include/pe.h

   1 #ifndef __INCLUDE_PE_H
   2 #define __INCLUDE_PE_H
   3
   4 #define _ANONYMOUS_UNION __extension__
   5 #define _ANONYMOUS_STRUCT __extension__
   6 #define NTAPI
   7
   8 #define ROUND_UP(N, S) ((((N) + (S) - 1) / (S)) * (S))
   9
  10 #define IMAGE_SECTION_CHAR_CODE          0x00000020
  11 #define IMAGE_SECTION_CHAR_DATA          0x00000040
  12 #define IMAGE_SECTION_CHAR_BSS           0x00000080
  13 #define IMAGE_SECTION_CHAR_NON_CACHABLE  0x04000000
  14 #define IMAGE_SECTION_CHAR_NON_PAGEABLE  0x08000000
  15 #define IMAGE_SECTION_CHAR_SHARED        0x10000000
  16 #define IMAGE_SECTION_CHAR_EXECUTABLE    0x20000000
  17 #define IMAGE_SECTION_CHAR_READABLE      0x40000000
  18 #define IMAGE_SECTION_CHAR_WRITABLE      0x80000000
  19 #define IMAGE_SECTION_NOLOAD             0x00000002
  20
  21 #define IMAGE_DOS_MAGIC  0x5a4d
  22 #define IMAGE_PE_MAGIC   0x00004550
  23
  24 #define IMAGE_DOS_SIGNATURE     0x5a4d
  25 #define IMAGE_OS2_SIGNATURE     0x454e
  26
  27 #define IMAGE_OS2_SIGNATURE_LE  0x454c
  28 #define IMAGE_VXD_SIGNATURE     0x454c
  29 #define IMAGE_NT_SIGNATURE      0x00004550
  30
  31
  32 #define IMAGE_SIZEOF_FILE_HEADER             20
  33
  34 #define IMAGE_FILE_RELOCS_STRIPPED           0x0001  // Relocation info stripped from file.
  35 #define IMAGE_FILE_EXECUTABLE_IMAGE          0x0002  // File is executable  (i.e. no unresolved externel references).
  36 #define IMAGE_FILE_LINE_NUMS_STRIPPED        0x0004  // Line nunbers stripped from file.
  37 #define IMAGE_FILE_LOCAL_SYMS_STRIPPED       0x0008  // Local symbols stripped from file.
  38 #define IMAGE_FILE_BYTES_REVERSED_LO         0x0080  // Bytes of machine word are reversed.
  39 #define IMAGE_FILE_32BIT_MACHINE             0x0100  // 32 bit word machine.
  40 #define IMAGE_FILE_DEBUG_STRIPPED            0x0200  // Debugging info stripped from file in .DBG file
  41 #define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP   0x0400  // If Image is on removable media, copy and run from the swap file.
  42 #define IMAGE_FILE_NET_RUN_FROM_SWAP         0x0800  // If Image is on Net, copy and run from the swap file.
  43 #define IMAGE_FILE_SYSTEM                    0x1000  // System File.
  44 #define IMAGE_FILE_DLL                       0x2000  // File is a DLL.
  45 #define IMAGE_FILE_UP_SYSTEM_ONLY            0x4000  // File should only be run on a UP machine
  46 #define IMAGE_FILE_BYTES_REVERSED_HI         0x8000  // Bytes of machine word are reversed.
  47
  48 #define IMAGE_FILE_MACHINE_UNKNOWN           0
  49 #define IMAGE_FILE_MACHINE_I386              0x14c   // Intel 386.
  50 #define IMAGE_FILE_MACHINE_R3000             0x162   // MIPS little-endian, 0x160 big-endian
  51 #define IMAGE_FILE_MACHINE_R4000             0x166   // MIPS little-endian
  52 #define IMAGE_FILE_MACHINE_R10000            0x168   // MIPS little-endian
  53 #define IMAGE_FILE_MACHINE_ALPHA             0x184   // Alpha_AXP
  54 #define IMAGE_FILE_MACHINE_POWERPC           0x1F0   // IBM PowerPC Little-Endian
  55
  56
  57 #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES    16
  58
  59
  60 #define IMAGE_SUBSYSTEM_UNKNOWN         0
  61 #define IMAGE_SUBSYSTEM_NATIVE          1
  62 #define IMAGE_SUBSYSTEM_WINDOWS_GUI     2
  63 #define IMAGE_SUBSYSTEM_WINDOWS_CUI     3
  64 #define IMAGE_SUBSYSTEM_OS2_GUI         4
  65 #define IMAGE_SUBSYSTEM_OS2_CUI         5
  66 #define IMAGE_SUBSYSTEM_POSIX_GUI       6
  67 #define IMAGE_SUBSYSTEM_POSIX_CUI       7
  68 #define IMAGE_SUBSYSTEM_WINDOWS_CE_GUI  9
  69
  70
  71
  72 // Directory Entries
  73
  74 #define IMAGE_DIRECTORY_ENTRY_EXPORT         0   // Export Directory
  75 #define IMAGE_DIRECTORY_ENTRY_IMPORT         1   // Import Directory
  76 #define IMAGE_DIRECTORY_ENTRY_RESOURCE       2   // Resource Directory
  77 #define IMAGE_DIRECTORY_ENTRY_EXCEPTION      3   // Exception Directory
  78 #define IMAGE_DIRECTORY_ENTRY_SECURITY       4   // Security Directory
  79 #define IMAGE_DIRECTORY_ENTRY_BASERELOC      5   // Base Relocation Table
  80 #define IMAGE_DIRECTORY_ENTRY_DEBUG          6   // Debug Directory
  81 #define IMAGE_DIRECTORY_ENTRY_COPYRIGHT      7   // Description String
  82 #define IMAGE_DIRECTORY_ENTRY_GLOBALPTR      8   // Machine Value (MIPS GP)
  83 #define IMAGE_DIRECTORY_ENTRY_TLS            9   // TLS Directory
  84 #define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG   10   // Load Configuration Directory
  85 #define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT  11   // Bound Import Directory in headers
  86 #define IMAGE_DIRECTORY_ENTRY_IAT           12   // Import Address
  87 //
  88 // Section header format.
