• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2     PE32+ header file
3  */
4 #ifndef _PE_H
5 #define _PE_H
6 
7 #define IMAGE_DOS_SIGNATURE                 0x5A4D      // MZ
8 #define IMAGE_OS2_SIGNATURE                 0x454E      // NE
9 #define IMAGE_OS2_SIGNATURE_LE              0x454C      // LE
10 #define IMAGE_NT_SIGNATURE                  0x00004550  // PE00
11 #define IMAGE_EDOS_SIGNATURE                0x44454550  // PEED
12 
13 /*****************************************************************************
14  * The following stuff comes from winnt.h from the ia64sdk, plus the Plabel for
15  * loading EM executables.
16  *****************************************************************************/
17 //
18 // Intel IA64 specific
19 //
20 
21 #define IMAGE_REL_BASED_IA64_IMM64            9
22 #define IMAGE_REL_BASED_IA64_DIR64            10
23 
24 struct Plabel {
25     UINT64  EntryPoint;
26     UINT64  NewGP;
27 };
28 
29 typedef struct _IMAGE_DOS_HEADER {      // DOS .EXE header
30     UINT16   e_magic;                     // Magic number
31     UINT16   e_cblp;                      // Bytes on last page of file
32     UINT16   e_cp;                        // Pages in file
33     UINT16   e_crlc;                      // Relocations
34     UINT16   e_cparhdr;                   // Size of header in paragraphs
35     UINT16   e_minalloc;                  // Minimum extra paragraphs needed
36     UINT16   e_maxalloc;                  // Maximum extra paragraphs needed
37     UINT16   e_ss;                        // Initial (relative) SS value
38     UINT16   e_sp;                        // Initial SP value
39     UINT16   e_csum;                      // Checksum
40     UINT16   e_ip;                        // Initial IP value
41     UINT16   e_cs;                        // Initial (relative) CS value
42     UINT16   e_lfarlc;                    // File address of relocation table
43     UINT16   e_ovno;                      // Overlay number
44     UINT16   e_res[4];                    // Reserved words
45     UINT16   e_oemid;                     // OEM identifier (for e_oeminfo)
46     UINT16   e_oeminfo;                   // OEM information; e_oemid specific
47     UINT16   e_res2[10];                  // Reserved words
48     UINT32   e_lfanew;                    // File address of new exe header
49   } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;
50 
51 typedef struct _IMAGE_OS2_HEADER {      // OS/2 .EXE header
52     UINT16   ne_magic;                    // Magic number
53     UINT8    ne_ver;                      // Version number
54     UINT8    ne_rev;                      // Revision number
55     UINT16   ne_enttab;                   // Offset of Entry Table
56     UINT16   ne_cbenttab;                 // Number of bytes in Entry Table
57     UINT32   ne_crc;                      // Checksum of whole file
58     UINT16   ne_flags;                    // Flag UINT16
59     UINT16   ne_autodata;                 // Automatic data segment number
60     UINT16   ne_heap;                     // Initial heap allocation
61     UINT16   ne_stack;                    // Initial stack allocation
62     UINT32   ne_csip;                     // Initial CS:IP setting
63     UINT32   ne_sssp;                     // Initial SS:SP setting
64     UINT16   ne_cseg;                     // Count of file segments
65     UINT16   ne_cmod;                     // Entries in Module Reference Table
66     UINT16   ne_cbnrestab;                // Size of non-resident name table
67     UINT16   ne_segtab;                   // Offset of Segment Table
68     UINT16   ne_rsrctab;                  // Offset of Resource Table
69     UINT16   ne_restab;                   // Offset of resident name table
70     UINT16   ne_modtab;                   // Offset of Module Reference Table
71     UINT16   ne_imptab;                   // Offset of Imported Names Table
72     UINT32   ne_nrestab;                  // Offset of Non-resident Names Table
73     UINT16   ne_cmovent;                  // Count of movable entries
74     UINT16   ne_align;                    // Segment alignment shift count
75     UINT16   ne_cres;                     // Count of resource segments
76     UINT8    ne_exetyp;                   // Target Operating system
77     UINT8    ne_flagsothers;              // Other .EXE flags
78     UINT16   ne_pretthunks;               // offset to return thunks
79     UINT16   ne_psegrefbytes;             // offset to segment ref. bytes
80     UINT16   ne_swaparea;                 // Minimum code swap area size
81     UINT16   ne_expver;                   // Expected Windows version number
82   } IMAGE_OS2_HEADER, *PIMAGE_OS2_HEADER;
83 
84 //
85 // File header format.
