latest/doxygen/PE_2Binary_8hpp_source.html

/* Copyright 2017 - 2024 R. Thomas

 * Copyright 2017 - 2024 Quarkslab

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef LIEF_PE_BINARY_H

#define LIEF_PE_BINARY_H


#include "LIEF/PE/Header.hpp"

#include "LIEF/PE/OptionalHeader.hpp"

#include "LIEF/PE/DosHeader.hpp"

#include "LIEF/PE/Import.hpp"

#include "LIEF/PE/DelayImport.hpp"

#include "LIEF/PE/Symbol.hpp"

#include "LIEF/PE/DataDirectory.hpp"

#include "LIEF/PE/ResourcesManager.hpp"

#include "LIEF/PE/signature/Signature.hpp"


#include "LIEF/Abstract/Binary.hpp"


#include "LIEF/visibility.h"


namespace LIEF {


namespace PE {

class Builder;

class CodeViewPDB;

class Debug;

class Export;

class LoadConfiguration;

class Parser;

class Relocation;

class ResourceData;

class ResourceDirectory;

class ResourceNode;

class RichHeader;

class TLS;


class LIEF_API Binary : public LIEF::Binary {

  friend class Parser;

  friend class Builder;


  public:

  using sections_t = std::vector<std::unique_ptr<Section>>;


  using it_sections = ref_iterator<sections_t&, Section*>;


  using it_const_sections = const_ref_iterator<const sections_t&, const Section*>;


  using data_directories_t = std::vector<std::unique_ptr<DataDirectory>>;


  using it_data_directories = ref_iterator<data_directories_t&, DataDirectory*>;


  using it_const_data_directories = const_ref_iterator<const data_directories_t&, const DataDirectory*>;


  using relocations_t = std::vector<std::unique_ptr<Relocation>>;


  using it_relocations = ref_iterator<relocations_t&, Relocation*>;


  using it_const_relocations = const_ref_iterator<const relocations_t&, const Relocation*>;


  using imports_t = std::vector<Import>;


  using it_imports = ref_iterator<imports_t&>;


  using it_const_imports = const_ref_iterator<const imports_t&>;


  using delay_imports_t = std::vector<DelayImport>;


  using it_delay_imports = ref_iterator<delay_imports_t&>;


  using it_const_delay_imports = const_ref_iterator<const delay_imports_t&>;


  using debug_entries_t = std::vector<std::unique_ptr<Debug>>;


  using it_debug_entries = ref_iterator<debug_entries_t&, Debug*>;


  using it_const_debug_entries = const_ref_iterator<const debug_entries_t&, const Debug*>;


  using symbols_t = std::vector<Symbol>;


  using it_symbols = ref_iterator<symbols_t&>;


  using it_const_symbols = const_ref_iterator<const symbols_t&>;


  using strings_table_t = std::vector<std::string>;


  using it_strings_table = ref_iterator<strings_table_t&>;


  using it_const_strings_table = const_ref_iterator<const strings_table_t&>;


  using signatures_t = std::vector<Signature>;


  using it_signatures = ref_iterator<signatures_t&>;


  using it_const_signatures = const_ref_iterator<const signatures_t&>;


  Binary(PE_TYPE type);


  ~Binary() override;


  PE_TYPE type() const {

    return type_;

  }


  uint64_t rva_to_offset(uint64_t RVA) const;


  uint64_t va_to_offset(uint64_t VA) const;


  result<uint64_t> offset_to_virtual_address(uint64_t offset, uint64_t slide = 0) const override;


  uint64_t imagebase() const override {

    return optional_header().imagebase();

  }


  Section* section_from_offset(uint64_t offset);

  const Section* section_from_offset(uint64_t offset) const;


  Section* section_from_rva(uint64_t virtual_address);

  const Section* section_from_rva(uint64_t virtual_address) const;


  it_sections sections() {

    return sections_;

  }


  it_const_sections sections() const {

    return sections_;

