latest/doxygen/OptionalHeader_8hpp_source.html

/* Copyright 2017 - 2026 R. Thomas

 * Copyright 2017 - 2026 Quarkslab

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef LIEF_PE_OPTIONAL_HEADER_H

#define LIEF_PE_OPTIONAL_HEADER_H

#include <ostream>

#include <vector>

#include <cstdint>


#include "LIEF/Object.hpp"

#include "LIEF/visibility.h"


#include "LIEF/enums.hpp"

#include "LIEF/PE/enums.hpp"


namespace LIEF {

namespace PE {

class Parser;

class Binary;


namespace details {

struct pe32_optional_header;

struct pe64_optional_header;

}


class LIEF_API OptionalHeader : public Object {

  friend class Parser;

  friend class Binary;

  public:


  enum class DLL_CHARACTERISTICS: size_t  {

    HIGH_ENTROPY_VA       = 0x0020,

    DYNAMIC_BASE          = 0x0040,

    FORCE_INTEGRITY       = 0x0080,

    NX_COMPAT             = 0x0100,

    NO_ISOLATION          = 0x0200,

    NO_SEH                = 0x0400,

    NO_BIND               = 0x0800,

    APPCONTAINER          = 0x1000,

    WDM_DRIVER            = 0x2000,

    GUARD_CF              = 0x4000,

    TERMINAL_SERVER_AWARE = 0x8000

  };


  enum class SUBSYSTEM: size_t  {

    UNKNOWN                  = 0,

    NATIVE                   = 1,

    WINDOWS_GUI              = 2,

    WINDOWS_CUI              = 3,

    OS2_CUI                  = 5,

    POSIX_CUI                = 7,

    NATIVE_WINDOWS           = 8,

    WINDOWS_CE_GUI           = 9,

    EFI_APPLICATION          = 10,

    EFI_BOOT_SERVICE_DRIVER  = 11,

    EFI_RUNTIME_DRIVER       = 12,

    EFI_ROM                  = 13,

    XBOX                     = 14,

    WINDOWS_BOOT_APPLICATION = 16,

    XBOX_CODE_CATALOG        = 17,

  };


  OptionalHeader(const details::pe32_optional_header& header);

  OptionalHeader(const details::pe64_optional_header& header);

  ~OptionalHeader() override = default;


  OptionalHeader& operator=(const OptionalHeader&) = default;

  OptionalHeader(const OptionalHeader&) = default;


  static OptionalHeader create(PE_TYPE type);


  PE_TYPE magic() const {

    return magic_;

  }


  uint8_t major_linker_version() const {

    return major_linker_version_;

  }


  uint8_t minor_linker_version() const {

    return minor_linker_version_;

  }


  uint32_t sizeof_code() const {

    return sizeof_code_;

  }


  uint32_t sizeof_initialized_data() const {

    return sizeof_initialized_data_;

  }


  uint32_t sizeof_uninitialized_data() const {

    return sizeof_uninitialized_data_;

  }


  uint32_t addressof_entrypoint() const {

    return entrypoint_;

  }


  uint32_t baseof_code() const {

    return baseof_code_;

  }


  uint32_t baseof_data() const {

    return baseof_data_;

  }


  uint64_t imagebase() const {

    return imagebase_;

  }


  uint32_t section_alignment() const {

    return section_align_;

  }


  uint32_t file_alignment() const {

    return file_align_;

  }


  uint16_t major_operating_system_version() const {

    return major_os_version_;

  }


  uint16_t minor_operating_system_version() const {

    return minor_os_version_;

  }


  uint16_t major_image_version() const {

    return major_image_version_;

  }


  uint16_t minor_image_version() const {

    return minor_image_version_;

  }


  uint16_t major_subsystem_version() const {

    return major_subsys_version_;

  }


  uint16_t minor_subsystem_version() const {

    return minor_subsys_version_;

  }


  uint32_t win32_version_value() const {

    return win32_version_value_;

  }


  uint32_t sizeof_image() const {

    return sizeof_image_;