86 //
87 
88 typedef struct _IMAGE_FILE_HEADER {
89     UINT16   Machine;
90     UINT16   NumberOfSections;
91     UINT32   TimeDateStamp;
92     UINT32   PointerToSymbolTable;
93     UINT32   NumberOfSymbols;
94     UINT16   SizeOfOptionalHeader;
95     UINT16   Characteristics;
96 } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
97 
98 #define IMAGE_SIZEOF_FILE_HEADER             20
99 
100 #define IMAGE_FILE_RELOCS_STRIPPED           0x0001  // Relocation info stripped from file.
101 #define IMAGE_FILE_EXECUTABLE_IMAGE          0x0002  // File is executable  (i.e. no unresolved externel references).
102 #define IMAGE_FILE_LINE_NUMS_STRIPPED        0x0004  // Line nunbers stripped from file.
103 #define IMAGE_FILE_LOCAL_SYMS_STRIPPED       0x0008  // Local symbols stripped from file.
104 #define IMAGE_FILE_BYTES_REVERSED_LO         0x0080  // Bytes of machine word are reversed.
105 #define IMAGE_FILE_32BIT_MACHINE             0x0100  // 32 bit word machine.
106 #define IMAGE_FILE_DEBUG_STRIPPED            0x0200  // Debugging info stripped from file in .DBG file
107 #define IMAGE_FILE_SYSTEM                    0x1000  // System File.
108 #define IMAGE_FILE_DLL                       0x2000  // File is a DLL.
109 #define IMAGE_FILE_BYTES_REVERSED_HI         0x8000  // Bytes of machine word are reversed.
110 
111 #define IMAGE_FILE_MACHINE_UNKNOWN           0
112 #define IMAGE_FILE_MACHINE_I386              0x14c   // Intel 386.
113 #define IMAGE_FILE_MACHINE_R3000             0x162   // MIPS little-endian, 0540 big-endian
114 #define IMAGE_FILE_MACHINE_R4000             0x166   // MIPS little-endian
115 #define IMAGE_FILE_MACHINE_ALPHA             0x184   // Alpha_AXP
116 #define IMAGE_FILE_MACHINE_ARMTHUMB_MIXED    0x1c2   // Arm/Thumb
117 #define IMAGE_FILE_MACHINE_POWERPC           0x1F0   // IBM PowerPC Little-Endian
118 #define IMAGE_FILE_MACHINE_IA64              0x200   // IA-64
119 #define IMAGE_FILE_MACHINE_TAHOE             0x7cc   // Intel EM machine
120 #define IMAGE_FILE_MACHINE_EBC               0xebc   // EFI Byte Code
121 #define IMAGE_FILE_MACHINE_X64               0x8664  // x86_64
122 //
123 // Directory format.