  }


  DosHeader& dos_header() {

    return dos_header_;

  }


  const DosHeader& dos_header() const {

    return dos_header_;

  }


  Header& header() {

    return header_;

  }


  const Header& header() const {

    return header_;

  }


  OptionalHeader& optional_header() {

    return optional_header_;

  }


  const OptionalHeader& optional_header() const {

    return optional_header_;

  }


  uint32_t compute_checksum() const;


  uint64_t virtual_size() const;


  uint32_t sizeof_headers() const;


  TLS* tls() {

    return tls_.get();

  }


  const TLS* tls() const {

    return tls_.get();

  }


  void tls(const TLS& tls);


  bool has_tls() const {

    return tls_ != nullptr;

  }


  bool has_imports() const {

    return !imports_.empty();

  }


  bool has_signatures() const {

    return !signatures_.empty();

  }


  bool has_exports() const {

    return export_ != nullptr;

  }


  bool has_resources() const {

    return resources_ != nullptr;

  }


  bool has_exceptions() const;


  bool has_relocations() const {

    return !relocations_.empty();

  }


  bool has_debug() const {

    return !debug_.empty();

  }


  bool has_configuration() const {

    return load_configuration_ != nullptr;

  }


  bool is_reproducible_build() const;


  it_const_signatures signatures() const {

    return signatures_;

  }


  it_signatures signatures() {

    return signatures_;

  }


  Signature::VERIFICATION_FLAGS verify_signature(

      Signature::VERIFICATION_CHECKS checks = Signature::VERIFICATION_CHECKS::DEFAULT) const;


  Signature::VERIFICATION_FLAGS verify_signature(const Signature& sig,

      Signature::VERIFICATION_CHECKS checks = Signature::VERIFICATION_CHECKS::DEFAULT) const;


  std::vector<uint8_t> authentihash(ALGORITHMS algo) const;


  uint32_t predict_function_rva(const std::string& library, const std::string& function);


  Export* get_export() {

    return export_.get();

  }


  const Export* get_export() const {

    return export_.get();

  }


  std::vector<Symbol>& symbols() {

    return symbols_;

  }


  const std::vector<Symbol>& symbols() const {

    return symbols_;

  }


  ResourceNode* resources() {

    return resources_.get();

  }


  const ResourceNode* resources() const {

    return resources_.get();

  }


  void set_resources(const ResourceDirectory& resource);


  void set_resources(const ResourceData& resource);


  result<ResourcesManager> resources_manager() const;


  Section* get_section(const std::string& name);

  const Section* get_section(const std::string& name) const;


  const Section* import_section() const;

  Section*       import_section();


  void remove_section(const std::string& name, bool clear = false) override;


  void remove(const Section& section, bool clear = false);


  Section* add_section(const Section& section,

                       PE_SECTION_TYPES type = PE_SECTION_TYPES::UNKNOWN);


  it_relocations relocations() {

    return relocations_;

  }


  it_const_relocations relocations() const {

    return relocations_;

  }


  Relocation& add_relocation(const Relocation& relocation);


  void remove_all_relocations();


  it_data_directories data_directories() {

    return data_directories_;

  }


  it_const_data_directories data_directories() const {

    return data_directories_;

  }


  DataDirectory* data_directory(DataDirectory::TYPES type);

  const DataDirectory* data_directory(DataDirectory::TYPES type) const;


  bool has(DataDirectory::TYPES type) const {

    return data_directory(type) != nullptr;

  }


  it_debug_entries debug() {

    return debug_;

  }


  it_const_debug_entries debug() const {

    return debug_;

  }


  const CodeViewPDB* codeview_pdb() const;


  const LoadConfiguration* load_configuration() const {

    return load_configuration_.get();

  }


  LoadConfiguration* load_configuration() {

    return load_configuration_.get();

  }


  span<const uint8_t> overlay() const {

    return overlay_;

  }


  span<uint8_t> overlay() {

    return overlay_;

