![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ntimage.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / h|
Return to ntimage.h CVS log | Up to [WindowsNT SDKs] / mstools / h |
1.1 root 1: /*++ BUILD Version: 0004 // Increment this if a change has global effects
2:
1.1.1.2 ! root 3: Copyright (c) 1989-1993 Microsoft Corporation
1.1 root 4:
5: Module Name:
6:
7: ntimage.h
8:
9: Abstract:
10:
11: This is the include file that describes all image structures.
12:
13: Author:
14:
15: Mike O'Leary (mikeol) 21-Mar-1991
16:
17: Revision History:
18:
19: --*/
20:
21: #ifndef _NTIMAGE_
22: #define _NTIMAGE_
23:
24: //
25: // Define the linker version number. This is temporary to aid
26: // in debugging with people trying to load images built with
27: // an older linker. This is not required in the final product.
28: //
29:
30: #define IMAGE_MAJOR_LINKER_VERSION 2
31:
32: // begin_winnt
33:
34:
35: //
36: // Image Format
37: //
38:
39: #ifndef RC_INVOKED
40: #pragma pack (1)
41: #endif // !RC_INVOKED
42:
43: #define IMAGE_DOS_SIGNATURE 0x5A4D // MZ
44: #define IMAGE_OS2_SIGNATURE 0x454E // NE
45: #define IMAGE_OS2_SIGNATURE_LE 0x454C // LE
46: #define IMAGE_NT_SIGNATURE 0x00004550 // PE00
47:
48: typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header
49: USHORT e_magic; // Magic number
50: USHORT e_cblp; // Bytes on last page of file
51: USHORT e_cp; // Pages in file
52: USHORT e_crlc; // Relocations
53: USHORT e_cparhdr; // Size of header in paragraphs
54: USHORT e_minalloc; // Minimum extra paragraphs needed
55: USHORT e_maxalloc; // Maximum extra paragraphs needed
56: USHORT e_ss; // Initial (relative) SS value
57: USHORT e_sp; // Initial SP value
58: USHORT e_csum; // Checksum
59: USHORT e_ip; // Initial IP value
60: USHORT e_cs; // Initial (relative) CS value
61: USHORT e_lfarlc; // File address of relocation table
62: USHORT e_ovno; // Overlay number
63: USHORT e_res[4]; // Reserved words
64: USHORT e_oemid; // OEM identifier (for e_oeminfo)
65: USHORT e_oeminfo; // OEM information; e_oemid specific
66: USHORT e_res2[10]; // Reserved words
67: LONG e_lfanew; // File address of new exe header
68: } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;
69:
70: typedef struct _IMAGE_OS2_HEADER { // OS/2 .EXE header
71: USHORT ne_magic; // Magic number
72: CHAR ne_ver; // Version number
73: CHAR ne_rev; // Revision number
74: USHORT ne_enttab; // Offset of Entry Table
75: USHORT ne_cbenttab; // Number of bytes in Entry Table
76: LONG ne_crc; // Checksum of whole file
77: USHORT ne_flags; // Flag word
78: USHORT ne_autodata; // Automatic data segment number
79: USHORT ne_heap; // Initial heap allocation
80: USHORT ne_stack; // Initial stack allocation
81: LONG ne_csip; // Initial CS:IP setting
82: LONG ne_sssp; // Initial SS:SP setting
83: USHORT ne_cseg; // Count of file segments
84: USHORT ne_cmod; // Entries in Module Reference Table
85: USHORT ne_cbnrestab; // Size of non-resident name table
86: USHORT ne_segtab; // Offset of Segment Table
87: USHORT ne_rsrctab; // Offset of Resource Table
88: USHORT ne_restab; // Offset of resident name table
89: USHORT ne_modtab; // Offset of Module Reference Table
90: USHORT ne_imptab; // Offset of Imported Names Table
91: LONG ne_nrestab; // Offset of Non-resident Names Table
92: USHORT ne_cmovent; // Count of movable entries
93: USHORT ne_align; // Segment alignment shift count
94: USHORT ne_cres; // Count of resource segments
95: UCHAR ne_exetyp; // Target Operating system
96: UCHAR ne_flagsothers; // Other .EXE flags
97: USHORT ne_pretthunks; // offset to return thunks
98: USHORT ne_psegrefbytes; // offset to segment ref. bytes
99: USHORT ne_swaparea; // Minimum code swap area size
100: USHORT ne_expver; // Expected Windows version number
101: } IMAGE_OS2_HEADER, *PIMAGE_OS2_HEADER;
102:
103: //
104: // File header format.