124 //
125 
126 typedef struct _IMAGE_DATA_DIRECTORY {
127     UINT32   VirtualAddress;
128     UINT32   Size;
129 } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
130 
131 #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES    16
132 
133 
134 typedef struct _IMAGE_ROM_OPTIONAL_HEADER {
135     UINT16  Magic;
136     UINT8   MajorLinkerVersion;
137     UINT8   MinorLinkerVersion;
138     UINT32  SizeOfCode;
139     UINT32  SizeOfInitializedData;
140     UINT32  SizeOfUninitializedData;
141     UINT32  AddressOfEntryPoint;
142     UINT32  BaseOfCode;
143     UINT32  BaseOfData;
144     UINT32  BaseOfBss;
145     UINT32  GprMask;
146     UINT32  CprMask[4];
147     UINT32  GpValue;
148 } IMAGE_ROM_OPTIONAL_HEADER, *PIMAGE_ROM_OPTIONAL_HEADER;
149 
150 typedef struct _IMAGE_OPTIONAL_HEADER {
151     UINT16      Magic;
152     UINT8       MajorLinkerVersion;
153     UINT8       MinorLinkerVersion;
154     UINT32      SizeOfCode;
155     UINT32      SizeOfInitializedData;
156     UINT32      SizeOfUninitializedData;
157     UINT32      AddressOfEntryPoint;
158     UINT32      BaseOfCode;
159     // UINT32       BaseOfData;
160     UINT64      ImageBase;
161     UINT32      SectionAlignment;
162     UINT32      FileAlignment;
163     UINT16      MajorOperatingSystemVersion;
164     UINT16      MinorOperatingSystemVersion;
165     UINT16      MajorImageVersion;
166     UINT16      MinorImageVersion;
167     UINT16      MajorSubsystemVersion;
168     UINT16      MinorSubsystemVersion;
169     UINT32      Win32VersionValue;
170     UINT32      SizeOfImage;
171     UINT32      SizeOfHeaders;
172     UINT32      CheckSum;
173     UINT16      Subsystem;
174     UINT16      DllCharacteristics;
175     UINT64      SizeOfStackReserve;
176     UINT64      SizeOfStackCommit;
177     UINT64      SizeOfHeapReserve;
178     UINT64      SizeOfHeapCommit;
179     UINT32      LoaderFlags;
180     UINT32      NumberOfRvaAndSizes;
181     IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
182 } IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER;
183 
184 
185 #define IMAGE_SIZEOF_ROM_OPTIONAL_HEADER      56
186 #define IMAGE_SIZEOF_STD_OPTIONAL_HEADER      28
187 #define IMAGE_SIZEOF_NT_OPTIONAL_HEADER      224
188 #define IMAGE_SIZEOF_NT_OPTIONAL64_HEADER    244
189 
190 #define IMAGE_NT_OPTIONAL_HDR_MAGIC        0x10b
191 #define IMAGE_NT_OPTIONAL_HDR64_MAGIC      0x20b
192 #define IMAGE_ROM_OPTIONAL_HDR_MAGIC       0x107
193 
194 typedef struct _IMAGE_NT_HEADERS {
195     UINT32 Signature;
196     IMAGE_FILE_HEADER FileHeader;
197     IMAGE_OPTIONAL_HEADER OptionalHeader;
198 } IMAGE_NT_HEADERS, *PIMAGE_NT_HEADERS;
199 
200 typedef struct _IMAGE_ROM_HEADERS {
201     IMAGE_FILE_HEADER FileHeader;
202     IMAGE_ROM_OPTIONAL_HEADER OptionalHeader;
203 } IMAGE_ROM_HEADERS, *PIMAGE_ROM_HEADERS;
204 
205 #define IMAGE_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER)        \
206     ((UINT32)ntheader +                                                  \
207      FIELD_OFFSET( IMAGE_NT_HEADERS, OptionalHeader ) +                 \
208      ((PIMAGE_NT_HEADERS)(ntheader))->FileHeader.SizeOfOptionalHeader   \
209     ))
210 
211 
212 // Subsystem Values
213 
214 #define IMAGE_SUBSYSTEM_UNKNOWN              0   // Unknown subsystem.
215 #define IMAGE_SUBSYSTEM_NATIVE               1   // Image doesn't require a subsystem.
216 #define IMAGE_SUBSYSTEM_WINDOWS_GUI          2   // Image runs in the Windows GUI subsystem.
217 #define IMAGE_SUBSYSTEM_WINDOWS_CUI          3   // Image runs in the Windows character subsystem.
218 #define IMAGE_SUBSYSTEM_OS2_CUI              5   // image runs in the OS/2 character subsystem.
219 #define IMAGE_SUBSYSTEM_POSIX_CUI            7   // image run  in the Posix character subsystem.