  }


  uint64_t overlay_offset() const {

    return overlay_offset_;

  }


  span<const uint8_t> dos_stub() const {

    return dos_stub_;

  }


  span<uint8_t> dos_stub() {

    return dos_stub_;

  }


  void dos_stub(std::vector<uint8_t> content) {

    dos_stub_ = std::move(content);

  }


  // Rich Header

  // -----------


  RichHeader* rich_header() {

    return rich_header_.get();

  }


  const RichHeader* rich_header() const {

    return rich_header_.get();

  }


  void rich_header(const RichHeader& rich_header);


  bool has_rich_header() const {

    return rich_header_ != nullptr;

  }


  it_imports imports() {

    return imports_;

  }


  it_const_imports imports() const {

    return imports_;

  }


  Import* get_import(const std::string& import_name);

  const Import* get_import(const std::string& import_name) const;


  bool has_import(const std::string& import_name) const {

    return get_import(import_name) != nullptr;

  }


  bool has_delay_imports() const {

    return !delay_imports_.empty();

  }


  it_delay_imports delay_imports() {

    return delay_imports_;

  }


  it_const_delay_imports delay_imports() const {

    return delay_imports_;

  }


  DelayImport* get_delay_import(const std::string& import_name);

  const DelayImport* get_delay_import(const std::string& import_name) const;


  bool has_delay_import(const std::string& import_name) const {

    return get_delay_import(import_name) != nullptr;

  }


  ImportEntry* add_import_function(const std::string& library, const std::string& function);


  Import& add_library(const std::string& name) {

    imports_.emplace_back(name);

    return imports_.back();

  }


  void remove_library(const std::string& name);


  void remove_all_libraries() {

    imports_.clear();

  }


  void write(const std::string& filename) override;


  void write(std::ostream& os) override;


  void accept(Visitor& visitor) const override;


  void patch_address(uint64_t address, const std::vector<uint8_t>& patch_value,

                     LIEF::Binary::VA_TYPES addr_type = LIEF::Binary::VA_TYPES::AUTO) override;


  void patch_address(uint64_t address, uint64_t patch_value, size_t size = sizeof(uint64_t),

                     LIEF::Binary::VA_TYPES addr_type = LIEF::Binary::VA_TYPES::AUTO) override;


  span<const uint8_t> get_content_from_virtual_address(

      uint64_t virtual_address, uint64_t size,

      Binary::VA_TYPES addr_type = Binary::VA_TYPES::AUTO) const override;


  uint64_t entrypoint() const override {

    return optional_header_.imagebase() + optional_header_.addressof_entrypoint();

  }


  bool is_pie() const override {

    return optional_header_.has(OptionalHeader::DLL_CHARACTERISTICS::DYNAMIC_BASE);

  }


  bool has_nx() const override {

    return optional_header_.has(OptionalHeader::DLL_CHARACTERISTICS::NX_COMPAT);

  }


  LIEF::Binary::functions_t ctor_functions() const override;


  LIEF::Binary::functions_t functions() const;


  LIEF::Binary::functions_t exception_functions() const;


  static bool classof(const LIEF::Binary* bin) {

    return bin->format() == Binary::FORMATS::PE;

  }


  std::ostream& print(std::ostream& os) const override;


  private:

  Binary();


  void make_space_for_new_section();


  LIEF::Binary::symbols_t get_abstract_symbols() override;


  LIEF::Header get_abstract_header() const override;


  LIEF::Binary::sections_t get_abstract_sections() override;


  LIEF::Binary::relocations_t get_abstract_relocations() override;


  LIEF::Binary::functions_t get_abstract_exported_functions() const override;

  LIEF::Binary::functions_t get_abstract_imported_functions() const override;

  std::vector<std::string> get_abstract_imported_libraries() const override;


  void update_lookup_address_table_offset();

  void update_iat();


  PE_TYPE        type_ = PE_TYPE::PE32_PLUS;