105: //
106:
107: typedef struct _IMAGE_FILE_HEADER {
108: USHORT Machine;
109: USHORT NumberOfSections;
110: ULONG TimeDateStamp;
111: ULONG PointerToSymbolTable;
112: ULONG NumberOfSymbols;
113: USHORT SizeOfOptionalHeader;
114: USHORT Characteristics;
115: } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
116:
117: #define IMAGE_SIZEOF_FILE_HEADER 20
118:
119: #define IMAGE_FILE_RELOCS_STRIPPED 0x0001 // Relocation info stripped from file.
120: #define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002 // File is executable (i.e. no unresolved externel references).
121: #define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004 // Line nunbers stripped from file.
122: #define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008 // Local symbols stripped from file.
123: #define IMAGE_FILE_MINIMAL_OBJECT 0x0010 // Reserved.
124: #define IMAGE_FILE_UPDATE_OBJECT 0x0020 // Reserved.
125: #define IMAGE_FILE_16BIT_MACHINE 0x0040 // 16 bit word machine.
126: #define IMAGE_FILE_BYTES_REVERSED_LO 0x0080 // Bytes of machine word are reversed.
127: #define IMAGE_FILE_32BIT_MACHINE 0x0100 // 32 bit word machine.
1.1.1.2 ! root 128: #define IMAGE_FILE_DEBUG_STRIPPED 0x0200 // Debugging info stripped from file in .DBG file
1.1 root 129: #define IMAGE_FILE_PATCH 0x0400 // Reserved.
130: #define IMAGE_FILE_SYSTEM 0x1000 // System File.
131: #define IMAGE_FILE_DLL 0x2000 // File is a DLL.
132: #define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 // Bytes of machine word are reversed.
133:
134: #define IMAGE_FILE_MACHINE_UNKNOWN 0
135: #define IMAGE_FILE_MACHINE_I860 0x14d // Intel 860.
136: #define IMAGE_FILE_MACHINE_I386 0x14c // Intel 386.
137: #define IMAGE_FILE_MACHINE_R3000 0x162 // MIPS little-endian, 0540 big-endian
138: #define IMAGE_FILE_MACHINE_R4000 0x166 // MIPS little-endian
1.1.1.2 ! root 139: #define IMAGE_FILE_MACHINE_ALPHA 0x184 // Alpha_AXP
1.1 root 140:
141: //
142: // Directory format.
143: //
144:
145: typedef struct _IMAGE_DATA_DIRECTORY {
146: ULONG VirtualAddress;
147: ULONG Size;
148: } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
149:
150: #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
151:
152: //
153: // Optional header format.
154: //
155:
156: typedef struct _IMAGE_OPTIONAL_HEADER {
157: //
158: // Standard fields.
159: //
160:
161: USHORT Magic;
162: UCHAR MajorLinkerVersion;
163: UCHAR MinorLinkerVersion;
164: ULONG SizeOfCode;
165: ULONG SizeOfInitializedData;
166: ULONG SizeOfUninitializedData;
167: ULONG AddressOfEntryPoint;
168: ULONG BaseOfCode;
169: ULONG BaseOfData;
170:
171: //
172: // NT additional fields.