220 
221 
222 // Directory Entries
223 
224 #define IMAGE_DIRECTORY_ENTRY_EXPORT         0   // Export Directory
225 #define IMAGE_DIRECTORY_ENTRY_IMPORT         1   // Import Directory
226 #define IMAGE_DIRECTORY_ENTRY_RESOURCE       2   // Resource Directory
227 #define IMAGE_DIRECTORY_ENTRY_EXCEPTION      3   // Exception Directory
228 #define IMAGE_DIRECTORY_ENTRY_SECURITY       4   // Security Directory
229 #define IMAGE_DIRECTORY_ENTRY_BASERELOC      5   // Base Relocation Table
230 #define IMAGE_DIRECTORY_ENTRY_DEBUG          6   // Debug Directory
231 #define IMAGE_DIRECTORY_ENTRY_COPYRIGHT      7   // Description String
232 #define IMAGE_DIRECTORY_ENTRY_GLOBALPTR      8   // Machine Value (MIPS GP)
233 #define IMAGE_DIRECTORY_ENTRY_TLS            9   // TLS Directory
234 #define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG   10   // Load Configuration Directory
235 
236 //
237 // Section header format.
238 //
239 
240 #define IMAGE_SIZEOF_SHORT_NAME              8
241 
242 typedef struct _IMAGE_SECTION_HEADER {
243     UINT8   Name[IMAGE_SIZEOF_SHORT_NAME];
244     union {
245             UINT32   PhysicalAddress;
246             UINT32   VirtualSize;
247     } Misc;
248     UINT32   VirtualAddress;
249     UINT32   SizeOfRawData;
250     UINT32   PointerToRawData;
251     UINT32   PointerToRelocations;
252     UINT32   PointerToLinenumbers;
253     UINT16   NumberOfRelocations;
254     UINT16   NumberOfLinenumbers;
255     UINT32   Characteristics;
256 } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER;
257 
258 #define IMAGE_SIZEOF_SECTION_HEADER          40
259 
260 #define IMAGE_SCN_TYPE_NO_PAD                0x00000008  // Reserved.
261 
262 #define IMAGE_SCN_CNT_CODE                   0x00000020  // Section contains code.
263 #define IMAGE_SCN_CNT_INITIALIZED_DATA       0x00000040  // Section contains initialized data.
264 #define IMAGE_SCN_CNT_UNINITIALIZED_DATA     0x00000080  // Section contains uninitialized data.
265 
266 #define IMAGE_SCN_LNK_OTHER                  0x00000100  // Reserved.
267 #define IMAGE_SCN_LNK_INFO                   0x00000200  // Section contains comments or some other type of information.
268 #define IMAGE_SCN_LNK_REMOVE                 0x00000800  // Section contents will not become part of image.
269 #define IMAGE_SCN_LNK_COMDAT                 0x00001000  // Section contents comdat.
270 
271 #define IMAGE_SCN_ALIGN_1BYTES               0x00100000  //
272 #define IMAGE_SCN_ALIGN_2BYTES               0x00200000  //
273 #define IMAGE_SCN_ALIGN_4BYTES               0x00300000  //
274 #define IMAGE_SCN_ALIGN_8BYTES               0x00400000  //
275 #define IMAGE_SCN_ALIGN_16BYTES              0x00500000  // Default alignment if no others are specified.
276 #define IMAGE_SCN_ALIGN_32BYTES              0x00600000  //
277 #define IMAGE_SCN_ALIGN_64BYTES              0x00700000  //
278 
279 #define IMAGE_SCN_MEM_DISCARDABLE            0x02000000  // Section can be discarded.
280 #define IMAGE_SCN_MEM_NOT_CACHED             0x04000000  // Section is not cachable.
281 #define IMAGE_SCN_MEM_NOT_PAGED              0x08000000  // Section is not pageable.
282 #define IMAGE_SCN_MEM_SHARED                 0x10000000  // Section is shareable.
283 #define IMAGE_SCN_MEM_EXECUTE                0x20000000  // Section is executable.
284 #define IMAGE_SCN_MEM_READ                   0x40000000  // Section is readable.
