LIEF: Library to Instrument Executable Formats Version 0.15.1
Loading...
Searching...
No Matches
PE/Parser.hpp
Go to the documentation of this file.
1/* Copyright 2017 - 2024 R. Thomas
2 * Copyright 2017 - 2024 Quarkslab
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#ifndef LIEF_PE_PARSER_H
17#define LIEF_PE_PARSER_H
18
19#include <set>
20#include <string>
21#include <vector>
22
23#include "LIEF/visibility.h"
24#include "LIEF/utils.hpp"
25#include "LIEF/errors.hpp"
26
27#include "LIEF/Abstract/Parser.hpp"
28#include "LIEF/PE/enums.hpp"
29#include "LIEF/PE/ParserConfig.hpp"
30
31namespace LIEF {
32class BinaryStream;
33
34namespace PE {
35class Debug;
36class ResourceNode;
37class Binary;
38class DelayImport;
39
40namespace details {
41struct pe_resource_directory_table;
42struct pe_debug;
43}
44
47class LIEF_API Parser : public LIEF::Parser {
48 public:
49
51 static constexpr size_t MAX_DATA_SIZE = 3_GB;
52
53 static constexpr size_t MAX_TLS_CALLBACKS = 3000;
54
55 // According to https://stackoverflow.com/a/265782/87207
56 static constexpr size_t MAX_DLL_NAME_SIZE = 255;
57
59 static constexpr size_t MAX_PADDING_SIZE = 1_GB;
60
61 public:
67 static bool is_valid_import_name(const std::string& name);
68
74 static bool is_valid_dll_name(const std::string& name);
75
76 public:
78 static std::unique_ptr<Binary> parse(const std::string& filename,
79 const ParserConfig& conf = ParserConfig::all());
80
82 static std::unique_ptr<Binary> parse(std::vector<uint8_t> data,
83 const ParserConfig& conf = ParserConfig::all());
84
86 static std::unique_ptr<Binary> parse(std::unique_ptr<BinaryStream> stream,
87 const ParserConfig& conf = ParserConfig::all());
88
89 Parser& operator=(const Parser& copy) = delete;
90 Parser(const Parser& copy) = delete;
91
92 private:
93 Parser(const std::string& file);
94 Parser(std::vector<uint8_t> data);
95 Parser(std::unique_ptr<BinaryStream> stream);
96
97 ~Parser() override;
98 Parser();
99
100 void init(const ParserConfig& config);
101
102 template<typename PE_T>
103 ok_error_t parse();
104
105 ok_error_t parse_exports();
106 ok_error_t parse_sections();
107
108 template<typename PE_T>
109 ok_error_t parse_headers();
110
111 ok_error_t parse_configuration();
112
113 template<typename PE_T>
114 ok_error_t parse_data_directories();
115
116 template<typename PE_T>
117 ok_error_t parse_import_table();
118
119 template<typename PE_T>
120 ok_error_t parse_delay_imports();
121
122 template<typename PE_T>
123 ok_error_t parse_delay_names_table(DelayImport& import, uint32_t names_offset);
124
125 ok_error_t parse_export_table();
126 ok_error_t parse_debug();
127
128 std::unique_ptr<Debug> parse_code_view(const details::pe_debug& debug_info);
129 std::unique_ptr<Debug> parse_pogo(const details::pe_debug& debug_info);
130 std::unique_ptr<Debug> parse_repro(const details::pe_debug& debug_info);
131
132 template<typename PE_T>
133 ok_error_t parse_tls();
134
135 template<typename PE_T>
136 ok_error_t parse_load_config();
137
138 ok_error_t parse_relocations();
139 ok_error_t parse_resources();
140 ok_error_t parse_string_table();
141 ok_error_t parse_symbols();
142 ok_error_t parse_signature();
143 ok_error_t parse_overlay();
144 ok_error_t parse_dos_stub();
145 ok_error_t parse_rich_header();
146
147 std::unique_ptr<ResourceNode> parse_resource_node(
148 const details::pe_resource_directory_table& directory_table,
149 uint32_t base_offset, uint32_t current_offset, uint32_t depth = 0);
150
151
152 PE_TYPE type_ = PE_TYPE::PE32_PLUS;
153 std::unique_ptr<Binary> binary_;
154 std::set<uint32_t> resource_visited_;
155 std::unique_ptr<BinaryStream> stream_;
156 ParserConfig config_;
157};
158
159
160}
161}
162#endif
LIEF::PE::DelayImport
Class that represents a PE delayed import.
Definition DelayImport.hpp:36
LIEF::PE::Parser
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47
LIEF::PE::Parser::is_valid_import_name
static bool is_valid_import_name(const std::string &name)
Check if the given name is a valid import.
LIEF::PE::Parser::is_valid_dll_name
static bool is_valid_dll_name(const std::string &name)
Check if the given name is a valid DLL name.
LIEF::PE::Parser::parse
static std::unique_ptr< Binary > parse(std::unique_ptr< BinaryStream > stream, const ParserConfig &conf=ParserConfig::all())
Parse a PE binary from the given BinaryStream.
LIEF::PE::Parser::parse
static std::unique_ptr< Binary > parse(std::vector< uint8_t > data, const ParserConfig &conf=ParserConfig::all())
Parse a PE binary from a data buffer.
LIEF::PE::Parser::Parser
Parser(const Parser &copy)=delete
LIEF::PE::Parser::parse
static std::unique_ptr< Binary > parse(const std::string &filename, const ParserConfig &conf=ParserConfig::all())
Parse a PE binary from the given filename.
LIEF::PE::Parser::operator=
Parser & operator=(const Parser &copy)=delete
LIEF::Parser
Main interface to parse an executable regardless of its format.
Definition Abstract/Parser.hpp:30
LIEF::PE::PE_TYPE
PE_TYPE
Definition PE/enums.hpp:680
LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:32
LIEF::ok_error_t
result< ok_t > ok_error_t
Opaque structure that is used by LIEF to avoid writing result<void> f(...). Instead,...
Definition errors.hpp:108
LIEF::PE::ParserConfig
This structure is used to tweak the PE Parser (PE::Parser)
Definition PE/ParserConfig.hpp:24
LIEF_API
#define LIEF_API
Definition visibility.h:41
Generated by doxygen 1.11.0