173: //
174:
175: ULONG ImageBase;
176: ULONG SectionAlignment;
177: ULONG FileAlignment;
178: USHORT MajorOperatingSystemVersion;
179: USHORT MinorOperatingSystemVersion;
180: USHORT MajorImageVersion;
181: USHORT MinorImageVersion;
182: USHORT MajorSubsystemVersion;
183: USHORT MinorSubsystemVersion;
184: ULONG Reserved1;
185: ULONG SizeOfImage;
186: ULONG SizeOfHeaders;
187: ULONG CheckSum;
188: USHORT Subsystem;
189: USHORT DllCharacteristics;
190: ULONG SizeOfStackReserve;
191: ULONG SizeOfStackCommit;
192: ULONG SizeOfHeapReserve;
193: ULONG SizeOfHeapCommit;
1.1.1.2 ! root 194: ULONG LoaderFlags;
1.1 root 195: ULONG NumberOfRvaAndSizes;
196: IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
197: } IMAGE_OPTIONAL_HEADER, *PIMAGE_OPTIONAL_HEADER;
198:
199: #define IMAGE_SIZEOF_STD_OPTIONAL_HEADER 28
200: #define IMAGE_SIZEOF_NT_OPTIONAL_HEADER 224
201:
202: typedef struct _IMAGE_NT_HEADERS {
203: ULONG Signature;
204: IMAGE_FILE_HEADER FileHeader;
205: IMAGE_OPTIONAL_HEADER OptionalHeader;
206: } IMAGE_NT_HEADERS, *PIMAGE_NT_HEADERS;
207:
208: #define IMAGE_FIRST_SECTION( ntheader ) ((PIMAGE_SECTION_HEADER) \
209: ((ULONG)ntheader + \
210: FIELD_OFFSET( IMAGE_NT_HEADERS, OptionalHeader ) + \
211: ((PIMAGE_NT_HEADERS)(ntheader))->FileHeader.SizeOfOptionalHeader \
212: ))
213:
214:
215: // Subsystem Values
216:
217: #define IMAGE_SUBSYSTEM_UNKNOWN 0 // Unknown subsystem.
218: #define IMAGE_SUBSYSTEM_NATIVE 1 // Image doesn't require a subsystem.
219: #define IMAGE_SUBSYSTEM_WINDOWS_GUI 2 // Image runs in the Windows GUI subsystem.
220: #define IMAGE_SUBSYSTEM_WINDOWS_CUI 3 // Image runs in the Windows character subsystem.
221: #define IMAGE_SUBSYSTEM_OS2_CUI 5 // image runs in the OS/2 character subsystem.
222: #define IMAGE_SUBSYSTEM_POSIX_CUI 7 // image run in the Posix character subsystem.
223:
224: // Dll Characteristics
225:
226: #define IMAGE_LIBRARY_PROCESS_INIT 1 // Dll has a process initialization routine.
227: #define IMAGE_LIBRARY_PROCESS_TERM 2 // Dll has a thread termination routine.
228: #define IMAGE_LIBRARY_THREAD_INIT 4 // Dll has a thread initialization routine.
229: #define IMAGE_LIBRARY_THREAD_TERM 8 // Dll has a thread termination routine.
230:
1.1.1.2 ! root 231: //
! 232: // Loader Flags
! 233: //
! 234:
! 235: #define IMAGE_LOADER_FLAGS_BREAK_ON_LOAD 0x00000001
! 236: #define IMAGE_LOADER_FLAGS_DEBUG_ON_LOAD 0x00000002
! 237:
! 238:
1.1 root 239: // Directory Entries
240:
241: #define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory
242: #define IMAGE_DIRECTORY_ENTRY_IMPORT 1 // Import Directory
243: #define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 // Resource Directory
244: #define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 // Exception Directory
245: #define IMAGE_DIRECTORY_ENTRY_SECURITY 4 // Security Directory
246: #define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 // Base Relocation Table
247: #define IMAGE_DIRECTORY_ENTRY_DEBUG 6 // Debug Directory
248: #define IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 // Description String
249: #define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 // Machine Value (MIPS GP)
1.1.1.2 ! root 250: #define IMAGE_DIRECTORY_ENTRY_TLS 9 // TLS Directory
! 251: #define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 10 // Load Configuration Directory
1.1 root 252:
253: //
254: // Section header format.