285 #define IMAGE_SCN_MEM_WRITE                  0x80000000  // Section is writeable.
286 
287 //
288 // Symbol format.
289 //
290 
291 
292 #define IMAGE_SIZEOF_SYMBOL                  18
293 
294 //
295 // Section values.
296 //
297 // Symbols have a section number of the section in which they are
298 // defined. Otherwise, section numbers have the following meanings:
299 //
300 
301 #define IMAGE_SYM_UNDEFINED           (UINT16)0           // Symbol is undefined or is common.
302 #define IMAGE_SYM_ABSOLUTE            (UINT16)-1          // Symbol is an absolute value.
303 #define IMAGE_SYM_DEBUG               (UINT16)-2          // Symbol is a special debug item.
304 
305 //
306 // Type (fundamental) values.
307 //
308 
309 #define IMAGE_SYM_TYPE_NULL                  0           // no type.
310 #define IMAGE_SYM_TYPE_VOID                  1           //
311 #define IMAGE_SYM_TYPE_CHAR                  2           // type character.
312 #define IMAGE_SYM_TYPE_SHORT                 3           // type short integer.
313 #define IMAGE_SYM_TYPE_INT                   4           //
314 #define IMAGE_SYM_TYPE_LONG                  5           //
315 #define IMAGE_SYM_TYPE_FLOAT                 6           //
316 #define IMAGE_SYM_TYPE_DOUBLE                7           //
317 #define IMAGE_SYM_TYPE_STRUCT                8           //
318 #define IMAGE_SYM_TYPE_UNION                 9           //
319 #define IMAGE_SYM_TYPE_ENUM                  10          // enumeration.
320 #define IMAGE_SYM_TYPE_MOE                   11          // member of enumeration.
321 #define IMAGE_SYM_TYPE_BYTE                  12          //
322 #define IMAGE_SYM_TYPE_WORD                  13          //
323 #define IMAGE_SYM_TYPE_UINT                  14          //
324 #define IMAGE_SYM_TYPE_DWORD                 15          //
325 
326 //
327 // Type (derived) values.
328 //
329 
330 #define IMAGE_SYM_DTYPE_NULL                 0           // no derived type.
331 #define IMAGE_SYM_DTYPE_POINTER              1           // pointer.
332 #define IMAGE_SYM_DTYPE_FUNCTION             2           // function.
333 #define IMAGE_SYM_DTYPE_ARRAY                3           // array.
334 
335 //
336 // Storage classes.
337 //
338 
339 #define IMAGE_SYM_CLASS_END_OF_FUNCTION      (BYTE )-1
340 #define IMAGE_SYM_CLASS_NULL                 0
341 #define IMAGE_SYM_CLASS_AUTOMATIC            1
342 #define IMAGE_SYM_CLASS_EXTERNAL             2
343 #define IMAGE_SYM_CLASS_STATIC               3
344 #define IMAGE_SYM_CLASS_REGISTER             4
345 #define IMAGE_SYM_CLASS_EXTERNAL_DEF         5
346 #define IMAGE_SYM_CLASS_LABEL                6
347 #define IMAGE_SYM_CLASS_UNDEFINED_LABEL      7
348 #define IMAGE_SYM_CLASS_MEMBER_OF_STRUCT     8
349 #define IMAGE_SYM_CLASS_ARGUMENT             9
350 #define IMAGE_SYM_CLASS_STRUCT_TAG           10
351 #define IMAGE_SYM_CLASS_MEMBER_OF_UNION      11
352 #define IMAGE_SYM_CLASS_UNION_TAG            12
353 #define IMAGE_SYM_CLASS_TYPE_DEFINITION      13
354 #define IMAGE_SYM_CLASS_UNDEFINED_STATIC     14
355 #define IMAGE_SYM_CLASS_ENUM_TAG             15
356 #define IMAGE_SYM_CLASS_MEMBER_OF_ENUM       16
357 #define IMAGE_SYM_CLASS_REGISTER_PARAM       17
358 #define IMAGE_SYM_CLASS_BIT_FIELD            18
359 #define IMAGE_SYM_CLASS_BLOCK                100
360 #define IMAGE_SYM_CLASS_FUNCTION             101
361 #define IMAGE_SYM_CLASS_END_OF_STRUCT        102
362 #define IMAGE_SYM_CLASS_FILE                 103
363 // new
364 #define IMAGE_SYM_CLASS_SECTION              104
365 #define IMAGE_SYM_CLASS_WEAK_EXTERNAL        105
366 
367 // type packing constants
368 
369 #define N_BTMASK                            017
370 #define N_TMASK                             060
371 #define N_TMASK1                            0300
372 #define N_TMASK2                            0360
373 #define N_BTSHFT                            4
374 #define N_TSHIFT                            2
375 
376 // MACROS
377 
378 //
379 // Communal selection types.