  DosHeader      dos_header_;

  Header         header_;

  OptionalHeader optional_header_;


  int32_t available_sections_space_ = 0;


  signatures_t signatures_;

  sections_t           sections_;

  data_directories_t   data_directories_;

  symbols_t            symbols_;

  strings_table_t      strings_table_;

  relocations_t        relocations_;

  imports_t            imports_;

  delay_imports_t      delay_imports_;

  debug_entries_t      debug_;

  uint64_t overlay_offset_ = 0;

  std::vector<uint8_t> overlay_;

  std::vector<uint8_t> dos_stub_;

  std::vector<uint8_t> section_offset_padding_;


  std::unique_ptr<RichHeader> rich_header_;

  std::unique_ptr<Export> export_;

  std::unique_ptr<ResourceNode> resources_;

  std::unique_ptr<TLS> tls_;

  std::unique_ptr<LoadConfiguration> load_configuration_;

};


}

}

#endif

LIEF::Binary
Abstract binary that exposes an uniform API for the different executable file formats.
Definition Abstract/Binary.hpp:38

LIEF::Binary::format
FORMATS format() const
Executable format (ELF, PE, Mach-O) of the underlying binary.
Definition Abstract/Binary.hpp:97

LIEF::Binary::symbols_t
std::vector< Symbol * > symbols_t
Internal container.
Definition Abstract/Binary.hpp:68

LIEF::Binary::VA_TYPES
VA_TYPES
Type of a virtual address.
Definition Abstract/Binary.hpp:42

LIEF::Binary::VA_TYPES::AUTO
@ AUTO
Try to guess if it's relative or not.

LIEF::Binary::sections_t
std::vector< Section * > sections_t
Internal container.
Definition Abstract/Binary.hpp:59

LIEF::Binary::relocations_t
std::vector< Relocation * > relocations_t
Internal container.
Definition Abstract/Binary.hpp:77

LIEF::Header
Definition Abstract/Header.hpp:29

LIEF::PE::Binary
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:52

LIEF::PE::Binary::optional_header
OptionalHeader & optional_header()
Header that follows the header(). It is named optional from the COFF specfication but it is mandatory...
Definition PE/Binary.hpp:211

LIEF::PE::Binary::remove_all_relocations
void remove_all_relocations()
Remove all the relocations.

LIEF::PE::Binary::delay_imports_t
std::vector< DelayImport > delay_imports_t
Internal container for storing PE's DelayImport.
Definition PE/Binary.hpp:94

LIEF::PE::Binary::authentihash
std::vector< uint8_t > authentihash(ALGORITHMS algo) const
Compute the authentihash according to the algorithm provided in the first parameter.

LIEF::PE::Binary::load_configuration
const LoadConfiguration * load_configuration() const
Retrun the LoadConfiguration object or a nullptr if the binary does not use the LoadConfiguration.
Definition PE/Binary.hpp:461

LIEF::PE::Binary::remove_section
void remove_section(const std::string &name, bool clear=false) override
Delete the section with the given name.

LIEF::PE::Binary::is_pie
bool is_pie() const override
Check if the binary is position independent.
Definition PE/Binary.hpp:641

LIEF::PE::Binary::ctor_functions
LIEF::Binary::functions_t ctor_functions() const override
Return the list of the binary constructors.

LIEF::PE::Binary::sections_t
std::vector< std::unique_ptr< Section > > sections_t
Internal container for storing PE's Section.
Definition PE/Binary.hpp:58

LIEF::PE::Binary::set_resources
void set_resources(const ResourceDirectory &resource)
Set a new resource tree.

