Add ParseOptions field to toggle parsing Attribute Certificates for PEs loaded into memory
#377
Conversation
|
I'm open to opinions here design-wise -- in order to avoid a major version bump, I feature-gated the new |
|
Since there are breaking changes coming up I think the design of this should ignore that as a downside; I don't think a feature flag for this is the best approach, and would prefer it to work programatically instead, if you're still up for fixing it :) |
|
Makes sense, changed it accordingly. Let me know what else I can do here to get it merged! |
| /// Set to false for in-memory representation, as the [loader does not map this info into | ||
| /// memory](https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#other-contents-of-the-file). | ||
| /// For on-disk representations, leave as true. Default: true | ||
| pub parse_attribute_certificates: bool, |
There was a problem hiding this comment.
Nit: it would perhaps be slightly better to have the fields in ascending alphanumeric order (that is, parse_attribute_certificates before resolve_rva).
|
Hello, just wanted to drop by and say that this proved useful to me, for parsing a binary loaded in memory inside an UEFI environment. If I were very fussy, I would say that perhaps you could add a comment to the description of the field Except for the 6 commits that could probably be squashed into a single one, this looks good to me. |
There was a problem hiding this comment.
If you think adding the comment as @nightmared suggested is ok, then go ahead otherwise I’ll merge this in a few hours
|
released in 0.8.0, happy new year! |
Per this documentation (just above "Section Data"), the attribute certificate table is not loaded into memory along with the rest of the PE. This PR fixes #376 by adding a
ParseOptionsfield that allows a user to skip parsing the attribute certificate table altogether, making parsing of loaded PEs possible.