380 //
381 
382 #define IMAGE_COMDAT_SELECT_NODUPLICATES   1
383 #define IMAGE_COMDAT_SELECT_ANY            2
384 #define IMAGE_COMDAT_SELECT_SAME_SIZE      3
385 #define IMAGE_COMDAT_SELECT_EXACT_MATCH    4
386 #define IMAGE_COMDAT_SELECT_ASSOCIATIVE    5
387 
388 #define IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY 1
389 #define IMAGE_WEAK_EXTERN_SEARCH_LIBRARY   2
390 #define IMAGE_WEAK_EXTERN_SEARCH_ALIAS     3
391 
392 
393 //
394 // Relocation format.
395 //
396 
397 typedef struct _IMAGE_RELOCATION {
398     UINT32   VirtualAddress;
399     UINT32   SymbolTableIndex;
400     UINT16   Type;
401 } IMAGE_RELOCATION;
402 
403 #define IMAGE_SIZEOF_RELOCATION              10
404 
405 //
406 // I386 relocation types.
407 //
408 
409 #define IMAGE_REL_I386_ABSOLUTE              0           // Reference is absolute, no relocation is necessary
410 #define IMAGE_REL_I386_DIR16                 01          // Direct 16-bit reference to the symbols virtual address
411 #define IMAGE_REL_I386_REL16                 02          // PC-relative 16-bit reference to the symbols virtual address
412 #define IMAGE_REL_I386_DIR32                 06          // Direct 32-bit reference to the symbols virtual address
413 #define IMAGE_REL_I386_DIR32NB               07          // Direct 32-bit reference to the symbols virtual address, base not included
414 #define IMAGE_REL_I386_SEG12                 011         // Direct 16-bit reference to the segment-selector bits of a 32-bit virtual address
415 #define IMAGE_REL_I386_SECTION               012
416 #define IMAGE_REL_I386_SECREL                013
417 #define IMAGE_REL_I386_REL32                 024         // PC-relative 32-bit reference to the symbols virtual address
418 
419 //
420 // MIPS relocation types.
421 //
422 
423 #define IMAGE_REL_MIPS_ABSOLUTE              0           // Reference is absolute, no relocation is necessary
424 #define IMAGE_REL_MIPS_REFHALF               01
425 #define IMAGE_REL_MIPS_REFWORD               02
426 #define IMAGE_REL_MIPS_JMPADDR               03
427 #define IMAGE_REL_MIPS_REFHI                 04
428 #define IMAGE_REL_MIPS_REFLO                 05
429 #define IMAGE_REL_MIPS_GPREL                 06
430 #define IMAGE_REL_MIPS_LITERAL               07
431 #define IMAGE_REL_MIPS_SECTION               012
432 #define IMAGE_REL_MIPS_SECREL                013
433 #define IMAGE_REL_MIPS_REFWORDNB             042
434 #define IMAGE_REL_MIPS_PAIR                  045
435 
436 //
437 // Alpha Relocation types.
