Click here to Skip to main content
15,895,799 members
Search within:


Articles / Programming Languages / C++
 

ExeScanner

Rate me:
Please Sign up or sign in to vote.
4.91/5 (67 votes)
6 Jun 20052 min read 115.9K   4.3K   102  
This article explains how to enumerate all the objects in a Portable Executable and manipulate them.
 
/******************************************************************************
*
* PROJECT:		ExeScanner
* FILE NAME:	PEFile.cpp
*
* DEVELOPER:	Vishalsinh Jhala
* DATE:			2-Apr-2005
*
* DESCRIPTION:	Defination file for class PEFile.
*
* NOTES:		Represents PE File. Allows client classes to read/write 
*				directly to file by specifying physical offset from Begin.
*
******************************************************************************/
#include "StdAfx.h"
#include "pefile.h"

PEFile::PEFile(CString strPath)
	:m_strPath(strPath)
{
	
	m_pFile = new CFile;
		
	try
	{
		CFileException e;
        
		//Open File
		if( !m_pFile->Open(m_strPath,
			CFile::modeReadWrite|CFile::shareDenyWrite|CFile::typeBinary
			,&e) )
		{
			char *pErrMsg = new char[1024];
			e.GetErrorMessage(pErrMsg,1024);
			throw new PEFileException(pErrMsg);
		}
	}
	catch(PEFileException *e)
	{
		if( m_pFile )
			delete m_pFile;

		throw e;
	}

}

PEFile::~PEFile(void)
{
	if(m_pFile)
		delete m_pFile;
}
/******************************************************************************
* Function Name: Read
*
* Note: Function Reads data at dwImageBase+dwRVA relative to begin of file
*		Memory Allocation & deallocation of pBuff is clients' responsibility.
*
******************************************************************************/
int PEFile::Read(DWORD dwImageBase, DWORD dwRVA, BYTE* pBuff, int iSize)
{
	int iRet = 0;
	
	try
	{
		m_pFile->Seek(dwImageBase+dwRVA,CFile::begin);
		iRet = m_pFile->Read(pBuff,iSize);
	}
	catch(CFileException *e)
	{
		char *szErrMsg = new char[1024];
		e->GetErrorMessage(szErrMsg,1024);
		throw new PEFileException(szErrMsg);
	}
	
	return iRet;

}
/******************************************************************************
* Function Name: Write
*
* Note: Function writes data at dwImageBase+dwRVA relative to begin of file
*		Memory Allocation & deallocation of pBuff is clients' responsibility.
*
******************************************************************************/
void PEFile::Write(DWORD dwImageBase, DWORD dwRVA, BYTE* pBuff, int iSize)
{
	
	try
	{
		m_pFile->Seek(dwImageBase+dwRVA,CFile::begin);
		m_pFile->Write(pBuff,iSize);
	}
	catch(CFileException *e)
	{
		char *szErrMsg = new char[1024];
		e->GetErrorMessage(szErrMsg,1024);
		throw new PEFileException(szErrMsg);
	}

}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


Written By
Vishalsinh Jhala
Web Developer
United States United States
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 6 Jun 2005

Article Copyright 2005 by Vishalsinh Jhala
Everything else Copyright © CodeProject, 1999-2024

Web02 2.8:2024-04-02:1