  89 //
  90 #define IMAGE_SIZEOF_FILE_HEADER        20
  91 #define IMAGE_FILE_MACHINE_UNKNOWN      0
  92 #define IMAGE_NT_SIGNATURE 0x00004550
  93 #define IMAGE_NT_OPTIONAL_HDR_MAGIC 0x10b
  94 #define IMAGE_ROM_OPTIONAL_HDR_MAGIC 0x107
  95 #define IMAGE_SEPARATE_DEBUG_SIGNATURE 0x4944
  96 #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
  97 #define IMAGE_SIZEOF_ROM_OPTIONAL_HEADER 56
  98 #define IMAGE_SIZEOF_STD_OPTIONAL_HEADER 28
  99 #define IMAGE_SIZEOF_NT_OPTIONAL_HEADER 224
 100 #define IMAGE_SIZEOF_SHORT_NAME 8
 101 #define IMAGE_SIZEOF_SECTION_HEADER 40
 102 #define IMAGE_SIZEOF_SYMBOL 18
 103 #define IMAGE_SIZEOF_AUX_SYMBOL 18
 104 #define IMAGE_SIZEOF_RELOCATION 10
 105 #define IMAGE_SIZEOF_BASE_RELOCATION 8
 106 #define IMAGE_SIZEOF_LINENUMBER 6
 107 #define IMAGE_SIZEOF_ARCHIVE_MEMBER_HDR 60
 108 #define SIZEOF_RFPO_DATA 16
 109 #define IMAGE_FIRST_SECTION(h) ((PIMAGE_SECTION_HEADER) ((DWORD)h+FIELD_OFFSET(IMAGE_NT_HEADERS,OptionalHeader)+((PIMAGE_NT_HEADERS)(h))->FileHeader.SizeOfOptionalHeader))
 110 #define IMAGE_SCN_TYPE_NO_PAD 8
 111 #define IMAGE_SCN_CNT_CODE 32
 112 #define IMAGE_SCN_CNT_INITIALIZED_DATA 64
 113 #define IMAGE_SCN_CNT_UNINITIALIZED_DATA 128
 114 #define IMAGE_SCN_LNK_OTHER 256
 115 #define IMAGE_SCN_LNK_INFO 512
 116 #define IMAGE_SCN_LNK_REMOVE 2048
 117 #define IMAGE_SCN_LNK_COMDAT 4096
 118 #define IMAGE_SCN_MEM_FARDATA 0x8000
 119 #define IMAGE_SCN_MEM_PURGEABLE 0x20000
 120 #define IMAGE_SCN_MEM_16BIT 0x20000
 121 #define IMAGE_SCN_MEM_LOCKED  0x40000
 122 #define IMAGE_SCN_MEM_PRELOAD 0x80000
 123 #define IMAGE_SCN_ALIGN_1BYTES 0x100000
 124 #define IMAGE_SCN_ALIGN_2BYTES 0x200000
 125 #define IMAGE_SCN_ALIGN_4BYTES 0x300000
 126 #define IMAGE_SCN_ALIGN_8BYTES 0x400000
 127 #define IMAGE_SCN_ALIGN_16BYTES 0x500000
 128 #define IMAGE_SCN_ALIGN_32BYTES 0x600000
 129 #define IMAGE_SCN_ALIGN_64BYTES 0x700000
 130 #define IMAGE_SCN_LNK_NRELOC_OVFL 0x1000000
 131 #define IMAGE_SCN_MEM_DISCARDABLE 0x2000000
 132 #define IMAGE_SCN_MEM_NOT_CACHED 0x4000000
 133 #define IMAGE_SCN_MEM_NOT_PAGED 0x8000000
 134 #define IMAGE_SCN_MEM_SHARED 0x10000000
 135 #define IMAGE_SCN_MEM_EXECUTE 0x20000000
 136 #define IMAGE_SCN_MEM_READ 0x40000000
 137 #define IMAGE_SCN_MEM_WRITE 0x80000000
 138 #define IMAGE_SYM_UNDEFINED     0
 139 #define IMAGE_SYM_ABSOLUTE (-1)
 140 #define IMAGE_SYM_DEBUG (-2)
 141 #define IMAGE_SYM_TYPE_NULL 0
 142 #define IMAGE_SYM_TYPE_VOID 1
 143 #define IMAGE_SYM_TYPE_CHAR 2
 144 #define IMAGE_SYM_TYPE_SHORT 3
 145 #define IMAGE_SYM_TYPE_INT 4
 146 #define IMAGE_SYM_TYPE_LONG 5
 147 #define IMAGE_SYM_TYPE_FLOAT 6
 148 #define IMAGE_SYM_TYPE_DOUBLE 7
 149 #define IMAGE_SYM_TYPE_STRUCT 8
 150 #define IMAGE_SYM_TYPE_UNION 9
 151 #define IMAGE_SYM_TYPE_ENUM 10
 152 #define IMAGE_SYM_TYPE_MOE 11
 153 #define IMAGE_SYM_TYPE_BYTE 12
 154 #define IMAGE_SYM_TYPE_WORD 13
 155 #define IMAGE_SYM_TYPE_UINT 14
 156 #define IMAGE_SYM_TYPE_DWORD 15
 157 #define IMAGE_SYM_TYPE_PCODE 32768
 158 #define IMAGE_SYM_DTYPE_NULL 0
 159 #define IMAGE_SYM_DTYPE_POINTER 1
 160 #define IMAGE_SYM_DTYPE_FUNCTION 2
 161 #define IMAGE_SYM_DTYPE_ARRAY 3
 162 #define IMAGE_SYM_CLASS_END_OF_FUNCTION (-1)
 163 #define IMAGE_SYM_CLASS_NULL 0
 164 #define IMAGE_SYM_CLASS_AUTOMATIC 1
 165 #define IMAGE_SYM_CLASS_EXTERNAL 2
 166 #define IMAGE_SYM_CLASS_STATIC 3
 167 #define IMAGE_SYM_CLASS_REGISTER 4
 168 #define IMAGE_SYM_CLASS_EXTERNAL_DEF 5
 169 #define IMAGE_SYM_CLASS_LABEL 6
 170 #define IMAGE_SYM_CLASS_UNDEFINED_LABEL 7
 171 #define IMAGE_SYM_CLASS_MEMBER_OF_STRUCT 8
 172 #define IMAGE_SYM_CLASS_ARGUMENT 9
 173 #define IMAGE_SYM_CLASS_STRUCT_TAG 10
 174 #define IMAGE_SYM_CLASS_MEMBER_OF_UNION 11
 175 #define IMAGE_SYM_CLASS_UNION_TAG 12
 176 #define IMAGE_SYM_CLASS_TYPE_DEFINITION 13
 177 #define IMAGE_SYM_CLASS_UNDEFINED_STATIC 14
 178 #define IMAGE_SYM_CLASS_ENUM_TAG 15
 179 #define IMAGE_SYM_CLASS_MEMBER_OF_ENUM 16
 180 #define IMAGE_SYM_CLASS_REGISTER_PARAM 17
 181 #define IMAGE_SYM_CLASS_BIT_FIELD 18
 182 #define IMAGE_SYM_CLASS_FAR_EXTERNAL 68
 183 #define IMAGE_SYM_CLASS_BLOCK 100
 184 #define IMAGE_SYM_CLASS_FUNCTION 101
 185 #define IMAGE_SYM_CLASS_END_OF_STRUCT 102
 186 #define IMAGE_SYM_CLASS_FILE 103
 187 #define IMAGE_SYM_CLASS_SECTION 104
 188 #define IMAGE_SYM_CLASS_WEAK_EXTERNAL 105
 189 #define IMAGE_COMDAT_SELECT_NODUPLICATES 1
 190 #define IMAGE_COMDAT_SELECT_ANY 2
 191 #define IMAGE_COMDAT_SELECT_SAME_SIZE 3
 192 #define IMAGE_COMDAT_SELECT_EXACT_MATCH 4
 193 #define IMAGE_COMDAT_SELECT_ASSOCIATIVE 5
 194 #define IMAGE_COMDAT_SELECT_LARGEST 6
 195 #define IMAGE_COMDAT_SELECT_NEWEST 7
 196 #define IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY 1
 197 #define IMAGE_WEAK_EXTERN_SEARCH_LIBRARY 2
 198 #define IMAGE_WEAK_EXTERN_SEARCH_ALIAS 3
 199 #define IMAGE_REL_I386_ABSOLUTE 0
 200 #define IMAGE_REL_I386_DIR16 1
 201 #define IMAGE_REL_I386_REL16 2
 202 #define IMAGE_REL_I386_DIR32 6
 203 #define IMAGE_REL_I386_DIR32NB 7
 204 #define IMAGE_REL_I386_SEG12 9
 205 #define IMAGE_REL_I386_SECTION 10
 206 #define IMAGE_REL_I386_SECREL 11
 207 #define IMAGE_REL_I386_REL32 20
 208 #define IMAGE_REL_MIPS_ABSOLUTE 0
 209 #define IMAGE_REL_MIPS_REFHALF 1
 210 #define IMAGE_REL_MIPS_REFWORD 2
 211 #define IMAGE_REL_MIPS_JMPADDR 3
 212 #define IMAGE_REL_MIPS_REFHI 4
 213 #define IMAGE_REL_MIPS_REFLO 5
 214 #define IMAGE_REL_MIPS_GPREL 6
 215 #define IMAGE_REL_MIPS_LITERAL 7
