Add helper for walking the resource directory inside a PE file #425
Conversation
Guiguiprim
force-pushed
the
add-pe-resource
branch
3 times, most recently
from
fda29ca
to
a636481
Compare
src/pe.rs
Outdated
| } | ||
|
|
||
| pub const IMAGE_RESOURCE_NAME_IS_STRING: u32 = 0x8000_0000; | ||
| pub const IMAGE_RESOURCE_DATA_IS_DIRECTORY: u32 = 0x8000_0000; | ||
| pub const IMAGE_RESOURCE_NAME_OFFSET_MASK: u32 = 0x7FFF_FFFF; | ||
| pub const IMAGE_RESOURCE_NAME_ID_MASK: u32 = 0x0000_FFFF; |
There was a problem hiding this comment.
I know the comment below says that IDs are 16-bit, but the Microsoft PE Format documentation says they are 32-bit.
Ghidra parses them as 16-bit, so I'm not sure what is correct here.
Guiguiprim
force-pushed
the
add-pe-resource
branch
from
a636481
to
d2f0f06
Compare
|
It looks like the changes I made in Is there a special setup I should follow for running those tests ? |
|
You'll need to run |
|
I never made PRs with submodule. |
|
No, you don't need to change the submodule, you just need to ensure git has checked it out so that you have a copy of https://github.com/gimli-rs/object-testfiles/blob/8392ac7ffa09cd31f24aa0f3ef77e08034cbca41/pe/base-gnu.exe, and then update the |
Add helpers for navigating a PE file resource directory
Guiguiprim
force-pushed
the
add-pe-resource
branch
from
d2f0f06
to
6cc16ab
Compare
|
Done
The test sources are in one place and the test expected outputs in an other, makes sense. Them having the same folder name confused me a little bit. |
Add new API to allow walking the resource directory inside a PE file.
The entry point is
PeFile::resource_directory_table(&self) -> Result<ResourceDirectoryTable<'data>>, from there it offers an iterator to visit every entries in the directory (ResourceDirectoryTable::iter(&self) -> impl Iterator<Item = ResourceDirectoryEntry<'data>>).The API is mostly lazy, only reading data as needed (doesn't read entries and sub-directories data unless visited).
Also add a small binary
perscdumpas an example which print the resource data tree.