  }


  uint32_t sizeof_headers() const {

    return sizeof_headers_;

  }


  uint32_t checksum() const {

    return checksum_;

  }


  SUBSYSTEM subsystem() const {

    return subsystem_;

  }


  uint32_t dll_characteristics() const {

    return dll_characteristics_;

  }


  uint64_t sizeof_stack_reserve() const {

    return sizeof_stack_reserve_;

  }


  uint64_t sizeof_stack_commit() const {

    return sizeof_stack_commit_;

  }


  uint64_t sizeof_heap_reserve() const {

    return sizeof_heap_reserve_;

  }


  uint64_t sizeof_heap_commit() const {

    return sizeof_heap_commit_;

  }


  uint32_t loader_flags() const {

    return loader_flags_;

  }


  uint32_t numberof_rva_and_size() const {

    return nb_rva_size_;

  }


  bool has(DLL_CHARACTERISTICS c) const {

    return (dll_characteristics() & static_cast<uint32_t>(c)) != 0;

  }


  std::vector<DLL_CHARACTERISTICS> dll_characteristics_list() const;


  void add(DLL_CHARACTERISTICS c) {

    dll_characteristics(dll_characteristics() | static_cast<uint32_t>(c));

  }


  void remove(DLL_CHARACTERISTICS c) {

    dll_characteristics(dll_characteristics() & (~ static_cast<uint32_t>(c)));

  }


  void magic(PE_TYPE magic) {

    magic_ = magic;

  }


  void major_linker_version(uint8_t value) {

    major_linker_version_ = value;

  }


  void minor_linker_version(uint8_t value) {

    minor_linker_version_ = value;

  }


  void sizeof_code(uint32_t value) {

    sizeof_code_ = value;

  }


  void sizeof_initialized_data(uint32_t value) {

    sizeof_initialized_data_ = value;

  }


  void sizeof_uninitialized_data(uint32_t value) {

    sizeof_uninitialized_data_ = value;

  }


  void addressof_entrypoint(uint32_t value) {

    entrypoint_ = value;

  }


  void baseof_code(uint32_t value) {

    baseof_code_ = value;

  }


  void baseof_data(uint32_t value) {

    baseof_data_ = value;

  }


  void imagebase(uint64_t value) {

    imagebase_ = value;

  }


  void section_alignment(uint32_t value) {

    section_align_ = value;

  }


  void file_alignment(uint32_t value) {

    file_align_ = value;

  }


  void major_operating_system_version(uint16_t value) {

    major_os_version_ = value;

  }


  void minor_operating_system_version(uint16_t value) {

    minor_os_version_ = value;

  }


  void major_image_version(uint16_t value) {

    major_image_version_ = value;

  }


  void minor_image_version(uint16_t value) {

    minor_image_version_ = value;

  }


  void major_subsystem_version(uint16_t value) {

    major_subsys_version_ = value;

  }


  void minor_subsystem_version(uint16_t value) {

    minor_subsys_version_ = value;

  }


  void win32_version_value(uint32_t value) {

    win32_version_value_ = value;

  }


  void sizeof_image(uint32_t value) {

    sizeof_image_ = value;

  }


  void sizeof_headers(uint32_t value) {

    sizeof_headers_ = value;

  }


  void checksum(uint32_t value) {

    checksum_ = value;

  }


  void subsystem(SUBSYSTEM value) {

    subsystem_ = value;

  }


  void dll_characteristics(uint32_t value) {

    dll_characteristics_ = value;

  }


  void sizeof_stack_reserve(uint64_t value) {

    sizeof_stack_reserve_ = value;

  }


  void sizeof_stack_commit(uint64_t value) {

    sizeof_stack_commit_ = value;

  }


  void sizeof_heap_reserve(uint64_t value) {

    sizeof_heap_reserve_ = value;

  }


  void sizeof_heap_commit(uint64_t value) {

    sizeof_heap_commit_ = value;

  }


  void loader_flags(uint32_t value) {

    loader_flags_ = value;

  }


  void numberof_rva_and_size(uint32_t value) {

    nb_rva_size_ = value;