 216 #define IMAGE_REL_MIPS_SECTION 10
 217 #define IMAGE_REL_MIPS_SECREL 11
 218 #define IMAGE_REL_MIPS_SECRELLO 12
 219 #define IMAGE_REL_MIPS_SECRELHI 13
 220 #define IMAGE_REL_MIPS_REFWORDNB 34
 221 #define IMAGE_REL_MIPS_PAIR 35
 222 #define IMAGE_REL_ALPHA_ABSOLUTE 0
 223 #define IMAGE_REL_ALPHA_REFLONG 1
 224 #define IMAGE_REL_ALPHA_REFQUAD 2
 225 #define IMAGE_REL_ALPHA_GPREL32 3
 226 #define IMAGE_REL_ALPHA_LITERAL 4
 227 #define IMAGE_REL_ALPHA_LITUSE 5
 228 #define IMAGE_REL_ALPHA_GPDISP 6
 229 #define IMAGE_REL_ALPHA_BRADDR 7
 230 #define IMAGE_REL_ALPHA_HINT 8
 231 #define IMAGE_REL_ALPHA_INLINE_REFLONG 9
 232 #define IMAGE_REL_ALPHA_REFHI 10
 233 #define IMAGE_REL_ALPHA_REFLO 11
 234 #define IMAGE_REL_ALPHA_PAIR 12
 235 #define IMAGE_REL_ALPHA_MATCH 13
 236 #define IMAGE_REL_ALPHA_SECTION 14
 237 #define IMAGE_REL_ALPHA_SECREL 15
 238 #define IMAGE_REL_ALPHA_REFLONGNB 16
 239 #define IMAGE_REL_ALPHA_SECRELLO 17
 240 #define IMAGE_REL_ALPHA_SECRELHI 18
 241 #define IMAGE_REL_PPC_ABSOLUTE 0
 242 #define IMAGE_REL_PPC_ADDR64 1
 243 #define IMAGE_REL_PPC_ADDR32 2
 244 #define IMAGE_REL_PPC_ADDR24 3
 245 #define IMAGE_REL_PPC_ADDR16 4
 246 #define IMAGE_REL_PPC_ADDR14 5
 247 #define IMAGE_REL_PPC_REL24 6
 248 #define IMAGE_REL_PPC_REL14 7
 249 #define IMAGE_REL_PPC_TOCREL16 8
 250 #define IMAGE_REL_PPC_TOCREL14 9
 251 #define IMAGE_REL_PPC_ADDR32NB 10
 252 #define IMAGE_REL_PPC_SECREL 11
 253 #define IMAGE_REL_PPC_SECTION 12
 254 #define IMAGE_REL_PPC_IFGLUE 13
 255 #define IMAGE_REL_PPC_IMGLUE 14
 256 #define IMAGE_REL_PPC_SECREL16 15
 257 #define IMAGE_REL_PPC_REFHI 16
 258 #define IMAGE_REL_PPC_REFLO 17
 259 #define IMAGE_REL_PPC_PAIR 18
 260 #define IMAGE_REL_PPC_TYPEMASK 255
 261 #define IMAGE_REL_PPC_NEG 256
 262 #define IMAGE_REL_PPC_BRTAKEN 512
 263 #define IMAGE_REL_PPC_BRNTAKEN 1024
 264 #define IMAGE_REL_PPC_TOCDEFN 2048
 265 #define IMAGE_REL_BASED_ABSOLUTE 0
 266 #define IMAGE_REL_BASED_HIGH 1
 267 #define IMAGE_REL_BASED_LOW 2
 268 #define IMAGE_REL_BASED_HIGHLOW 3
 269 #define IMAGE_REL_BASED_HIGHADJ 4
 270 #define IMAGE_REL_BASED_MIPS_JMPADDR 5
 271 #define IMAGE_ARCHIVE_START_SIZE 8
 272 #define IMAGE_ARCHIVE_START "!<arch>\n"
 273 #define IMAGE_ARCHIVE_END "`\n"
 274 #define IMAGE_ARCHIVE_PAD "\n"
 275 #define IMAGE_ARCHIVE_LINKER_MEMBER "/               "
 276 #define IMAGE_ARCHIVE_LONGNAMES_MEMBER "//              "
 277 #define IMAGE_ORDINAL_FLAG 0x80000000
 278 #define IMAGE_SNAP_BY_ORDINAL(o) ((o&IMAGE_ORDINAL_FLAG)!=0)
 279 #define IMAGE_RESOURCE_NAME_IS_STRING 0x80000000
 280 #define IMAGE_RESOURCE_DATA_IS_DIRECTORY 0x80000000
 281 #define IMAGE_DEBUG_TYPE_UNKNOWN 0
 282 #define IMAGE_DEBUG_TYPE_COFF 1
 283 #define IMAGE_DEBUG_TYPE_CODEVIEW 2
 284 #define IMAGE_DEBUG_TYPE_FPO 3
 285 #define IMAGE_DEBUG_TYPE_MISC 4
 286 #define IMAGE_DEBUG_TYPE_EXCEPTION 5
 287 #define IMAGE_DEBUG_TYPE_FIXUP 6
 288 #define IMAGE_DEBUG_TYPE_OMAP_TO_SRC 7
 289 #define IMAGE_DEBUG_TYPE_OMAP_FROM_SRC 8
 290
 291
 292 #define IMAGE_SIZEOF_SHORT_NAME              8
 293
 294 #define IMAGE_SIZEOF_SECTION_HEADER          40
 295
 296 #define IMAGE_SECTION_CODE (0x20)
 297 #define IMAGE_SECTION_INITIALIZED_DATA (0x40)
 298 #define IMAGE_SECTION_UNINITIALIZED_DATA (0x80)
 299
 300 #pragma pack(push,4)
 301 typedef struct _IMAGE_FILE_HEADER {
 302         WORD Machine;
 303         WORD NumberOfSections;
 304         DWORD TimeDateStamp;
 305         DWORD PointerToSymbolTable;
 306         DWORD NumberOfSymbols;
 307         WORD SizeOfOptionalHeader;
 308         WORD Characteristics;
 309 } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
 310 typedef struct _IMAGE_DATA_DIRECTORY {
 311         DWORD VirtualAddress;
 312         DWORD Size;
 313 } IMAGE_DATA_DIRECTORY,*PIMAGE_DATA_DIRECTORY;
 314 typedef struct _IMAGE_OPTIONAL_HEADER {
 315         WORD Magic;
 316         BYTE MajorLinkerVersion;
 317         BYTE MinorLinkerVersion;
 318         DWORD SizeOfCode;
 319         DWORD SizeOfInitializedData;
 320         DWORD SizeOfUninitializedData;
 321         DWORD AddressOfEntryPoint;
 322         DWORD BaseOfCode;
 323         DWORD BaseOfData;
 324         DWORD ImageBase;
 325         DWORD SectionAlignment;
 326         DWORD FileAlignment;
 327         WORD MajorOperatingSystemVersion;
 328         WORD MinorOperatingSystemVersion;
 329         WORD MajorImageVersion;
 330         WORD MinorImageVersion;
 331         WORD MajorSubsystemVersion;
 332         WORD MinorSubsystemVersion;
 333         DWORD Reserved1;
 334         DWORD SizeOfImage;
 335         DWORD SizeOfHeaders;
 336         DWORD CheckSum;
 337         WORD Subsystem;
 338         WORD DllCharacteristics;
 339         DWORD SizeOfStackReserve;
 340         DWORD SizeOfStackCommit;
 341         DWORD SizeOfHeapReserve;
 342         DWORD SizeOfHeapCommit;
 343         DWORD LoaderFlags;
 344         DWORD NumberOfRvaAndSizes;
 345         IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
 346 } IMAGE_OPTIONAL_HEADER,*PIMAGE_OPTIONAL_HEADER;
 347 typedef struct _IMAGE_ROM_OPTIONAL_HEADER {
 348         WORD Magic;
 349         BYTE MajorLinkerVersion;
 350         BYTE MinorLinkerVersion;
 351         DWORD SizeOfCode;
 352         DWORD SizeOfInitializedData;
 353         DWORD SizeOfUninitializedData;
 354         DWORD AddressOfEntryPoint;
 355         DWORD BaseOfCode;
 356         DWORD BaseOfData;
 357         DWORD BaseOfBss;