255: //
256:
257: #define IMAGE_SIZEOF_SHORT_NAME 8
258:
259: typedef struct _IMAGE_SECTION_HEADER {
260: UCHAR Name[IMAGE_SIZEOF_SHORT_NAME];
261: union {
262: ULONG PhysicalAddress;
263: ULONG VirtualSize;
264: } Misc;
265: ULONG VirtualAddress;
266: ULONG SizeOfRawData;
267: ULONG PointerToRawData;
268: ULONG PointerToRelocations;
269: ULONG PointerToLinenumbers;
270: USHORT NumberOfRelocations;
271: USHORT NumberOfLinenumbers;
272: ULONG Characteristics;
273: } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER;
274:
275: #define IMAGE_SIZEOF_SECTION_HEADER 40
276:
277: #define IMAGE_SCN_TYPE_REGULAR 0x00000000 //
278: #define IMAGE_SCN_TYPE_DUMMY 0x00000001 // Reserved.
1.1.1.2 ! root 279: #define IMAGE_SCN_TYPE_NO_LOAD 0x00000002 // Reserved.
1.1 root 280: #define IMAGE_SCN_TYPE_GROUPED 0x00000004 // Used for 16-bit offset code.
1.1.1.2 ! root 281: #define IMAGE_SCN_TYPE_NO_PAD 0x00000008 // Reserved.
1.1 root 282: #define IMAGE_SCN_TYPE_COPY 0x00000010 // Reserved.
1.1.1.2 ! root 283:
1.1 root 284: #define IMAGE_SCN_CNT_CODE 0x00000020 // Section contains code.
285: #define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 // Section contains initialized data.
286: #define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 // Section contains uninitialized data.
1.1.1.2 ! root 287:
1.1 root 288: #define IMAGE_SCN_LNK_OTHER 0x00000100 // Reserved.
289: #define IMAGE_SCN_LNK_INFO 0x00000200 // Section contains comments or some other type of information.
290: #define IMAGE_SCN_LNK_OVERLAY 0x00000400 // Section contains an overlay.
291: #define IMAGE_SCN_LNK_REMOVE 0x00000800 // Section contents will not become part of image.
292: #define IMAGE_SCN_LNK_COMDAT 0x00001000 // Section contents comdat.
1.1.1.2 ! root 293:
! 294: #define IMAGE_SCN_ALIGN_1BYTES 0x00100000 //
! 295: #define IMAGE_SCN_ALIGN_2BYTES 0x00200000 //
! 296: #define IMAGE_SCN_ALIGN_4BYTES 0x00300000 //
! 297: #define IMAGE_SCN_ALIGN_8BYTES 0x00400000 //
! 298: #define IMAGE_SCN_ALIGN_16BYTES 0x00500000 // Default alignment if no others are specified.
! 299: #define IMAGE_SCN_ALIGN_32BYTES 0x00600000 //
! 300: #define IMAGE_SCN_ALIGN_64BYTES 0x00700000 //
! 301:
1.1 root 302: #define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 // Section can be discarded.
303: #define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 // Section is not cachable.
304: #define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 // Section is not pageable.
305: #define IMAGE_SCN_MEM_SHARED 0x10000000 // Section is shareable.
306: #define IMAGE_SCN_MEM_EXECUTE 0x20000000 // Section is executable.
307: #define IMAGE_SCN_MEM_READ 0x40000000 // Section is readable.
308: #define IMAGE_SCN_MEM_WRITE 0x80000000 // Section is writeable.
309:
310: //
311: // Symbol format.