  }


  void accept(Visitor& visitor) const override;


  OptionalHeader& operator+=(DLL_CHARACTERISTICS c) {

    add(c);

    return *this;

  }


  OptionalHeader& operator-=(DLL_CHARACTERISTICS c) {

    remove(c);

    return *this;

  }


  LIEF_API friend std::ostream& operator<<(std::ostream& os, const OptionalHeader& entry);


  private:

  OptionalHeader() = default;


  PE_TYPE   magic_ = PE_TYPE::PE32;

  uint8_t   major_linker_version_ = 0;

  uint8_t   minor_linker_version_ = 0;

  uint32_t  sizeof_code_ = 0;

  uint32_t  sizeof_initialized_data_ = 0;

  uint32_t  sizeof_uninitialized_data_ = 0;

  uint32_t  entrypoint_ = 0;

  uint32_t  baseof_code_ = 0;

  uint32_t  baseof_data_ = 0;

  uint64_t  imagebase_ = 0;

  uint32_t  section_align_ = 0;

  uint32_t  file_align_ = 0;

  uint16_t  major_os_version_ = 0;

  uint16_t  minor_os_version_ = 0;

  uint16_t  major_image_version_ = 0;

  uint16_t  minor_image_version_ = 0;

  uint16_t  major_subsys_version_ = 0;

  uint16_t  minor_subsys_version_ = 0;

  uint32_t  win32_version_value_ = 0;

  uint32_t  sizeof_image_ = 0;

  uint32_t  sizeof_headers_ = 0;

  uint32_t  checksum_ = 0;

  SUBSYSTEM subsystem_ = SUBSYSTEM::UNKNOWN;

  uint32_t  dll_characteristics_ = 0;

  uint64_t  sizeof_stack_reserve_ = 0;

  uint64_t  sizeof_stack_commit_ = 0;

  uint64_t  sizeof_heap_reserve_ = 0;

  uint64_t  sizeof_heap_commit_ = 0;

  uint32_t  loader_flags_ = 0;

  uint32_t  nb_rva_size_ = 0;

};


LIEF_API const char* to_string(OptionalHeader::DLL_CHARACTERISTICS);

LIEF_API const char* to_string(OptionalHeader::SUBSYSTEM);


}

}


ENABLE_BITMASK_OPERATORS(LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS);


#endif

Object.hpp

enums.hpp

LIEF::Object::Object
Object()

LIEF::PE::Binary
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:57

LIEF::PE::OptionalHeader::DLL_CHARACTERISTICS
DLL_CHARACTERISTICS
Definition OptionalHeader.hpp:47

LIEF::PE::OptionalHeader::major_image_version
uint16_t major_image_version() const
The major version number of the image.
Definition OptionalHeader.hpp:178

LIEF::PE::OptionalHeader::baseof_data
void baseof_data(uint32_t value)
Definition OptionalHeader.hpp:318

LIEF::PE::OptionalHeader::minor_subsystem_version
uint16_t minor_subsystem_version() const
The minor version number of the subsystem.
Definition OptionalHeader.hpp:193

LIEF::PE::OptionalHeader::sizeof_code
void sizeof_code(uint32_t value)
Definition OptionalHeader.hpp:298

LIEF::PE::OptionalHeader::SUBSYSTEM
SUBSYSTEM
Definition OptionalHeader.hpp:61

LIEF::PE::OptionalHeader::SUBSYSTEM::UNKNOWN
@ UNKNOWN
An unknown subsystem.
Definition OptionalHeader.hpp:62

LIEF::PE::OptionalHeader::numberof_rva_and_size
uint32_t numberof_rva_and_size() const
The number of DataDirectory that follow this header.
Definition OptionalHeader.hpp:264

LIEF::PE::OptionalHeader::operator<<
friend std::ostream & operator<<(std::ostream &os, const OptionalHeader &entry)

LIEF::PE::OptionalHeader::sizeof_uninitialized_data
uint32_t sizeof_uninitialized_data() const
The size of the uninitialized data which are usually located in the .bss section. If the uninitialize...
Definition OptionalHeader.hpp:123

LIEF::PE::OptionalHeader::win32_version_value
void win32_version_value(uint32_t value)
Definition OptionalHeader.hpp:358

LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const details::pe64_optional_header &header)

LIEF::PE::OptionalHeader::dll_characteristics_list
std::vector< DLL_CHARACTERISTICS > dll_characteristics_list() const
Return the list of the dll_characteristics as an std::set of DLL_CHARACTERISTICS.