 358         DWORD GprMask;
 359         DWORD CprMask[4];
 360         DWORD GpValue;
 361 } IMAGE_ROM_OPTIONAL_HEADER,*PIMAGE_ROM_OPTIONAL_HEADER;
 362 #pragma pack(pop)
 363 #pragma pack(push,2)
 364 typedef struct _IMAGE_DOS_HEADER {
 365         WORD e_magic;
 366         WORD e_cblp;
 367         WORD e_cp;
 368         WORD e_crlc;
 369         WORD e_cparhdr;
 370         WORD e_minalloc;
 371         WORD e_maxalloc;
 372         WORD e_ss;
 373         WORD e_sp;
 374         WORD e_csum;
 375         WORD e_ip;
 376         WORD e_cs;
 377         WORD e_lfarlc;
 378         WORD e_ovno;
 379         WORD e_res[4];
 380         WORD e_oemid;
 381         WORD e_oeminfo;
 382         WORD e_res2[10];
 383         LONG e_lfanew;
 384 } IMAGE_DOS_HEADER,*PIMAGE_DOS_HEADER;
 385 typedef struct _IMAGE_OS2_HEADER {
 386         WORD ne_magic;
 387         CHAR ne_ver;
 388         CHAR ne_rev;
 389         WORD ne_enttab;
 390         WORD ne_cbenttab;
 391         LONG ne_crc;
 392         WORD ne_flags;
 393         WORD ne_autodata;
 394         WORD ne_heap;
 395         WORD ne_stack;
 396         LONG ne_csip;
 397         LONG ne_sssp;
 398         WORD ne_cseg;
 399         WORD ne_cmod;
 400         WORD ne_cbnrestab;
 401         WORD ne_segtab;
 402         WORD ne_rsrctab;
 403         WORD ne_restab;
 404         WORD ne_modtab;
 405         WORD ne_imptab;
 406         LONG ne_nrestab;
 407         WORD ne_cmovent;
 408         WORD ne_align;
 409         WORD ne_cres;
 410         BYTE ne_exetyp;
 411         BYTE ne_flagsothers;
 412         WORD ne_pretthunks;
 413         WORD ne_psegrefbytes;
 414         WORD ne_swaparea;
 415         WORD ne_expver;
 416 } IMAGE_OS2_HEADER,*PIMAGE_OS2_HEADER;
 417 #pragma pack(pop)
 418 #pragma pack(push,4)
 419 typedef struct _IMAGE_NT_HEADERS {
 420         DWORD Signature;
 421         IMAGE_FILE_HEADER FileHeader;
 422         IMAGE_OPTIONAL_HEADER OptionalHeader;
 423 } IMAGE_NT_HEADERS,*PIMAGE_NT_HEADERS;
 424 typedef struct _IMAGE_ROM_HEADERS {
 425         IMAGE_FILE_HEADER FileHeader;
 426         IMAGE_ROM_OPTIONAL_HEADER OptionalHeader;
 427 } IMAGE_ROM_HEADERS,*PIMAGE_ROM_HEADERS;
 428 typedef struct _IMAGE_SECTION_HEADER {
 429         BYTE Name[IMAGE_SIZEOF_SHORT_NAME];
 430         union {
 431                 DWORD PhysicalAddress;
 432                 DWORD VirtualSize;
 433         } Misc;
 434         DWORD VirtualAddress;
 435         DWORD SizeOfRawData;
 436         DWORD PointerToRawData;
 437         DWORD PointerToRelocations;
 438         DWORD PointerToLinenumbers;
 439         WORD NumberOfRelocations;
 440         WORD NumberOfLinenumbers;
 441         DWORD Characteristics;
 442 } IMAGE_SECTION_HEADER,*PIMAGE_SECTION_HEADER;
 443 #pragma pack(pop)
 444 #pragma pack(push,2)
 445 typedef struct _IMAGE_SYMBOL {
 446         union {
 447                 BYTE ShortName[8];
 448                 struct {
 449                         DWORD Short;
 450                         DWORD Long;
 451                 } Name;
 452                 PBYTE LongName[2];
 453         } N;
 454         DWORD Value;
 455         SHORT SectionNumber;
 456         WORD Type;
 457         BYTE StorageClass;
 458         BYTE NumberOfAuxSymbols;
 459 } IMAGE_SYMBOL,*PIMAGE_SYMBOL;
 460 typedef union _IMAGE_AUX_SYMBOL {
 461         struct {
 462                 DWORD TagIndex;
 463                 union {
 464                         struct {
 465                                 WORD Linenumber;
 466                                 WORD Size;
 467                         } LnSz;
 468                         DWORD TotalSize;
 469                 } Misc;
 470                 union {
 471                         struct {
 472                                 DWORD PointerToLinenumber;
 473                                 DWORD PointerToNextFunction;
 474                         } Function;
 475                         struct {
 476                                 WORD Dimension[4];
 477                         } Array;
 478                 } FcnAry;
 479                 WORD TvIndex;
 480         } Sym;
 481         struct {
 482                 BYTE Name[IMAGE_SIZEOF_SYMBOL];
 483         } File;
 484         struct {
 485                 DWORD Length;
 486                 WORD NumberOfRelocations;
 487                 WORD NumberOfLinenumbers;
 488                 DWORD CheckSum;
 489                 SHORT Number;
 490                 BYTE Selection;
 491         } Section;
 492 } IMAGE_AUX_SYMBOL,*PIMAGE_AUX_SYMBOL;
 493 typedef struct _IMAGE_COFF_SYMBOLS_HEADER {
 494         DWORD NumberOfSymbols;
 495         DWORD LvaToFirstSymbol;
 496         DWORD NumberOfLinenumbers;
 497         DWORD LvaToFirstLinenumber;
 498         DWORD RvaToFirstByteOfCode;
 499         DWORD RvaToLastByteOfCode;
 500         DWORD RvaToFirstByteOfData;
 501         DWORD RvaToLastByteOfData;
 502 } IMAGE_COFF_SYMBOLS_HEADER,*PIMAGE_COFF_SYMBOLS_HEADER;
 503 typedef struct _IMAGE_RELOCATION {
 504         _ANONYMOUS_UNION union {
 505                 DWORD VirtualAddress;
 506                 DWORD RelocCount;
 507         } DUMMYUNIONNAME;
 508         DWORD SymbolTableIndex;
 509         WORD Type;
 510 } IMAGE_RELOCATION,*PIMAGE_RELOCATION;
 511 #pragma pack(pop)
 512 #pragma pack(push,4)
 513 typedef struct _IMAGE_BASE_RELOCATION {
 514         DWORD VirtualAddress;
 515         DWORD SizeOfBlock;