312: //
313:
314: typedef struct _IMAGE_SYMBOL {
315: union {
316: UCHAR ShortName[8];
317: struct {
318: ULONG Short; // if 0, use LongName
319: ULONG Long; // offset into string table
320: } Name;
321: PUCHAR LongName[2];
322: } N;
323: ULONG Value;
324: SHORT SectionNumber;
325: USHORT Type;
326: UCHAR StorageClass;
327: UCHAR NumberOfAuxSymbols;
328: } IMAGE_SYMBOL;
329: typedef IMAGE_SYMBOL UNALIGNED *PIMAGE_SYMBOL;
330:
331: #define IMAGE_SIZEOF_SYMBOL 18
332:
333: //
334: // Section values.
335: //
336: // Symbols have a section number of the section in which they are
337: // defined. Otherwise, section numbers have the following meanings:
338: //
339:
340: #define IMAGE_SYM_UNDEFINED (SHORT)0 // Symbol is undefined or is common.
341: #define IMAGE_SYM_ABSOLUTE (SHORT)-1 // Symbol is an absolute value.
342: #define IMAGE_SYM_DEBUG (SHORT)-2 // Symbol is a special debug item.
343:
344: //
345: // Type (fundamental) values.
346: //
347:
348: #define IMAGE_SYM_TYPE_NULL 0 // no type.
349: #define IMAGE_SYM_TYPE_VOID 1 //
350: #define IMAGE_SYM_TYPE_CHAR 2 // type character.
351: #define IMAGE_SYM_TYPE_SHORT 3 // type short integer.
352: #define IMAGE_SYM_TYPE_INT 4 //
353: #define IMAGE_SYM_TYPE_LONG 5 //
354: #define IMAGE_SYM_TYPE_FLOAT 6 //
355: #define IMAGE_SYM_TYPE_DOUBLE 7 //
356: #define IMAGE_SYM_TYPE_STRUCT 8 //
357: #define IMAGE_SYM_TYPE_UNION 9 //
358: #define IMAGE_SYM_TYPE_ENUM 10 // enumeration.
359: #define IMAGE_SYM_TYPE_MOE 11 // member of enumeration.
360: #define IMAGE_SYM_TYPE_UCHAR 12 //
361: #define IMAGE_SYM_TYPE_USHORT 13 //
362: #define IMAGE_SYM_TYPE_UINT 14 //
363: #define IMAGE_SYM_TYPE_ULONG 15 //
364:
365: //
366: // Type (derived) values.
367: //
368:
369: #define IMAGE_SYM_DTYPE_NULL 0 // no derived type.
370: #define IMAGE_SYM_DTYPE_POINTER 1 // pointer.
371: #define IMAGE_SYM_DTYPE_FUNCTION 2 // function.
372: #define IMAGE_SYM_DTYPE_ARRAY 3 // array.
373:
374: //
375: // Storage classes.