LIEF::PE::OptionalHeader::sizeof_stack_commit
uint64_t sizeof_stack_commit() const
Size of the stack to commit.
Definition OptionalHeader.hpp:244

LIEF::PE::OptionalHeader::major_subsystem_version
void major_subsystem_version(uint16_t value)
Definition OptionalHeader.hpp:350

LIEF::PE::OptionalHeader::major_operating_system_version
void major_operating_system_version(uint16_t value)
Definition OptionalHeader.hpp:334

LIEF::PE::OptionalHeader::operator=
OptionalHeader & operator=(const OptionalHeader &)=default

LIEF::PE::OptionalHeader::dll_characteristics
void dll_characteristics(uint32_t value)
Definition OptionalHeader.hpp:378

LIEF::PE::OptionalHeader::has
bool has(DLL_CHARACTERISTICS c) const
Check if the given DLL_CHARACTERISTICS is included in the dll_characteristics.
Definition OptionalHeader.hpp:269

LIEF::PE::OptionalHeader::sizeof_initialized_data
void sizeof_initialized_data(uint32_t value)
Definition OptionalHeader.hpp:302

LIEF::PE::OptionalHeader::addressof_entrypoint
void addressof_entrypoint(uint32_t value)
Definition OptionalHeader.hpp:310

LIEF::PE::OptionalHeader::magic
void magic(PE_TYPE magic)
Definition OptionalHeader.hpp:286

LIEF::PE::OptionalHeader::minor_linker_version
uint8_t minor_linker_version() const
The linker minor version.
Definition OptionalHeader.hpp:99

LIEF::PE::OptionalHeader::major_linker_version
uint8_t major_linker_version() const
The linker major version.
Definition OptionalHeader.hpp:94

LIEF::PE::OptionalHeader::sizeof_headers
uint32_t sizeof_headers() const
Size of the DosHeader + PE Header + Section headers rounded up to a multiple of the file_alignment.
Definition OptionalHeader.hpp:211

LIEF::PE::OptionalHeader::remove
void remove(DLL_CHARACTERISTICS c)
Remove a DLL_CHARACTERISTICS from the current characteristics.
Definition OptionalHeader.hpp:282

LIEF::PE::OptionalHeader::major_operating_system_version
uint16_t major_operating_system_version() const
The major version number of the required operating system.
Definition OptionalHeader.hpp:168

LIEF::PE::OptionalHeader::~OptionalHeader
~OptionalHeader() override=default

LIEF::PE::OptionalHeader::minor_linker_version
void minor_linker_version(uint8_t value)
Definition OptionalHeader.hpp:294

LIEF::PE::OptionalHeader::sizeof_image
void sizeof_image(uint32_t value)
Definition OptionalHeader.hpp:362

LIEF::PE::OptionalHeader::minor_operating_system_version
void minor_operating_system_version(uint16_t value)
Definition OptionalHeader.hpp:338

LIEF::PE::OptionalHeader::win32_version_value
uint32_t win32_version_value() const
According to the official PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:199

LIEF::PE::OptionalHeader::loader_flags
void loader_flags(uint32_t value)
Definition OptionalHeader.hpp:398

LIEF::PE::OptionalHeader::sizeof_headers
void sizeof_headers(uint32_t value)
Definition OptionalHeader.hpp:366

LIEF::PE::OptionalHeader::sizeof_heap_commit
uint64_t sizeof_heap_commit() const
Size of the heap to commit.
Definition OptionalHeader.hpp:254