 516 } IMAGE_BASE_RELOCATION,*PIMAGE_BASE_RELOCATION;
 517 #pragma pack(pop)
 518 #pragma pack(push,2)
 519 typedef struct _IMAGE_LINENUMBER {
 520         union {
 521                 DWORD SymbolTableIndex;
 522                 DWORD VirtualAddress;
 523         } Type;
 524         WORD Linenumber;
 525 } IMAGE_LINENUMBER,*PIMAGE_LINENUMBER;
 526 #pragma pack(pop)
 527 #pragma pack(push,4)
 528 typedef struct _IMAGE_ARCHIVE_MEMBER_HEADER {
 529         BYTE Name[16];
 530         BYTE Date[12];
 531         BYTE UserID[6];
 532         BYTE GroupID[6];
 533         BYTE Mode[8];
 534         BYTE Size[10];
 535         BYTE EndHeader[2];
 536 } IMAGE_ARCHIVE_MEMBER_HEADER,*PIMAGE_ARCHIVE_MEMBER_HEADER;
 537 typedef struct _IMAGE_EXPORT_DIRECTORY {
 538         DWORD Characteristics;
 539         DWORD TimeDateStamp;
 540         WORD MajorVersion;
 541         WORD MinorVersion;
 542         DWORD Name;
 543         DWORD Base;
 544         DWORD NumberOfFunctions;
 545         DWORD NumberOfNames;
 546         PDWORD *AddressOfFunctions;
 547         PDWORD *AddressOfNames;
 548         PWORD *AddressOfNameOrdinals;
 549 } IMAGE_EXPORT_DIRECTORY,*PIMAGE_EXPORT_DIRECTORY;
 550 typedef struct _IMAGE_IMPORT_BY_NAME {
 551         WORD Hint;
 552         BYTE Name[1];
 553 } IMAGE_IMPORT_BY_NAME,*PIMAGE_IMPORT_BY_NAME;
 554 typedef struct _IMAGE_THUNK_DATA {
 555         union {
 556                 PBYTE ForwarderString;
 557                 PDWORD Function;
 558                 DWORD Ordinal;
 559                 PIMAGE_IMPORT_BY_NAME AddressOfData;
 560         } u1;
 561 } IMAGE_THUNK_DATA,*PIMAGE_THUNK_DATA;
 562 typedef struct _IMAGE_IMPORT_DESCRIPTOR {
 563         _ANONYMOUS_UNION union {
 564                 DWORD Characteristics;
 565                 PIMAGE_THUNK_DATA OriginalFirstThunk;
 566         } DUMMYUNIONNAME;
 567         DWORD TimeDateStamp;
 568         DWORD ForwarderChain;
 569         DWORD Name;
 570         PIMAGE_THUNK_DATA FirstThunk;
 571 } IMAGE_IMPORT_DESCRIPTOR,*PIMAGE_IMPORT_DESCRIPTOR;
 572 typedef struct _IMAGE_BOUND_IMPORT_DESCRIPTOR {
 573         DWORD TimeDateStamp;
 574         WORD OffsetModuleName;
 575         WORD NumberOfModuleForwarderRefs;
 576 } IMAGE_BOUND_IMPORT_DESCRIPTOR,*PIMAGE_BOUND_IMPORT_DESCRIPTOR;
 577 typedef struct _IMAGE_BOUND_FORWARDER_REF {
 578         DWORD TimeDateStamp;
 579         WORD OffsetModuleName;
 580         WORD Reserved;
 581 } IMAGE_BOUND_FORWARDER_REF,*PIMAGE_BOUND_FORWARDER_REF;
 582 typedef void(NTAPI *PIMAGE_TLS_CALLBACK)(PVOID,DWORD,PVOID);
 583 typedef struct _IMAGE_TLS_DIRECTORY {
 584         DWORD StartAddressOfRawData;
 585         DWORD EndAddressOfRawData;
 586         PDWORD AddressOfIndex;
 587         PIMAGE_TLS_CALLBACK *AddressOfCallBacks;
 588         DWORD SizeOfZeroFill;
 589         DWORD Characteristics;
 590 } IMAGE_TLS_DIRECTORY,*PIMAGE_TLS_DIRECTORY;
 591 typedef struct _IMAGE_RESOURCE_DIRECTORY {
 592         DWORD Characteristics;
 593         DWORD TimeDateStamp;
 594         WORD MajorVersion;
 595         WORD MinorVersion;
 596         WORD NumberOfNamedEntries;
 597         WORD NumberOfIdEntries;
 598 } IMAGE_RESOURCE_DIRECTORY,*PIMAGE_RESOURCE_DIRECTORY;
 599 /*_ANONYMOUS_STRUCT typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY {
 600         _ANONYMOUS_UNION union {
 601                 _ANONYMOUS_STRUCT struct {
 602                         DWORD NameOffset:31;
 603                         DWORD NameIsString:1;
 604                 }DUMMYSTRUCTNAME;
 605                 DWORD Name;
 606                 WORD Id;
 607         } DUMMYUNIONNAME;
 608         _ANONYMOUS_UNION union {
 609                 DWORD OffsetToData;
 610                 _ANONYMOUS_STRUCT struct {
 611                         DWORD OffsetToDirectory:31;
 612                         DWORD DataIsDirectory:1;
 613                 } DUMMYSTRUCTNAME2;
 614         } DUMMYUNIONNAME2;
 615 } IMAGE_RESOURCE_DIRECTORY_ENTRY,*PIMAGE_RESOURCE_DIRECTORY_ENTRY;
 616 */
 617 typedef struct _IMAGE_RESOURCE_DIRECTORY_STRING {
 618         WORD Length;
 619         CHAR NameString[1];
 620 } IMAGE_RESOURCE_DIRECTORY_STRING,*PIMAGE_RESOURCE_DIRECTORY_STRING;
 621 typedef struct _IMAGE_RESOURCE_DIR_STRING_U {
 622         WORD Length;
 623         WCHAR NameString[1];
 624 } IMAGE_RESOURCE_DIR_STRING_U,*PIMAGE_RESOURCE_DIR_STRING_U;
 625 typedef struct _IMAGE_RESOURCE_DATA_ENTRY {
 626         DWORD OffsetToData;
 627         DWORD Size;
 628         DWORD CodePage;
 629         DWORD Reserved;
 630 } IMAGE_RESOURCE_DATA_ENTRY,*PIMAGE_RESOURCE_DATA_ENTRY;
 631 typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY {
 632         DWORD Characteristics;
 633         DWORD TimeDateStamp;
 634         WORD MajorVersion;
 635         WORD MinorVersion;
 636         DWORD GlobalFlagsClear;
 637         DWORD GlobalFlagsSet;
 638         DWORD CriticalSectionDefaultTimeout;
 639         DWORD DeCommitFreeBlockThreshold;
 640         DWORD DeCommitTotalFreeThreshold;
 641         PVOID LockPrefixTable;
 642         DWORD MaximumAllocationSize;
 643         DWORD VirtualMemoryThreshold;
 644         DWORD ProcessHeapFlags;
 645         DWORD Reserved[4];
 646 } IMAGE_LOAD_CONFIG_DIRECTORY,*PIMAGE_LOAD_CONFIG_DIRECTORY;
 647 typedef struct _IMAGE_RUNTIME_FUNCTION_ENTRY {
 648         DWORD BeginAddress;
 649         DWORD EndAddress;