438 //
439 
440 #define IMAGE_REL_ALPHA_ABSOLUTE             0x0
441 #define IMAGE_REL_ALPHA_REFLONG              0x1
442 #define IMAGE_REL_ALPHA_REFQUAD              0x2
443 #define IMAGE_REL_ALPHA_GPREL32              0x3
444 #define IMAGE_REL_ALPHA_LITERAL              0x4
445 #define IMAGE_REL_ALPHA_LITUSE               0x5
446 #define IMAGE_REL_ALPHA_GPDISP               0x6
447 #define IMAGE_REL_ALPHA_BRADDR               0x7
448 #define IMAGE_REL_ALPHA_HINT                 0x8
449 #define IMAGE_REL_ALPHA_INLINE_REFLONG       0x9
450 #define IMAGE_REL_ALPHA_REFHI                0xA
451 #define IMAGE_REL_ALPHA_REFLO                0xB
452 #define IMAGE_REL_ALPHA_PAIR                 0xC
453 #define IMAGE_REL_ALPHA_MATCH                0xD
454 #define IMAGE_REL_ALPHA_SECTION              0xE
455 #define IMAGE_REL_ALPHA_SECREL               0xF
456 #define IMAGE_REL_ALPHA_REFLONGNB            0x10
457 
458 //
459 // IBM PowerPC relocation types.
460 //
461 
462 #define IMAGE_REL_PPC_ABSOLUTE 0x0000  // NOP
463 #define IMAGE_REL_PPC_ADDR64   0x0001  // 64-bit address
464 #define IMAGE_REL_PPC_ADDR32   0x0002  // 32-bit address
465 #define IMAGE_REL_PPC_ADDR24   0x0003  // 26-bit address, shifted left 2 (branch absolute)
466 #define IMAGE_REL_PPC_ADDR16   0x0004  // 16-bit address
467 #define IMAGE_REL_PPC_ADDR14   0x0005  // 16-bit address, shifted left 2 (load doubleword)
468 #define IMAGE_REL_PPC_REL24    0x0006  // 26-bit PC-relative offset, shifted left 2 (branch relative)
469 #define IMAGE_REL_PPC_REL14    0x0007  // 16-bit PC-relative offset, shifted left 2 (br cond relative)
470 #define IMAGE_REL_PPC_TOCREL16 0x0008  // 16-bit offset from TOC base
471 #define IMAGE_REL_PPC_TOCREL14 0x0009  // 16-bit offset from TOC base, shifted left 2 (load doubleword)
472 
473 #define IMAGE_REL_PPC_ADDR32NB 0x000A  // 32-bit addr w/o image base
474 #define IMAGE_REL_PPC_SECREL   0x000B  // va of containing section (as in an image sectionhdr)
475 #define IMAGE_REL_PPC_SECTION  0x000C  // sectionheader number
476 #define IMAGE_REL_PPC_IFGLUE   0x000D  // substitute TOC restore instruction iff symbol is glue code
477 #define IMAGE_REL_PPC_IMGLUE   0x000E  // symbol is glue code; virtual address is TOC restore instruction
478 
479 #define IMAGE_REL_PPC_TYPEMASK 0x00FF  // mask to isolate above values in IMAGE_RELOCATION.Type
480 
481 // Flag bits in IMAGE_RELOCATION.TYPE
482 
483 #define IMAGE_REL_PPC_NEG      0x0100  // subtract reloc value rather than adding it
484 #define IMAGE_REL_PPC_BRTAKEN  0x0200  // fix branch prediction bit to predict branch taken
485 #define IMAGE_REL_PPC_BRNTAKEN 0x0400  // fix branch prediction bit to predict branch not taken
486 #define IMAGE_REL_PPC_TOCDEFN  0x0800  // toc slot defined in file (or, data in toc)
487 
488 //
489 // Based relocation format.
490 //
491 
492 typedef struct _IMAGE_BASE_RELOCATION {
493     UINT32   VirtualAddress;
494     UINT32   SizeOfBlock;
495 //  UINT16    TypeOffset[1];
496 } IMAGE_BASE_RELOCATION, *PIMAGE_BASE_RELOCATION;
497 
498 #define IMAGE_SIZEOF_BASE_RELOCATION         8
499 
500 //
501 // Based relocation types.
