader.hpp:98
LIEF::PE::OptionalHeader::major_linker_version
uint8_t major_linker_version() const
The linker major version.
Definition OptionalHeader.hpp:93
LIEF::PE::OptionalHeader::sizeof_headers
uint32_t sizeof_headers() const
Size of the DosHeader + PE Header + Section headers rounded up to a multiple of the file_alignment.
Definition OptionalHeader.hpp:210
LIEF::PE::OptionalHeader::remove
void remove(DLL_CHARACTERISTICS c)
Remove a DLL_CHARACTERISTICS from the current characteristics.
Definition OptionalHeader.hpp:281
LIEF::PE::OptionalHeader::major_operating_system_version
uint16_t major_operating_system_version() const
The major version number of the required operating system.
Definition OptionalHeader.hpp:167
LIEF::PE::OptionalHeader::~OptionalHeader
~OptionalHeader() override=default
LIEF::PE::OptionalHeader::minor_linker_version
void minor_linker_version(uint8_t value)
Definition OptionalHeader.hpp:293
LIEF::PE::OptionalHeader::sizeof_image
void sizeof_image(uint32_t value)
Definition OptionalHeader.hpp:361
LIEF::PE::OptionalHeader::minor_operating_system_version
void minor_operating_system_version(uint16_t value)
Definition OptionalHeader.hpp:337
LIEF::PE::OptionalHeader::win32_version_value
uint32_t win32_version_value() const
According to the official PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:198
LIEF::PE::OptionalHeader::loader_flags
void loader_flags(uint32_t value)
Definition OptionalHeader.hpp:397
LIEF::PE::OptionalHeader::sizeof_headers
void sizeof_headers(uint32_t value)
Definition OptionalHeader.hpp:365
LIEF::PE::OptionalHeader::sizeof_heap_commit
uint64_t sizeof_heap_commit() const
Size of the heap to commit.
Definition OptionalHeader.hpp:253
LIEF::PE::OptionalHeader::sizeof_image
uint32_t sizeof_image() const
The size (in bytes) of the image, including all headers, as the image is loaded in memory.
Definition OptionalHeader.hpp:205
LIEF::PE::OptionalHeader::imagebase
uint64_t imagebase() const
The preferred base address when mapping the binary in memory.
Definition OptionalHeader.hpp:148
LIEF::PE::OptionalHeader::baseof_data
uint32_t baseof_data() const
Address relative to the imagebase where the binary's data starts.
Definition OptionalHeader.hpp:143
LIEF::PE::OptionalHeader::imagebase
void imagebase(uint64_t value)
Definition OptionalHeader.hpp:321
LIEF::PE::OptionalHeader::section_alignment
uint32_t section_alignment() const
The alignment (in bytes) of sections when they are loaded into memory.
Definition OptionalHeader.hpp:156
LIEF::PE::OptionalHeader::sizeof_code
uint32_t sizeof_code() const
The size of the code .text section or the sum of all the sections that contain code (i....
Definition OptionalHeader.hpp:104
LIEF::PE::OptionalHeader::minor_operating_system_version
uint16_t minor_operating_system_version() const
The minor version number of the required operating system.
Definition OptionalHeader.hpp:172
LIEF::PE::OptionalHeader::major_subsystem_version
uint16_t major_subsystem_version() const
The major version number of the subsystem.
Definition OptionalHeader.hpp:187
LIEF::PE::OptionalHeader::subsystem
void subsystem(SUBSYSTEM value)
Definition OptionalHeader.hpp:373
LIEF::PE::OptionalHeader::loader_flags
uint32_t loader_flags() const
According to the PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:258
LIEF::PE::OptionalHeader::subsystem
SUBSYSTEM subsystem() const
Target subsystem like Driver, XBox, Windows GUI, ...
Definition OptionalHeader.hpp:223
LIEF::PE::OptionalHeader::section_alignment
void section_alignment(uint32_t value)
Definition OptionalHeader.hpp:325
LIEF::PE::OptionalHeader::file_alignment
uint32_t file_alignment() const
The section's file alignment. This value must be a power of 2 between 512 and 64K....
Definition OptionalHeader.hpp:162
LIEF::PE::OptionalHeader::sizeof_stack_reserve
void sizeof_stack_reserve(uint64_t value)
Definition OptionalHeader.hpp:381
LIEF::PE::OptionalHeader::baseof_code
void baseof_code(uint32_t value)
Definition OptionalHeader.hpp:313
LIEF::PE::OptionalHeader::file_alignment
void file_alignment(uint32_t value)
Definition OptionalHeader.hpp:329
LIEF::PE::OptionalHeader::operator+=
OptionalHeader & operator+=(DLL_CHARACTERISTICS c)
Definition OptionalHeader.hpp:407
LIEF::PE::OptionalHeader::accept
void accept(Visitor &visitor) const override
LIEF::PE::OptionalHeader::create
static OptionalHeader create(PE_TYPE type)
LIEF::PE::OptionalHeader::baseof_code
uint32_t baseof_code() const
Address relative to the imagebase where the binary's code starts.