 650         PVOID ExceptionHandler;
 651         PVOID HandlerData;
 652         DWORD PrologEndAddress;
 653 } IMAGE_RUNTIME_FUNCTION_ENTRY,*PIMAGE_RUNTIME_FUNCTION_ENTRY;
 654 typedef struct _IMAGE_DEBUG_DIRECTORY {
 655         DWORD Characteristics;
 656         DWORD TimeDateStamp;
 657         WORD MajorVersion;
 658         WORD MinorVersion;
 659         DWORD Type;
 660         DWORD SizeOfData;
 661         DWORD AddressOfRawData;
 662         DWORD PointerToRawData;
 663 } IMAGE_DEBUG_DIRECTORY,*PIMAGE_DEBUG_DIRECTORY;
 664 typedef struct _FPO_DATA {
 665         DWORD ulOffStart;
 666         DWORD cbProcSize;
 667         DWORD cdwLocals;
 668         WORD cdwParams;
 669         WORD cbProlog:8;
 670         WORD cbRegs:3;
 671         WORD fHasSEH:1;
 672         WORD fUseBP:1;
 673         WORD reserved:1;
 674         WORD cbFrame:2;
 675 } FPO_DATA,*PFPO_DATA;
 676 typedef struct _IMAGE_DEBUG_MISC {
 677         DWORD DataType;
 678         DWORD Length;
 679         BOOLEAN Unicode;
 680         BYTE Reserved[3];
 681         BYTE Data[1];
 682 } IMAGE_DEBUG_MISC,*PIMAGE_DEBUG_MISC;
 683 typedef struct _IMAGE_FUNCTION_ENTRY {
 684         DWORD StartingAddress;
 685         DWORD EndingAddress;
 686         DWORD EndOfPrologue;
 687 } IMAGE_FUNCTION_ENTRY,*PIMAGE_FUNCTION_ENTRY;
 688 typedef struct _IMAGE_SEPARATE_DEBUG_HEADER {
 689         WORD Signature;
 690         WORD Flags;
 691         WORD Machine;
 692         WORD Characteristics;
 693         DWORD TimeDateStamp;
 694         DWORD CheckSum;
 695         DWORD ImageBase;
 696         DWORD SizeOfImage;
 697         DWORD NumberOfSections;
 698         DWORD ExportedNamesSize;
 699         DWORD DebugDirectorySize;
 700         DWORD Reserved[3];
 701 } IMAGE_SEPARATE_DEBUG_HEADER,*PIMAGE_SEPARATE_DEBUG_HEADER;
 702 #pragma pack(pop)
 703
 704 //
 705 // Import Format
 706 //
 707
 708 #define IMAGE_ORDINAL_FLAG 0x80000000
 709 #define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
 710
 711
 712 // Predefined resource types ... there may be some more, but I don't have
 713 //                               the information yet.  .....sang cho.....
 714
 715 #define    RT_NEWRESOURCE   0x2000
 716 #define    RT_ERROR         0x7fff
 717 #define    NEWBITMAP        (RT_BITMAP|RT_NEWRESOURCE)
 718 #define    NEWMENU          (RT_MENU|RT_NEWRESOURCE)
 719 #define    NEWDIALOG        (RT_DIALOG|RT_NEWRESOURCE)
 720
 721
 722 //
 723 // Resource Format.
 724 //
 725
 726 //
 727 // Resource directory consists of two counts, following by a variable length
 728 // array of directory entries.  The first count is the number of entries at
 729 // beginning of the array that have actual names associated with each entry.
 730 // The entries are in ascending order, case insensitive strings.  The second
 731 // count is the number of entries that immediately follow the named entries.
 732 // This second count identifies the number of entries that have 16-bit integer
 733 // Ids as their name.  These entries are also sorted in ascending order.
 734 //
 735 // This structure allows fast lookup by either name or number, but for any
 736 // given resource entry only one form of lookup is supported, not both.
 737 // This is consistant with the syntax of the .RC file and the .RES file.
 738 //
 739
 740
 741 //
 742 // Each directory contains the 32-bit Name of the entry and an offset,
 743 // relative to the beginning of the resource directory of the data associated
 744 // with this directory entry.  If the name of the entry is an actual text
 745 // string instead of an integer Id, then the high order bit of the name field
 746 // is set to one and the low order 31-bits are an offset, relative to the
 747 // beginning of the resource directory of the string, which is of type
 748 // IMAGE_RESOURCE_DIRECTORY_STRING.  Otherwise the high bit is clear and the
 749 // low-order 16-bits are the integer Id that identify this resource directory
 750 // entry. If the directory entry is yet another resource directory (i.e. a
 751 // subdirectory), then the high order bit of the offset field will be
 752 // set to indicate this.  Otherwise the high bit is clear and the offset
 753 // field points to a resource data entry.
 754 //
 755 typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY {
 756     DWORD    Name;
 757     DWORD    OffsetToData;
 758 } IMAGE_RESOURCE_DIRECTORY_ENTRY, *PIMAGE_RESOURCE_DIRECTORY_ENTRY;
 759 /*
 760 typedef struct _IMAGE_RESOURCE_DIRECTORY {
 761     DWORD   Characteristics;
 762     DWORD   TimeDateStamp;
 763     WORD    MajorVersion;
 764     WORD    MinorVersion;
 765     WORD    NumberOfNamedEntries;
 766     WORD    NumberOfIdEntries;
 767     IMAGE_RESOURCE_DIRECTORY_ENTRY DirectoryEntries[0];
 768 } IMAGE_RESOURCE_DIRECTORY, *PIMAGE_RESOURCE_DIRECTORY;
 769 */
 770 #define IMAGE_RESOURCE_NAME_IS_STRING        0x80000000
 771 #define IMAGE_RESOURCE_DATA_IS_DIRECTORY     0x80000000
 772
 773
 774
 775 //
 776 // For resource directory entries that have actual string names, the Name
 777 // field of the directory entry points to an object of the following type.
 778 // All of these string objects are stored together after the last resource
 779 // directory entry and before the first resource data object.  This minimizes
 780 // the impact of these variable length objects on the alignment of the fixed
 781 // size directory entry objects.