LIEF::PE::OptionalHeader::sizeof_image
uint32_t sizeof_image() const
The size (in bytes) of the image, including all headers, as the image is loaded in memory.
Definition OptionalHeader.hpp:206

LIEF::PE::OptionalHeader::imagebase
uint64_t imagebase() const
The preferred base address when mapping the binary in memory.
Definition OptionalHeader.hpp:149

LIEF::PE::OptionalHeader::baseof_data
uint32_t baseof_data() const
Address relative to the imagebase where the binary's data starts.
Definition OptionalHeader.hpp:144

LIEF::PE::OptionalHeader::imagebase
void imagebase(uint64_t value)
Definition OptionalHeader.hpp:322

LIEF::PE::OptionalHeader::Binary
friend class Binary
Definition OptionalHeader.hpp:44

LIEF::PE::OptionalHeader::section_alignment
uint32_t section_alignment() const
The alignment (in bytes) of sections when they are loaded into memory.
Definition OptionalHeader.hpp:157

LIEF::PE::OptionalHeader::sizeof_code
uint32_t sizeof_code() const
The size of the code .text section or the sum of all the sections that contain code (i....
Definition OptionalHeader.hpp:105

LIEF::PE::OptionalHeader::minor_operating_system_version
uint16_t minor_operating_system_version() const
The minor version number of the required operating system.
Definition OptionalHeader.hpp:173

LIEF::PE::OptionalHeader::major_subsystem_version
uint16_t major_subsystem_version() const
The major version number of the subsystem.
Definition OptionalHeader.hpp:188

LIEF::PE::OptionalHeader::Parser
friend class Parser
Definition OptionalHeader.hpp:43

LIEF::PE::OptionalHeader::subsystem
void subsystem(SUBSYSTEM value)
Definition OptionalHeader.hpp:374

LIEF::PE::OptionalHeader::loader_flags
uint32_t loader_flags() const
According to the PE specifications, this value is reserved and should be 0.
Definition OptionalHeader.hpp:259

LIEF::PE::OptionalHeader::subsystem
SUBSYSTEM subsystem() const
Target subsystem like Driver, XBox, Windows GUI, ...
Definition OptionalHeader.hpp:224

LIEF::PE::OptionalHeader::section_alignment
void section_alignment(uint32_t value)
Definition OptionalHeader.hpp:326

LIEF::PE::OptionalHeader::file_alignment
uint32_t file_alignment() const
The section's file alignment. This value must be a power of 2 between 512 and 64K....
Definition OptionalHeader.hpp:163

LIEF::PE::OptionalHeader::sizeof_stack_reserve
void sizeof_stack_reserve(uint64_t value)
Definition OptionalHeader.hpp:382

LIEF::PE::OptionalHeader::baseof_code
void baseof_code(uint32_t value)
Definition OptionalHeader.hpp:314

LIEF::PE::OptionalHeader::file_alignment
void file_alignment(uint32_t value)
Definition OptionalHeader.hpp:330

LIEF::PE::OptionalHeader::operator+=
OptionalHeader & operator+=(DLL_CHARACTERISTICS c)
Definition OptionalHeader.hpp:408

LIEF::PE::OptionalHeader::accept
void accept(Visitor &visitor) const override

LIEF::PE::OptionalHeader::create
static OptionalHeader create(PE_TYPE type)

LIEF::PE::OptionalHeader::baseof_code
uint32_t baseof_code() const
Address relative to the imagebase where the binary's code starts.
Definition OptionalHeader.hpp:137

LIEF::PE::OptionalHeader::sizeof_stack_reserve
uint64_t sizeof_stack_reserve() const
Size of the stack to reserve when loading the PE binary.
Definition OptionalHeader.hpp:239

LIEF::PE::OptionalHeader::sizeof_initialized_data
uint32_t sizeof_initialized_data() const
The size of the initialized data which are usually located in the .data section. If the initialized d...
Definition OptionalHeader.hpp:114

LIEF::PE::OptionalHeader::dll_characteristics
uint32_t dll_characteristics() const
Some characteristics of the underlying binary like the support of the PIE. The prefix dll comes from ...
Definition OptionalHeader.hpp:231

