This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

RE: read/write header characteristics of Win32/PE executable

From: Pavel Pavlov <pavel at summit-tech dot ca>
To: Sean McNamara <smcnam at gmail dot com>, "binutils at sourceware dot org" <binutils at sourceware dot org>
Date: Thu, 22 Jul 2010 16:19:20 -0400
Subject: RE: read/write header characteristics of Win32/PE executable
References: <AANLkTinzk26Qhbj2z8zORzgg-q0gqNN-0gEaJuXQqqBB@mail.gmail.com> <FEC208E803C7894F9CAB7B7410AC264453D63A8F6F@EXCHANGE03.pacifica.ca> <AANLkTimnf4tvHIVpRmNj9g5XZd-WJP573BlT_BWN9d8C@mail.gmail.com>

> -----Original Message-----
> From: binutils-owner@sourceware.org [mailto:binutils-
> owner@sourceware.org] On Behalf Of Sean McNamara
> Sent: Thursday, July 22, 2010 07:05
> To: binutils@sourceware.org
> Subject: Re: read/write header characteristics of Win32/PE executable
> 
> Pavel,
> 
> 
> On Wed, Jul 21, 2010 at 5:13 PM, Pavel Pavlov <pavel@summit-tech.ca>
> wrote:
> >> -----Original Message-----
> >> From: binutils-owner@sourceware.org [mailto:binutils-
> >> owner@sourceware.org] On Behalf Of Sean McNamara
> >> Sent: Wednesday, July 21, 2010 04:04
> >> To: binutils@sourceware.org
> >> Subject: bfd: read/write header characteristics of Win32/PE
> >> executable
> >>
> >> Hello,
> >>
> >
> > Hi Sean, I'm not good at bfd, but your task seems to be trivial enough to do
> it using plain winapi!! Accessing PE headers is really easy, using bfd for that...
> you'll waste more time figuring out simple stuff, while straight forward
> winapi will get you there in a couple of hours. I had to do something related
> to PE and eventually I did it all myself without any libraries.
> > ontl has some good code that you can use for reference:
> > http://code.google.com/p/ontl/source/browse/trunk/ntl/pe/image.hxx
> > If you ask on their mailing list on how to switch from bfd to ontl for your
> simple task, I think you'll get a 5 line function that does what you want.
> 
> First the good news: I've hacked together a program that did what I wanted.
> :)
> 
> I ended up giving up on ontl (it's very poorly documented, and doesn't work
> with MinGW, and I couldn't figure it out at all). Instead, I went with the pure
> Win32 API. I used a combination of
> http://blogs.msdn.com/b/kstanton/archive/2004/03/31/105060.aspx and
> http://technet.microsoft.com/en-us/library/ee829684%28WS.10%29.aspx
> and some wine-1.2 code ;-) to get what I needed.
> 
> Turns out that 99% of the structural information about Win32/PE files is quite
> literally documented in <winnt.h> which is included either in MSVC or
> MinGW.
> 
> Setting the LAA flag was easy; then I spent another few hours figuring out
> how to fix the checksum.
> 
> Setting a correct checksum is good; setting a 0 checksum is acceptable
> (usually) but may lead to problems; and setting an incorrect checksum (or not
> updating the checksum if it was previously non-zero and you change the LAA
> bit) is highly unacceptable, according to Win32. If you just change the LAA bit,
> it complains that it's not a valid win32 application ;)
> 
> Anyway, thanks to wine code and winnt.h, I brought together a program that
> compiles on both *NIX and Win32 that does the job.
> 
> I made a release in git at git://tiyukquellmalz.org/pelaa.git and the tarball is at
> http://tiyukquellmalz.org/pelaa/pelaa-latest.tar.bz2
> 
> The bad news is that I gave up on getting bfd to do this. I don't really *need*
> bfd, as I can see now; my program is basically just POSIX fopen/fread/fwrite
> + C99.
> 
> Anyway, I wanted to write in to share the fruits of my labor (licensed
> GPLv3+) and to say that I learned a lot about low-level programming,
> BFD, Win32/PE, and binary formats in general over the last 3 days.
> Part of that was because you helped me along. :) I guess it is also semi-
> relevant to the list, too, to note that some things can be done _without_
> needing BFD -- almost as useful as knowing what BFD _can_ do.
> 
> Thanks a lot,
> 
> Sean



I'm happy it helped you. I subscribed to this list to get some help on using BFD but I came to conclusion that it's useless for almost everything except gcc. My first task was way more complicated than yours, I had to write complete PE dll loader for windows mobile. Even for this project I ended up using plain winapi, but ontl was the best reference for me (cryptic c-style hacks all around the web on how to do relocs and stuff were only confusing; whereas ontl has simple clear and short readable code).
Basically, I wrote my own implementation of LoadLibrary and GetProcAddress using plain fread and it works perfectly for me. Now I need to write something similar to load elf binaries on windows (!!) and I'm half done with it and the definite authority on loading elf binaries I think is the bfd/binutils and I didn't even look into it... I simply don't have enough time to figure out how to compile it, how to link to it, how to use it... and I prefer to use visual studio just because I'm more efficient with MS tools and I hate life if I need to debug with gdb :)

References:
- bfd: read/write header characteristics of Win32/PE executable
  - From: Sean McNamara
- RE: read/write header characteristics of Win32/PE executable
  - From: Pavel Pavlov
- Re: read/write header characteristics of Win32/PE executable
  - From: Sean McNamara

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]