 782 //
 783 /* defined above from mingw. ei
 784 typedef struct _IMAGE_RESOURCE_DIRECTORY_STRING {
 785     WORD    Length;
 786     CHAR    NameString[ 1 ];
 787 } IMAGE_RESOURCE_DIRECTORY_STRING, *PIMAGE_RESOURCE_DIRECTORY_STRING;
 788
 789
 790 typedef struct _IMAGE_RESOURCE_DIR_STRING_U {
 791     WORD    Length;
 792     WCHAR   NameString[ 1 ];
 793 } IMAGE_RESOURCE_DIR_STRING_U, *PIMAGE_RESOURCE_DIR_STRING_U;
 794 */
 795
 796 //
 797 // Each resource data entry describes a leaf node in the resource directory
 798 // tree.  It contains an offset, relative to the beginning of the resource
 799 // directory of the data for the resource, a size field that gives the number
 800 // of bytes of data at that offset, a CodePage that should be used when
 801 // decoding code point values within the resource data.  Typically for new
 802 // applications the code page would be the unicode code page.
 803 //
 804 /* ei
 805 typedef struct _IMAGE_RESOURCE_DATA_ENTRY {
 806     DWORD   OffsetToData;
 807     DWORD   Size;
 808     DWORD   CodePage;
 809     DWORD   Reserved;
 810 } IMAGE_RESOURCE_DATA_ENTRY, *PIMAGE_RESOURCE_DATA_ENTRY;
 811 */
 812
 813 //  Menu Resources       ... added by .....sang cho....
 814
 815 // Menu resources are composed of a menu header followed by a sequential list
 816 // of menu items. There are two types of menu items: pop-ups and normal menu
 817 // itmes. The MENUITEM SEPARATOR is a special case of a normal menu item with
 818 // an empty name, zero ID, and zero flags.
 819
 820 typedef struct _IMAGE_MENU_HEADER{
 821         WORD   wVersion;        // Currently zero
 822         WORD   cbHeaderSize;    // Also zero
 823 } IMAGE_MENU_HEADER, *PIMAGE_MENU_HEADER;
 824
 825 typedef struct _IMAGE_POPUP_MENU_ITEM{
 826         WORD   fItemFlags;
 827         WCHAR  szItemText[1];
 828 } IMAGE_POPUP_MENU_ITEM, *PIMAGE_POPUP_MENU_ITEM;
 829
 830 typedef struct _IMAGE_NORMAL_MENU_ITEM{
 831         WORD   fItemFlags;
 832         WORD   wMenuID;
 833         WCHAR  szItemText[1];
 834 } IMAGE_NORMAL_MENU_ITEM, *PIMAGE_NORMAL_MENU_ITEM;
 835
 836 #define MI_GRAYED       0x0001 // GRAYED keyword
 837 #define MI_INACTIVE     0x0002 // INACTIVE keyword
 838 #define MI_BITMAP       0x0004 // BITMAP keyword
 839 #define MI_OWNERDRAW    0x0100 // OWNERDRAW keyword
 840 #define MI_CHECKED      0x0008 // CHECKED keyword
 841 #define MI_POPUP        0x0010 // used internally
 842 #define MI_MENUBARBREAK 0x0020 // MENUBARBREAK keyword
 843 #define MI_MENUBREAK    0x0040 // MENUBREAK keyword
 844 #define MI_ENDMENU      0x0080 // used internally
 845
 846 // Dialog Box Resources .................. added by sang cho.
 847
 848 // A dialog box is contained in a single resource and has a header and
 849 // a portion repeated for each control in the dialog box.
 850 // The item DWORD IStyle is a standard window style composed of flags found
 851 // in WINDOWS.H.
 852 // The default style for a dialog box is:
 853 // WS_POPUP | WS_BORDER | WS_SYSMENU
 854 //
 855 // The itme marked "Name or Ordinal" are :
 856 // If the first word is an 0xffff, the next two bytes contain an ordinal ID.
 857 // Otherwise, the first one or more WORDS contain a double-null-terminated string.
 858 // An empty string is represented by a single WORD zero in the first location.
 859 //
 860 // The WORD wPointSize and WCHAR szFontName entries are present if the FONT
 861 // statement was included for the dialog box. This can be detected by checking
 862 // the entry IStyle. If IStyle & DS_SETFONT ( which is 0x40), then these
 863 // entries will be present.
 864
 865 typedef struct _IMAGE_DIALOG_BOX_HEADER1{
 866         DWORD  IStyle;
 867         DWORD  IExtendedStyle;    // New for Windows NT
 868         WORD   nControls;         // Number of Controls
 869         WORD   x;
 870         WORD   y;
 871         WORD   cx;
 872         WORD   cy;
 873 //      N_OR_O MenuName;         // Name or Ordinal ID
 874 //      N_OR_O ClassName;                // Name or Ordinal ID
 875 //      WCHAR  szCaption[];
 876 //      WORD   wPointSize;       // Only here if FONT set for dialog
 877 //      WCHAR  szFontName[];     // This too
 878 } IMAGE_DIALOG_HEADER, *PIMAGE_DIALOG_HEADER;
 879
 880 typedef union _NAME_OR_ORDINAL{    // Name or Ordinal ID
 881         struct _ORD_ID{
 882             WORD   flgId;
 883             WORD   Id;
 884         } ORD_ID;
 885         WCHAR  szName[1];
 886 } NAME_OR_ORDINAL, *PNAME_OR_ORDINAL;
 887
 888 // The data for each control starts on a DWORD boundary (which may require
 889 // some padding from the previous control), and its format is as follows:
 890
 891 typedef struct _IMAGE_CONTROL_DATA{
 892         DWORD   IStyle;
 893         DWORD   IExtendedStyle;
 894         WORD    x;
 895         WORD    y;
 896         WORD    cx;
 897         WORD    cy;
 898         WORD    wId;
 899 //  N_OR_O  ClassId;
 900 //  N_OR_O  Text;
 901 //  WORD    nExtraStuff;
 902 } IMAGE_CONTROL_DATA, *PIMAGE_CONTROL_DATA;
 903
 904 #define BUTTON       0x80
 905 #define EDIT         0x81
 906 //#define STATIC       0x82
 907 #define LISTBOX      0x83
 908 #define SCROLLBAR    0x84
 909 #define COMBOBOX     0x85
 910
 911 // The various statements used in a dialog script are all mapped to these
 912 // classes along with certain modifying styles. The values for these styles
 913 // can be found in WINDOWS.H. All dialog controls have the default styles
 914 // of WS_CHILD and WS_VISIBLE. A list of the default styles used follows:
 915 //
 916 // Statement           Default Class         Default Styles
 917 // CONTROL             None                  WS_CHILD|WS_VISIBLE
 918 // LTEXT               STATIC                ES_LEFT
 919 // RTEXT               STATIC                ES_RIGHT
 920 // CTEXT               STATIC                ES_CENTER
 921 // LISTBOX             LISTBOX               WS_BORDER|LBS_NOTIFY
 922 // CHECKBOX            BUTTON                BS_CHECKBOX|WS_TABSTOP
 923 // PUSHBUTTON          BUTTON                BS_PUSHBUTTON|WS_TABSTOP
 924 // GROUPBOX            BUTTON                BS_GROUPBOX
 925 // DEFPUSHBUTTON       BUTTON                BS_DFPUSHBUTTON|WS_TABSTOP
 926 // RADIOBUTTON         BUTTON                BS_RADIOBUTTON
 927 // AUTOCHECKBOX        BUTTON                BS_AUTOCHECKBOX
 928 // AUTO3STATE          BUTTON                BS_AUTO3STATE
 929 // AUTORADIOBUTTON     BUTTON                BS_AUTORADIOBUTTON
 930 // PUSHBOX             BUTTON                BS_PUSHBOX
 931 // STATE3              BUTTON                BS_3STATE
 932 // EDITTEXT            EDIT                  ES_LEFT|WS_BORDER|WS_TABSTOP
 933 // COMBOBOX            COMBOBOX              None
 934 // ICON                STATIC                SS_ICON
 935 // SCROLLBAR           SCROLLBAR             None
 936 ///
 937
 938 #define IMAGE_DEBUG_TYPE_UNKNOWN          0
 939 #define IMAGE_DEBUG_TYPE_COFF             1
 940 #define IMAGE_DEBUG_TYPE_CODEVIEW         2
 941 #define IMAGE_DEBUG_TYPE_FPO              3
 942 #define IMAGE_DEBUG_TYPE_MISC             4
 943 #define IMAGE_DEBUG_TYPE_EXCEPTION        5
 944 #define IMAGE_DEBUG_TYPE_FIXUP            6
 945 #define IMAGE_DEBUG_TYPE_OMAP_TO_SRC      7
 946 #define IMAGE_DEBUG_TYPE_OMAP_FROM_SRC    8
 947
 948
 949
 950 //
 951 // Debugging information can be stripped from an image file and placed
 952 // in a separate .DBG file, whose file name part is the same as the
 953 // image file name part (e.g. symbols for CMD.EXE could be stripped
 954 // and placed in CMD.DBG).  This is indicated by the IMAGE_FILE_DEBUG_STRIPPED
 955 // flag in the Characteristics field of the file header.  The beginning of
 956 // the .DBG file contains the following structure which captures certain
 957 // information from the image file.  This allows a debug to proceed even if
 958 // the original image file is not accessable.  This header is followed by
 959 // zero of more IMAGE_SECTION_HEADER structures, followed by zero or more
 960 // IMAGE_DEBUG_DIRECTORY structures.  The latter structures and those in
 961 // the image file contain file offsets relative to the beginning of the
 962 // .DBG file.