376: //
377:
378: #define IMAGE_SYM_CLASS_END_OF_FUNCTION (UCHAR)-1
379: #define IMAGE_SYM_CLASS_NULL 0
380: #define IMAGE_SYM_CLASS_AUTOMATIC 1
381: #define IMAGE_SYM_CLASS_EXTERNAL 2
382: #define IMAGE_SYM_CLASS_STATIC 3
383: #define IMAGE_SYM_CLASS_REGISTER 4
384: #define IMAGE_SYM_CLASS_EXTERNAL_DEF 5
385: #define IMAGE_SYM_CLASS_LABEL 6
386: #define IMAGE_SYM_CLASS_UNDEFINED_LABEL 7
387: #define IMAGE_SYM_CLASS_MEMBER_OF_STRUCT 8
388: #define IMAGE_SYM_CLASS_ARGUMENT 9
389: #define IMAGE_SYM_CLASS_STRUCT_TAG 10
390: #define IMAGE_SYM_CLASS_MEMBER_OF_UNION 11
391: #define IMAGE_SYM_CLASS_UNION_TAG 12
392: #define IMAGE_SYM_CLASS_TYPE_DEFINITION 13
393: #define IMAGE_SYM_CLASS_UNDEFINED_STATIC 14
394: #define IMAGE_SYM_CLASS_ENUM_TAG 15
395: #define IMAGE_SYM_CLASS_MEMBER_OF_ENUM 16
396: #define IMAGE_SYM_CLASS_REGISTER_PARAM 17
397: #define IMAGE_SYM_CLASS_BIT_FIELD 18
398: #define IMAGE_SYM_CLASS_BLOCK 100
399: #define IMAGE_SYM_CLASS_FUNCTION 101
400: #define IMAGE_SYM_CLASS_END_OF_STRUCT 102
401: #define IMAGE_SYM_CLASS_FILE 103
402: // new
403: #define IMAGE_SYM_CLASS_SECTION 104
404: #define IMAGE_SYM_CLASS_WEAK_EXTERNAL 105
405:
406: // type packing constants
407:
408: #define N_BTMASK 017
409: #define N_TMASK 060
410: #define N_TMASK1 0300
411: #define N_TMASK2 0360
412: #define N_BTSHFT 4
413: #define N_TSHIFT 2
414:
415: // MACROS
416:
417: // Basic Type of x
418: #define BTYPE(x) ((x) & N_BTMASK)
419:
420: // Is x a pointer?
421: #ifndef ISPTR
422: #define ISPTR(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_POINTER << N_BTSHFT))
423: #endif
424:
425: // Is x a function?
426: #ifndef ISFCN
427: #define ISFCN(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_FUNCTION << N_BTSHFT))
428: #endif
429:
430: // Is x an array?
431:
432: #ifndef ISARY
433: #define ISARY(x) (((x) & N_TMASK) == (IMAGE_SYM_DTYPE_ARRAY << N_BTSHFT))
434: #endif
435:
436: // Is x a structure, union, or enumeration TAG?
437: #ifndef ISTAG
438: #define ISTAG(x) ((x)==IMAGE_SYM_CLASS_STRUCT_TAG || (x)==IMAGE_SYM_CLASS_UNION_TAG || (x)==IMAGE_SYM_CLASS_ENUM_TAG)
439: #endif
440:
441: #ifndef INCREF
1.1.1.2 ! root 442: #define INCREF(x) ((((x)&~N_BTMASK)<<N_TSHIFT)|(IMAGE_SYM_DTYPE_POINTER<<N_BTSHFT)|((x)&N_BTMASK))
1.1 root 443: #endif
444: #ifndef DECREF
445: #define DECREF(x) ((((x)>>N_TSHIFT)&~N_BTMASK)|((x)&N_BTMASK))
446: #endif
447:
448: //
449: // Auxiliary entry format.
450: //
451:
452: typedef union _IMAGE_AUX_SYMBOL {
453: struct {
454: ULONG TagIndex; // struct, union, or enum tag index
455: union {
456: struct {
457: USHORT Linenumber; // declaration line number
458: USHORT Size; // size of struct, union, or enum
459: } LnSz;
460: ULONG TotalSize;
461: } Misc;
462: union {
463: struct { // if ISFCN, tag, or .bb
464: ULONG PointerToLinenumber;
465: ULONG PointerToNextFunction;
466: } Function;
467: struct { // if ISARY, up to 4 dimen.
468: USHORT Dimension[4];
469: } Array;
470: } FcnAry;
471: USHORT TvIndex; // tv index
472: } Sym;
473: struct {
474: UCHAR Name[IMAGE_SIZEOF_SYMBOL];
475: } File;
476: struct {
477: ULONG Length; // section length
478: USHORT NumberOfRelocations; // number of relocation entries
479: USHORT NumberOfLinenumbers; // number of line numbers
480: ULONG CheckSum; // checksum for communal
481: SHORT Number; // section number to associate with
482: UCHAR Selection; // communal selection type
483: } Section;
484: } IMAGE_AUX_SYMBOL;
485: typedef IMAGE_AUX_SYMBOL UNALIGNED *PIMAGE_AUX_SYMBOL;
486:
487: #define IMAGE_SIZEOF_AUX_SYMBOL 18
488:
489: //
490: // Communal selection types.