LIEF::PE::Binary::dos_stub
void dos_stub(std::vector< uint8_t > content)
Update the DOS stub content.
Definition PE/Binary.hpp:493

LIEF::PE::Binary::imports
it_imports imports()
Return an iterator over the binary imports.
Definition PE/Binary.hpp:518

LIEF::PE::Binary::has_resources
bool has_resources() const
Check if the current binary has resources.
Definition PE/Binary.hpp:272

LIEF::PE::Binary::predict_function_rva
uint32_t predict_function_rva(const std::string &library, const std::string &function)
Try to predict the RVA of the function function in the import library library

LIEF::PE::Binary::symbols
std::vector< Symbol > & symbols()
Return binary Symbols.
Definition PE/Binary.hpp:360

LIEF::PE::Binary::has_debug
bool has_debug() const
Check if the current binary contains debug information.
Definition PE/Binary.hpp:287

LIEF::PE::Binary::get_delay_import
DelayImport * get_delay_import(const std::string &import_name)
Returns the PE::DelayImport from the given name. If it can't be found, return a nullptr.

LIEF::PE::Binary::has_relocations
bool has_relocations() const
Check if the current binary has relocations.
Definition PE/Binary.hpp:282

LIEF::PE::Binary::add_import_function
ImportEntry * add_import_function(const std::string &library, const std::string &function)
Add the function function of the library library. If the function fails, it returns a nullptr.

LIEF::PE::Binary::has_exports
bool has_exports() const
Check if the current binary has exports.
Definition PE/Binary.hpp:267

LIEF::PE::Binary::virtual_size
uint64_t virtual_size() const
Compute the binary's virtual size. It should match OptionalHeader::sizeof_image.

LIEF::PE::Binary::relocations_t
std::vector< std::unique_ptr< Relocation > > relocations_t
Internal container for storing PE's Relocation.
Definition PE/Binary.hpp:76

LIEF::PE::Binary::rva_to_offset
uint64_t rva_to_offset(uint64_t RVA) const
Convert a Relative Virtual Address into an offset.

LIEF::PE::Binary::resources_manager
result< ResourcesManager > resources_manager() const
Return the ResourcesManager (class to manage resources more easily than the tree one)

LIEF::PE::Binary::offset_to_virtual_address
result< uint64_t > offset_to_virtual_address(uint64_t offset, uint64_t slide=0) const override
Convert the given offset into a virtual address.

LIEF::PE::Binary::patch_address
void patch_address(uint64_t address, uint64_t patch_value, size_t size=sizeof(uint64_t), LIEF::Binary::VA_TYPES addr_type=LIEF::Binary::VA_TYPES::AUTO) override
Patch the address with the given value.

LIEF::PE::Binary::verify_signature
Signature::VERIFICATION_FLAGS verify_signature(const Signature &sig, Signature::VERIFICATION_CHECKS checks=Signature::VERIFICATION_CHECKS::DEFAULT) const
Verify the binary with the Signature object provided in the first parameter. It can be used to verify...

LIEF::PE::Binary::overlay
span< const uint8_t > overlay() const
Return the overlay content.
Definition PE/Binary.hpp:470

LIEF::PE::Binary::get_content_from_virtual_address
span< const uint8_t > get_content_from_virtual_address(uint64_t virtual_address, uint64_t size, Binary::VA_TYPES addr_type=Binary::VA_TYPES::AUTO) const override
Return the content located at the provided virtual address.

LIEF::PE::Binary::symbols_t
std::vector< Symbol > symbols_t
Internal container for storing COFF Symbols.
Definition PE/Binary.hpp:112

LIEF::PE::Binary::add_section
Section * add_section(const Section &section, PE_SECTION_TYPES type=PE_SECTION_TYPES::UNKNOWN)
Add a section to the binary and return the section added.

LIEF::PE::Binary::has_rich_header
bool has_rich_header() const
Check if the current binary has a RichHeader object.
Definition PE/Binary.hpp:513

LIEF::PE::Binary::has_signatures
bool has_signatures() const
Check if the current binary contains signatures.
Definition PE/Binary.hpp:260

LIEF::PE::Binary::has_delay_imports
bool has_delay_imports() const
Check if the current binary contains delay imports.
Definition PE/Binary.hpp:544

LIEF::PE::Binary::set_resources
void set_resources(const ResourceData &resource)
Set a new resource tree.

