diff --git a/GleeBug/GleeBug.vcxproj b/GleeBug/GleeBug.vcxproj
index 7744da8..3e3d3e3 100644
--- a/GleeBug/GleeBug.vcxproj
+++ b/GleeBug/GleeBug.vcxproj
@@ -182,6 +182,7 @@
+
diff --git a/GleeBug/GleeBug.vcxproj.filters b/GleeBug/GleeBug.vcxproj.filters
index ec68345..1557404 100644
--- a/GleeBug/GleeBug.vcxproj.filters
+++ b/GleeBug/GleeBug.vcxproj.filters
@@ -118,5 +118,8 @@
Header Files
+
+ Header Files
+
\ No newline at end of file
diff --git a/GleeBug/Static.Pe.Section.h b/GleeBug/Static.Pe.Section.h
new file mode 100644
index 0000000..c0bef30
--- /dev/null
+++ b/GleeBug/Static.Pe.Section.h
@@ -0,0 +1,33 @@
+#ifndef STATIC_PE_SECTION_H
+#define STATIC_PE_SECTION_H
+
+#include "Static.Region.h"
+
+namespace GleeBug
+{
+ class Section : public Region < uint8 >
+ {
+ public:
+ explicit Section()
+ : Region()
+ {
+ }
+
+ explicit Section(std::vector* data, uint32 offset, uint32 size, PIMAGE_SECTION_HEADER header)
+ : Region(data, offset, size),
+ mHeader(header)
+ {
+ }
+
+ PIMAGE_SECTION_HEADER GetHeader() { return mHeader; }
+ uint32 GetVirtualAddress() { return mHeader->VirtualAddress; }
+ uint32 GetVirtualSize() { return mHeader->Misc.VirtualSize; }
+ uint32 GetRawAddress() { return mHeader->PointerToRawData; }
+ uint32 GetRawSize() { return mHeader->SizeOfRawData; }
+
+ private:
+ PIMAGE_SECTION_HEADER mHeader;
+ };
+};
+
+#endif //STATIC_PE_SECTION_H
\ No newline at end of file
diff --git a/GleeBug/Static.Pe.cpp b/GleeBug/Static.Pe.cpp
index 4775cf5..c45691c 100644
--- a/GleeBug/Static.Pe.cpp
+++ b/GleeBug/Static.Pe.cpp
@@ -11,18 +11,30 @@ namespace GleeBug
void Pe::Clear()
{
- mFileSize = 0;
mData.clear();
mOffset = 0;
- mDosHeader = Region();
+
+ mDosHeader.Clear();
mDosNtOverlap = false;
- mAfterDosData = Region();
- mNtHeaders32 = Region();
- mNtHeaders64 = Region();
- mSectionHeaders = Region();
+ mAfterDosData.Clear();
+ mNtHeaders32.Clear();
+ mNtHeaders64.Clear();
+ mAfterOptionalData.Clear();
+ mSectionHeaders.Clear();
+ mSections.clear();
}
- Pe::Error Pe::ParseHeaders(bool allowOverlap)
+ bool Pe::IsValidPe() const
+ {
+ return IsPe64() ? mNtHeaders64.Valid() : mNtHeaders32.Valid();
+ }
+
+ bool Pe::IsPe64() const
+ {
+ return IsValidPe() ? mNtHeaders64.Valid() : false;
+ }
+
+ Pe::Error Pe::Parse(bool allowOverlap)
{
//clear all current data
Clear();
@@ -139,17 +151,20 @@ namespace GleeBug
auto sectionCount = ifh->NumberOfSections;
mSectionHeaders = readRegion(sectionCount);
+ //parse the sections
+ auto sectionsError = parseSections();
+ if (sectionsError != ErrorOk)
+ return sectionsError;
+
+ //TODO: parse data directories
return ErrorOk;
}
- bool Pe::IsValidPe() const
+ Pe::Error Pe::parseSections()
{
- return mSectionHeaders.Valid();
- }
-
- bool Pe::IsPe64() const
- {
- return IsValidPe() ? mNtHeaders64.Valid() : false;
+ auto numberOfSections = mSectionHeaders.Count();
+ //TODO: parse section data
+ return ErrorOk;
}
uint32 Pe::readData(uint32 size)
diff --git a/GleeBug/Static.Pe.h b/GleeBug/Static.Pe.h
index b5d3412..17c3d69 100644
--- a/GleeBug/Static.Pe.h
+++ b/GleeBug/Static.Pe.h
@@ -3,6 +3,7 @@
#include "Static.File.h"
#include "Static.Region.h"
+#include "Static.Pe.Section.h"
namespace GleeBug
{
@@ -31,10 +32,10 @@ namespace GleeBug
explicit Pe(File & file);
- void Clear();
- Error ParseHeaders(bool allowOverlap = false);
bool IsValidPe() const;
bool IsPe64() const;
+ void Clear();
+ Error Parse(bool allowOverlap = false);
const Region & GetDosHeader() const { return mDosHeader; }
bool GetDosNtOverlap() const { return mDosNtOverlap; }
@@ -43,8 +44,10 @@ namespace GleeBug
const Region & GetNtHeaders64() const { return mNtHeaders64; }
const Region & GetAfterOptionalData() const { return mAfterOptionalData; }
const Region & GetSectionHeaders() const { return mSectionHeaders; }
+ const std::vector & GetSections() const { return mSections; }
private:
+ Error parseSections();
uint32 readData(uint32 size);
void setupErrorMap();
@@ -55,8 +58,8 @@ namespace GleeBug
}
std::unordered_map mErrorMap;
+
File & mFile;
- uint32 mFileSize;
std::vector mData;
uint32 mOffset;
@@ -67,6 +70,7 @@ namespace GleeBug
Region mNtHeaders64;
Region mAfterOptionalData;
Region mSectionHeaders;
+ std::vector mSections;
};
};
diff --git a/GleeBug/Static.Region.h b/GleeBug/Static.Region.h
index 6248621..bca3b3b 100644
--- a/GleeBug/Static.Region.h
+++ b/GleeBug/Static.Region.h
@@ -34,6 +34,14 @@ namespace GleeBug
{
}
+ /**
+ \brief Clears and invalidates this region.
+ */
+ void Clear()
+ {
+ *this = Region();
+ }
+
/**
\brief Returns a pointer inside the data to the start of this region.
\return nullptr if the region is invalid, a pointer to the data otherwise.
@@ -109,7 +117,7 @@ namespace GleeBug
return Data();
}
- private:
+ protected:
std::vector* mData;
uint32 mOffset;
uint32 mCount;
diff --git a/MyDebugger/main.cpp b/MyDebugger/main.cpp
index e4af39e..a32e97c 100644
--- a/MyDebugger/main.cpp
+++ b/MyDebugger/main.cpp
@@ -50,7 +50,7 @@ static bool testPeFile(const wchar_t* szFileName, bool dumpData = true)
{
BufferFile file(diskData.data(), diskSize);
Pe pe(file);
- auto parseError = pe.ParseHeaders(true);
+ auto parseError = pe.Parse(true);
if (parseError == Pe::ErrorOk)
{
result = true;
@@ -107,7 +107,7 @@ static bool testPeFile(const wchar_t* szFileName, bool dumpData = true)
}
}
else
- printf("Pe::ParseHeaders failed (%d)!\n", parseError);
+ printf("Pe::Parse failed (%d)!\n", parseError);
}
else
puts("File::Read failed!");