Definition OptionalHeader.hpp:136
LIEF::PE::OptionalHeader::sizeof_stack_reserve
uint64_t sizeof_stack_reserve() const
Size of the stack to reserve when loading the PE binary.
Definition OptionalHeader.hpp:238
LIEF::PE::OptionalHeader::sizeof_initialized_data
uint32_t sizeof_initialized_data() const
The size of the initialized data which are usually located in the .data section. If the initialized d...
Definition OptionalHeader.hpp:113
LIEF::PE::OptionalHeader::dll_characteristics
uint32_t dll_characteristics() const
Some characteristics of the underlying binary like the support of the PIE. The prefix dll comes from ...
Definition OptionalHeader.hpp:230
LIEF::PE::OptionalHeader::checksum
uint32_t checksum() const
The image file checksum. The algorithm for computing the checksum is incorporated into IMAGHELP....
Definition OptionalHeader.hpp:218
LIEF::PE::OptionalHeader::major_image_version
void major_image_version(uint16_t value)
Definition OptionalHeader.hpp:341
LIEF::PE::OptionalHeader::sizeof_uninitialized_data
void sizeof_uninitialized_data(uint32_t value)
Definition OptionalHeader.hpp:305
LIEF::PE::OptionalHeader::operator-=
OptionalHeader & operator-=(DLL_CHARACTERISTICS c)
Definition OptionalHeader.hpp:411
LIEF::PE::OptionalHeader::minor_image_version
void minor_image_version(uint16_t value)
Definition OptionalHeader.hpp:345
LIEF::PE::OptionalHeader::minor_image_version
uint16_t minor_image_version() const
The minor version number of the image.
Definition OptionalHeader.hpp:182
LIEF::PE::OptionalHeader::major_linker_version
void major_linker_version(uint8_t value)
Definition OptionalHeader.hpp:289
LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const OptionalHeader &)=default
LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const details::pe32_optional_header &header)
LIEF::PE::OptionalHeader::addressof_entrypoint
uint32_t addressof_entrypoint() const
The address of the entry point relative to the image base when the executable file is loaded into mem...
Definition OptionalHeader.hpp:131
LIEF::PE::OptionalHeader::minor_subsystem_version
void minor_subsystem_version(uint16_t value)
Definition OptionalHeader.hpp:353
LIEF::PE::OptionalHeader::add
void add(DLL_CHARACTERISTICS c)
Add a DLL_CHARACTERISTICS to the current characteristics.
Definition OptionalHeader.hpp:276
LIEF::PE::OptionalHeader::checksum
void checksum(uint32_t value)
Definition OptionalHeader.hpp:369
LIEF::PE::OptionalHeader::numberof_rva_and_size
void numberof_rva_and_size(uint32_t value)
Definition OptionalHeader.hpp:401
LIEF::PE::OptionalHeader::sizeof_stack_commit
void sizeof_stack_commit(uint64_t value)
Definition OptionalHeader.hpp:385
LIEF::PE::OptionalHeader::sizeof_heap_reserve
uint64_t sizeof_heap_reserve() const
Size of the heap to reserve when loading the PE binary.
Definition OptionalHeader.hpp:248
LIEF::PE::OptionalHeader::magic
PE_TYPE magic() const
Magic bytes: either PE32 or PE32+ for 64-bits PE files.
Definition OptionalHeader.hpp:88
LIEF::PE::OptionalHeader::sizeof_heap_reserve
void sizeof_heap_reserve(uint64_t value)
Definition OptionalHeader.hpp:389
LIEF::PE::OptionalHeader::sizeof_heap_commit
void sizeof_heap_commit(uint64_t value)
Definition OptionalHeader.hpp:393
LIEF::PE::Parser
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47
enums.hpp
ENABLE_BITMASK_OPERATORS
#define ENABLE_BITMASK_OPERATORS(X)
Definition enums.hpp:24
LIEF::PE::details
Definition CodeIntegrity.hpp:26
LIEF::PE
Namespace related to the LIEF's PE module.
Definition Abstract/Header.hpp:32
LIEF::PE::to_string
const char * to_string(DataDirectory::TYPES e)
LIEF::PE::PE_TYPE
PE_TYPE
Definition PE/enums.hpp:680
LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:36
visibility.h
LIEF_API
#define LIEF_API
Definition visibility.h:41
Generated by doxygen 1.13.0