LIEF::PE::Binary::write
void write(std::ostream &os) override
Reconstruct the binary object and write the raw PE in os stream.

LIEF::PE::Binary::rich_header
void rich_header(const RichHeader &rich_header)
Set a RichHeader object in the current Binary.

LIEF::PE::Binary::tls
TLS * tls()
Return a reference to the TLS object.
Definition PE/Binary.hpp:234

LIEF::PE::Binary::entrypoint
uint64_t entrypoint() const override
Return the binary's entrypoint (It is the same value as OptionalHeader::addressof_entrypoint.
Definition PE/Binary.hpp:636

LIEF::PE::Binary::signatures_t
std::vector< Signature > signatures_t
Internal container for storing PE's authenticode Signature.
Definition PE/Binary.hpp:130

LIEF::PE::Binary::verify_signature
Signature::VERIFICATION_FLAGS verify_signature(Signature::VERIFICATION_CHECKS checks=Signature::VERIFICATION_CHECKS::DEFAULT) const
Verify the binary against the embedded signature(s) (if any) First, it checks that the embedded signa...

LIEF::PE::Binary::remove_all_libraries
void remove_all_libraries()
Remove all libraries in the binary.
Definition PE/Binary.hpp:590

LIEF::PE::Binary::accept
void accept(Visitor &visitor) const override
Method so that a visitor can visit us.

LIEF::PE::Binary::functions
LIEF::Binary::functions_t functions() const
All functions found in the binary

LIEF::PE::Binary::exception_functions
LIEF::Binary::functions_t exception_functions() const
Functions found in the Exception table directory.

LIEF::PE::Binary::compute_checksum
uint32_t compute_checksum() const
Re-compute the value of OptionalHeader::checksum. If both values do not match, it could mean that the...

LIEF::PE::Binary::add_library
Import & add_library(const std::string &name)
Add an imported library (i.e. DLL) to the binary.
Definition PE/Binary.hpp:581

LIEF::PE::Binary::overlay_offset
uint64_t overlay_offset() const
Return the original overlay offset.
Definition PE/Binary.hpp:479

LIEF::PE::Binary::section_from_rva
Section * section_from_rva(uint64_t virtual_address)
Find the section associated that encompasses the given RVA.

LIEF::PE::Binary::import_section
const Section * import_section() const
Return the section associated with import table or a nullptr if the binary does not have an import ta...

LIEF::PE::Binary::type
PE_TYPE type() const
Return PE32 or PE32+
Definition PE/Binary.hpp:143

LIEF::PE::Binary::has_tls
bool has_tls() const
Check if the current binary has a TLS object.
Definition PE/Binary.hpp:246

LIEF::PE::Binary::data_directory
DataDirectory * data_directory(DataDirectory::TYPES type)
Return the DataDirectory with the given type (or index)

LIEF::PE::Binary::remove_library
void remove_library(const std::string &name)
Remove the library with the given name

LIEF::PE::Binary::section_from_offset
Section * section_from_offset(uint64_t offset)
Find the section associated that encompasses the given offset.

LIEF::PE::Binary::has_exceptions
bool has_exceptions() const
Check if the current binary has exceptions.

LIEF::PE::Binary::delay_imports
it_delay_imports delay_imports()
Return an iterator over the binary's delay imports.
Definition PE/Binary.hpp:549

LIEF::PE::Binary::is_reproducible_build
bool is_reproducible_build() const
Check if the current binary is reproducible build, replacing timestamps by a compile hash.

LIEF::PE::Binary::va_to_offset
uint64_t va_to_offset(uint64_t VA) const
Convert the absolute virtual address into an offset.