502 //
503 
504 #define IMAGE_REL_BASED_ABSOLUTE              0
505 #define IMAGE_REL_BASED_HIGH                  1
506 #define IMAGE_REL_BASED_LOW                   2
507 #define IMAGE_REL_BASED_HIGHLOW               3
508 #define IMAGE_REL_BASED_HIGHADJ               4
509 #define IMAGE_REL_BASED_MIPS_JMPADDR          5
510 #define IMAGE_REL_BASED_IA64_IMM64            9
511 #define IMAGE_REL_BASED_DIR64                 10
512 
513 //
514 // Line number format.
515 //
516 
517 typedef struct _IMAGE_LINENUMBER {
518     union {
519         UINT32   SymbolTableIndex;               // Symbol table index of function name if Linenumber is 0.
520         UINT32   VirtualAddress;                 // Virtual address of line number.
521     } Type;
522     UINT16    Linenumber;                         // Line number.
523 } IMAGE_LINENUMBER;
524 
525 #define IMAGE_SIZEOF_LINENUMBER              6
526 
527 //
528 // Archive format.
529 //
530 
531 #define IMAGE_ARCHIVE_START_SIZE             8
532 #define IMAGE_ARCHIVE_START                  "!<arch>\n"
533 #define IMAGE_ARCHIVE_END                    "`\n"
534 #define IMAGE_ARCHIVE_PAD                    "\n"
535 #define IMAGE_ARCHIVE_LINKER_MEMBER          "/               "
536 #define IMAGE_ARCHIVE_LONGNAMES_MEMBER       "//              "
537 
538 typedef struct _IMAGE_ARCHIVE_MEMBER_HEADER {
539     UINT8     Name[16];                          // File member name - `/' terminated.
540     UINT8     Date[12];                          // File member date - decimal.
541     UINT8     UserID[6];                         // File member user id - decimal.
542     UINT8     GroupID[6];                        // File member group id - decimal.
543     UINT8     Mode[8];                           // File member mode - octal.
544     UINT8     Size[10];                          // File member size - decimal.
545     UINT8     EndHeader[2];                      // String to end header.
546 } IMAGE_ARCHIVE_MEMBER_HEADER, *PIMAGE_ARCHIVE_MEMBER_HEADER;
547 
548 #define IMAGE_SIZEOF_ARCHIVE_MEMBER_HDR      60
549 
550 //
551 // DLL support.
552 //
553 
554 //
555 // Export Format
556 //
557 
558 typedef struct _IMAGE_EXPORT_DIRECTORY {
559     UINT32   Characteristics;
560     UINT32   TimeDateStamp;
561     UINT16   MajorVersion;
562     UINT16   MinorVersion;
563     UINT32   Name;
564     UINT32   Base;
565     UINT32   NumberOfFunctions;
566     UINT32   NumberOfNames;
567     UINT32   AddressOfFunctions;
568     UINT32   AddressOfNames;
569     UINT32   AddressOfNameOrdinals;
570 } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
571 
572 //
573 // Import Format
574 //
575 
576 typedef struct _IMAGE_IMPORT_BY_NAME {
577     UINT16    Hint;
578     UINT8     Name[1];
579 } IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME;
580 
581 typedef struct _IMAGE_THUNK_DATA {
582     union {
583         UINT32 Function;
584         UINT32 Ordinal;
585         PIMAGE_IMPORT_BY_NAME AddressOfData;
586     } u1;
587 } IMAGE_THUNK_DATA, *PIMAGE_THUNK_DATA;
588 
589 #define IMAGE_ORDINAL_FLAG 0x80000000
590 #define IMAGE_SNAP_BY_ORDINAL(Ordinal) ((Ordinal & IMAGE_ORDINAL_FLAG) != 0)
591 #define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
592 
593 typedef struct _IMAGE_IMPORT_DESCRIPTOR {
594     UINT32   Characteristics;
595     UINT32   TimeDateStamp;
596     UINT32   ForwarderChain;
597     UINT32   Name;
598     PIMAGE_THUNK_DATA FirstThunk;
599 } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR;
600 
601 #endif
602