 963 //
 964 // If symbols have been stripped from an image, the IMAGE_DEBUG_MISC structure
 965 // is left in the image file, but not mapped.  This allows a debugger to
 966 // compute the name of the .DBG file, from the name of the image in the
 967 // IMAGE_DEBUG_MISC structure.
 968 //
 969 /*  ei
 970 typedef struct _IMAGE_SEPARATE_DEBUG_HEADER {
 971     WORD        Signature;
 972     WORD        Flags;
 973     WORD        Machine;
 974     WORD        Characteristics;
 975     DWORD       TimeDateStamp;
 976     DWORD       CheckSum;
 977     DWORD       ImageBase;
 978     DWORD       SizeOfImage;
 979     DWORD       NumberOfSections;
 980     DWORD       ExportedNamesSize;
 981     DWORD       DebugDirectorySize;
 982     DWORD       SectionAlignment;
 983     DWORD       Reserved[2];
 984 } IMAGE_SEPARATE_DEBUG_HEADER, *PIMAGE_SEPARATE_DEBUG_HEADER;
 985 */
 986 #define IMAGE_SEPARATE_DEBUG_SIGNATURE  0x4944
 987
 988 #define IMAGE_SEPARATE_DEBUG_FLAGS_MASK 0x8000
 989 #define IMAGE_SEPARATE_DEBUG_MISMATCH   0x8000  // when DBG was updated, the
 990                                                 // old checksum didn't match.
 991
 992 //
 993 // End Image Format
 994 //
 995
 996 #define SIZE_OF_NT_SIGNATURE    sizeof (DWORD)
 997 #define MAXRESOURCENAME         13
 998
 999 /* global macros to define header offsets into file */
1000 /* offset to PE file signature                                 */
1001 #define NTSIGNATURE(a) ((LPVOID)((BYTE *)a                   +  \
1002                         ((PIMAGE_DOS_HEADER)a)->e_lfanew))
1003
1004 /* DOS header identifies the NT PEFile signature dword
1005    the PEFILE header exists just after that dword              */
1006 #define PEFHDROFFSET(a) ((LPVOID)((BYTE *)a                  +  \
1007                          ((PIMAGE_DOS_HEADER)a)->e_lfanew    +  \
1008                          SIZE_OF_NT_SIGNATURE))
1009
1010 /* PE optional header is immediately after PEFile header       */
1011 #define OPTHDROFFSET(a) ((LPVOID)((BYTE *)a                  +  \
1012                          ((PIMAGE_DOS_HEADER)a)->e_lfanew    +  \
1013                          SIZE_OF_NT_SIGNATURE                +  \
1014                          sizeof (IMAGE_FILE_HEADER)))
1015
1016 /* section headers are immediately after PE optional header    */
1017 #define SECHDROFFSET(a) ((LPVOID)((BYTE *)a                  +  \
1018                          ((PIMAGE_DOS_HEADER)a)->e_lfanew    +  \
1019                          SIZE_OF_NT_SIGNATURE                +  \
1020                          sizeof (IMAGE_FILE_HEADER)          +  \
1021                          sizeof (IMAGE_OPTIONAL_HEADER)))
1022
1023 //#define FIELD_OFFSET(type, field)    ((LONG)(LONG_PTR)&(((type *)0)->field))
1024 /* defined above ei
1025 #define IMAGE_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER)        \
1026     ((ULONG_PTR)ntheader +                                              \
1027      FIELD_OFFSET( IMAGE_NT_HEADERS, OptionalHeader ) +                 \
1028      ((PIMAGE_NT_HEADERS)(ntheader))->FileHeader.SizeOfOptionalHeader   \
1029     ))
1030 */
1031
1032 #define MakePtr( cast, ptr, addValue ) (cast)( (DWORD)(ptr) + (DWORD)(addValue))
1033
1034 typedef struct _IMAGE_IMPORT_MODULE_DIRECTORY
1035 {
1036   DWORD    dwRVAFunctionNameList;
1037   DWORD    dwUseless1;
1038   DWORD    dwUseless2;
1039   DWORD    dwRVAModuleName;
1040   DWORD    dwRVAFunctionAddressList;
1041 } IMAGE_IMPORT_MODULE_DIRECTORY, *PIMAGE_IMPORT_MODULE_DIRECTORY;
1042
1043 typedef struct _RELOCATION_DIRECTORY
1044 {
1045     DWORD  VirtualAddress; /* adresse virtuelle du bloc ou se font les relocations */
1046     DWORD   SizeOfBlock;    // taille de cette structure + des structures
1047                         // relocation_entry qui suivent (ces dernieres sont
1048                         // donc au nombre de (SizeOfBlock-8)/2
1049 } RELOCATION_DIRECTORY, *PRELOCATION_DIRECTORY;
1050
1051 typedef struct _RELOCATION_ENTRY
1052 {
1053     WORD    TypeOffset;
1054         //      (TypeOffset >> 12) est le type
1055         //      (TypeOffset&0xfff) est l'offset dans le bloc
1056 } RELOCATION_ENTRY, *PRELOCATION_ENTRY;
1057
1058 #define TYPE_RELOC_ABSOLUTE     0
1059 #define TYPE_RELOC_HIGH         1
1060 #define TYPE_RELOC_LOW          2
1061 #define TYPE_RELOC_HIGHLOW      3
1062 #define TYPE_RELOC_HIGHADJ      4
1063 #define TYPE_RELOC_MIPS_JMPADDR 5
1064
1065 #endif /* __INCLUDE_PE_H */