LIEF::PE::Binary::data_directories_t
std::vector< std::unique_ptr< DataDirectory > > data_directories_t
Internal container for storing PE's DataDirectory.
Definition PE/Binary.hpp:67

LIEF::PE::Binary::dos_header
DosHeader & dos_header()
Return a reference to the PE::DosHeader object.
Definition PE/Binary.hpp:192

LIEF::PE::Binary::imports_t
std::vector< Import > imports_t
Internal container for storing PE's Import.
Definition PE/Binary.hpp:85

LIEF::PE::Binary::has_nx
bool has_nx() const override
Check if the binary uses NX protection.
Definition PE/Binary.hpp:646

LIEF::PE::Binary::dos_stub
span< const uint8_t > dos_stub() const
Return the DOS stub content.
Definition PE/Binary.hpp:484

LIEF::PE::Binary::header
Header & header()
Return a reference to the PE::Header object.
Definition PE/Binary.hpp:201

LIEF::PE::Binary::relocations
it_relocations relocations()
Return an iterator over the PE's Relocation.
Definition PE/Binary.hpp:415

LIEF::PE::Binary::imagebase
uint64_t imagebase() const override
Return binary's imagebase. 0 if not relevant.
Definition PE/Binary.hpp:166

LIEF::PE::Binary::has_configuration
bool has_configuration() const
Check if the current binary has a load configuration.
Definition PE/Binary.hpp:292

LIEF::PE::Binary::codeview_pdb
const CodeViewPDB * codeview_pdb() const
Return the CodeViewPDB object if present.

LIEF::PE::Binary::resources
ResourceNode * resources()
Return resources as a tree or a nullptr if there is no resources.
Definition PE/Binary.hpp:369

LIEF::PE::Binary::has
bool has(DataDirectory::TYPES type) const
Check if the current binary has the given DataDirectory::TYPES.
Definition PE/Binary.hpp:443

LIEF::PE::Binary::sizeof_headers
uint32_t sizeof_headers() const
Compute the size of all the headers.

LIEF::PE::Binary::tls
void tls(const TLS &tls)
Set a TLS object in the current Binary.

LIEF::PE::Binary::strings_table_t
std::vector< std::string > strings_table_t
Internal container for storing strings.
Definition PE/Binary.hpp:121

LIEF::PE::Binary::debug_entries_t
std::vector< std::unique_ptr< Debug > > debug_entries_t
Internal container for storing Debug information.
Definition PE/Binary.hpp:103

LIEF::PE::Binary::get_import
Import * get_import(const std::string &import_name)
Returns the PE::Import from the given name. If it can't be found, return a nullptr.

LIEF::PE::Binary::signatures
it_const_signatures signatures() const
Return an iterator over the Signature object(s) if the binary is signed.
Definition PE/Binary.hpp:302

LIEF::PE::Binary::debug
it_debug_entries debug()
Return an iterator over the Debug entries.
Definition PE/Binary.hpp:448

LIEF::PE::Binary::patch_address
void patch_address(uint64_t address, const std::vector< uint8_t > &patch_value, LIEF::Binary::VA_TYPES addr_type=LIEF::Binary::VA_TYPES::AUTO) override
Patch the content at virtual address address with patch_value.

LIEF::PE::Binary::has_delay_import
bool has_delay_import(const std::string &import_name) const
True if the binary delay-imports the given library name
Definition PE/Binary.hpp:568

LIEF::PE::Binary::has_imports
bool has_imports() const
Check if the current binary contains imports.
Definition PE/Binary.hpp:253

LIEF::PE::Binary::remove
void remove(const Section &section, bool clear=false)
Remove the given section.

LIEF::PE::Binary::data_directories
it_data_directories data_directories()
Return an iterator over the DataDirectory present in the Binary.
Definition PE/Binary.hpp:430

LIEF::PE::Binary::sections
it_sections sections()
Return an iterator over the PE's Section.
Definition PE/Binary.hpp:183

LIEF::PE::Binary::get_export
Export * get_export()
Return the Export object.
Definition PE/Binary.hpp:351

LIEF::PE::Binary::write
void write(const std::string &filename) override
Reconstruct the binary object and write the raw PE in filename

LIEF::PE::Binary::has_import
bool has_import(const std::string &import_name) const
True if the binary imports the given library name
Definition PE/Binary.hpp:536

LIEF::PE::Binary::add_relocation
Relocation & add_relocation(const Relocation &relocation)
Add a PE::Relocation.