LIEF::PE::OptionalHeader::checksum
uint32_t checksum() const
The image file checksum. The algorithm for computing the checksum is incorporated into IMAGHELP....
Definition OptionalHeader.hpp:219

LIEF::PE::OptionalHeader::major_image_version
void major_image_version(uint16_t value)
Definition OptionalHeader.hpp:342

LIEF::PE::OptionalHeader::sizeof_uninitialized_data
void sizeof_uninitialized_data(uint32_t value)
Definition OptionalHeader.hpp:306

LIEF::PE::OptionalHeader::operator-=
OptionalHeader & operator-=(DLL_CHARACTERISTICS c)
Definition OptionalHeader.hpp:412

LIEF::PE::OptionalHeader::minor_image_version
void minor_image_version(uint16_t value)
Definition OptionalHeader.hpp:346

LIEF::PE::OptionalHeader::minor_image_version
uint16_t minor_image_version() const
The minor version number of the image.
Definition OptionalHeader.hpp:183

LIEF::PE::OptionalHeader::major_linker_version
void major_linker_version(uint8_t value)
Definition OptionalHeader.hpp:290

LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const OptionalHeader &)=default

LIEF::PE::OptionalHeader::OptionalHeader
OptionalHeader(const details::pe32_optional_header &header)

LIEF::PE::OptionalHeader::addressof_entrypoint
uint32_t addressof_entrypoint() const
The address of the entry point relative to the image base when the executable file is loaded into mem...
Definition OptionalHeader.hpp:132

LIEF::PE::OptionalHeader::minor_subsystem_version
void minor_subsystem_version(uint16_t value)
Definition OptionalHeader.hpp:354

LIEF::PE::OptionalHeader::add
void add(DLL_CHARACTERISTICS c)
Add a DLL_CHARACTERISTICS to the current characteristics.
Definition OptionalHeader.hpp:277

LIEF::PE::OptionalHeader::checksum
void checksum(uint32_t value)
Definition OptionalHeader.hpp:370

LIEF::PE::OptionalHeader::numberof_rva_and_size
void numberof_rva_and_size(uint32_t value)
Definition OptionalHeader.hpp:402

LIEF::PE::OptionalHeader::sizeof_stack_commit
void sizeof_stack_commit(uint64_t value)
Definition OptionalHeader.hpp:386

LIEF::PE::OptionalHeader::sizeof_heap_reserve
uint64_t sizeof_heap_reserve() const
Size of the heap to reserve when loading the PE binary.
Definition OptionalHeader.hpp:249

LIEF::PE::OptionalHeader::magic
PE_TYPE magic() const
Magic bytes: either PE32 or PE32+ for 64-bits PE files.
Definition OptionalHeader.hpp:89

LIEF::PE::OptionalHeader::sizeof_heap_reserve
void sizeof_heap_reserve(uint64_t value)
Definition OptionalHeader.hpp:390

LIEF::PE::OptionalHeader::sizeof_heap_commit
void sizeof_heap_commit(uint64_t value)
Definition OptionalHeader.hpp:394

LIEF::PE::Parser
Main interface to parse PE binaries. In particular, the static Parser::parse functions should be used...
Definition PE/Parser.hpp:52

LIEF::Visitor
Definition Visitor.hpp:210

enums.hpp

ENABLE_BITMASK_OPERATORS
#define ENABLE_BITMASK_OPERATORS(X)
Definition enums.hpp:24

LIEF::PE::details
Definition DataDirectory.hpp:37

LIEF::PE
Namespace related to the LIEF's PE module.
Definition Abstract/Header.hpp:32

LIEF::PE::to_string
const char * to_string(CODE_PAGES e)

LIEF::PE::PE_TYPE
PE_TYPE
Definition PE/enums.hpp:22

LIEF::PE::PE_TYPE::PE32
@ PE32
32bits
Definition PE/enums.hpp:23

LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:40

visibility.h

LIEF_API
#define LIEF_API
Definition visibility.h:41