LIEF::PE::Binary::get_section
Section * get_section(const std::string &name)
Return binary's section from its name. If the secion can't be found, return a nullptr.

LIEF::PE::Binary::rich_header
RichHeader * rich_header()
Return a reference to the RichHeader object.
Definition PE/Binary.hpp:501

LIEF::PE::Builder
Class that is used to rebuild a raw PE binary from a PE::Binary object.
Definition PE/Builder.hpp:45

LIEF::PE::CodeViewPDB
CodeView PDB specialization.
Definition CodeViewPDB.hpp:34

LIEF::PE::DataDirectory
Class that represents a PE data directory entry.
Definition DataDirectory.hpp:38

LIEF::PE::DelayImport
Class that represents a PE delayed import.
Definition DelayImport.hpp:36

LIEF::PE::DosHeader
Class which represents the DosHeader, the first structure presents at the beginning of a PE file.
Definition DosHeader.hpp:38

LIEF::PE::Export
Class which represents a PE Export.
Definition Export.hpp:38

LIEF::PE::Header
Class that represents the PE header (which follows the DosHeader)
Definition PE/Header.hpp:36

LIEF::PE::ImportEntry
Class that represents an entry (i.e. an import) in the import table (Import).
Definition ImportEntry.hpp:36

LIEF::PE::Import
Class that represents a PE import.
Definition Import.hpp:39

LIEF::PE::LoadConfiguration
Class that represents the default PE's LoadConfiguration
Definition LoadConfiguration.hpp:35

LIEF::PE::OptionalHeader
Class which represents the PE OptionalHeader structure.
Definition OptionalHeader.hpp:42

LIEF::PE::Parser
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47

LIEF::PE::Relocation
Class which represents the Base Relocation Block We usually find this structure in the ....
Definition PE/Relocation.hpp:37

LIEF::PE::ResourceData
Class which represents a Data Node in the PE resources tree.
Definition ResourceData.hpp:32

LIEF::PE::ResourceDirectory
Definition ResourceDirectory.hpp:33

LIEF::PE::ResourceNode
Class which represents a Node in the resource tree.
Definition ResourceNode.hpp:36

LIEF::PE::RichHeader
Class which represents the not-so-documented rich header.
Definition RichHeader.hpp:37

LIEF::PE::Section
Class which represents a PE section.
Definition PE/Section.hpp:40

LIEF::PE::Signature
Main interface for the PKCS #7 signature scheme.
Definition Signature.hpp:39

LIEF::PE::Signature::VERIFICATION_CHECKS
VERIFICATION_CHECKS
Flags to tweak the verification process of the signature.
Definition Signature.hpp:90

LIEF::PE::Signature::VERIFICATION_FLAGS
VERIFICATION_FLAGS
Flags returned by the verification functions.
Definition Signature.hpp:67

LIEF::PE::TLS
Class which represents the PE Thread Local Storage.
Definition TLS.hpp:42

LIEF::Visitor
Definition Visitor.hpp:221

LIEF::ref_iterator
Iterator which returns reference on container's values.
Definition iterators.hpp:48

LIEF::PE::PE_SECTION_TYPES
PE_SECTION_TYPES
Common section type.
Definition PE/enums.hpp:666

LIEF::PE::ALGORITHMS
ALGORITHMS
Cryptography algorithms.
Definition PE/enums.hpp:686

LIEF::PE::PE_TYPE
PE_TYPE
Definition PE/enums.hpp:680

LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:31

LIEF::result
tl::expected< T, lief_errors > result
Wrapper that contains an Object (T) or an error.
Definition errors.hpp:73