491: //
492:
493: #define IMAGE_COMDAT_SELECT_UNKNOWN 0
494: #define IMAGE_COMDAT_SELECT_NODUPLICATES 1
495: #define IMAGE_COMDAT_SELECT_ANY 2
496: #define IMAGE_COMDAT_SELECT_SAME_SIZE 3
497: #define IMAGE_COMDAT_SELECT_EXACT_MATCH 4
498: #define IMAGE_COMDAT_SELECT_ASSOCIATIVE 5
499:
500: #define IMAGE_WEAK_EXTERN_SEARCH_UNKNOWN 0
501: #define IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY 1
502: #define IMAGE_WEAK_EXTERN_SEARCH_LIBRARY 2
503:
504:
505: //
506: // Relocation format.
507: //
508:
509: typedef struct _IMAGE_RELOCATION {
510: ULONG VirtualAddress;
511: ULONG SymbolTableIndex;
512: USHORT Type;
513: } IMAGE_RELOCATION;
514: typedef IMAGE_RELOCATION UNALIGNED *PIMAGE_RELOCATION;
515:
516: #define IMAGE_SIZEOF_RELOCATION 10
517:
518: //
519: // I860 relocation types.
520: //
521:
522: #define IMAGE_REL_I860_ABSOLUTE 0 // Reference is absolute, no relocation is necessary
523: #define IMAGE_REL_I860_DIR32 06 // Direct 32-bit reference to the symbols virtual address
524: #define IMAGE_REL_I860_DIR32NB 07
525: #define IMAGE_REL_I860_SECTION 012
526: #define IMAGE_REL_I860_SECREL 013
527: #define IMAGE_REL_I860_PAIR 034
528: #define IMAGE_REL_I860_HIGH 036
529: #define IMAGE_REL_I860_LOW0 037
530: #define IMAGE_REL_I860_LOW1 040
531: #define IMAGE_REL_I860_LOW2 041
532: #define IMAGE_REL_I860_LOW3 042
533: #define IMAGE_REL_I860_LOW4 043
534: #define IMAGE_REL_I860_SPLIT0 044
535: #define IMAGE_REL_I860_SPLIT1 045
536: #define IMAGE_REL_I860_SPLIT2 046
537: #define IMAGE_REL_I860_HIGHADJ 047
538: #define IMAGE_REL_I860_BRADDR 050
539:
540: //
541: // I386 relocation types.
542: //
543:
544: #define IMAGE_REL_I386_ABSOLUTE 0 // Reference is absolute, no relocation is necessary
545: #define IMAGE_REL_I386_DIR16 01 // Direct 16-bit reference to the symbols virtual address
546: #define IMAGE_REL_I386_REL16 02 // PC-relative 16-bit reference to the symbols virtual address
547: #define IMAGE_REL_I386_DIR32 06 // Direct 32-bit reference to the symbols virtual address
548: #define IMAGE_REL_I386_DIR32NB 07 // Direct 32-bit reference to the symbols virtual address, base not included
549: #define IMAGE_REL_I386_SEG12 011 // Direct 16-bit reference to the segment-selector bits of a 32-bit virtual address
550: #define IMAGE_REL_I386_SECTION 012
551: #define IMAGE_REL_I386_SECREL 013
552: #define IMAGE_REL_I386_REL32 024 // PC-relative 32-bit reference to the symbols virtual address
553:
554: //
555: // MIPS relocation types.
556: //
557:
558: #define IMAGE_REL_MIPS_ABSOLUTE 0 // Reference is absolute, no relocation is necessary
559: #define IMAGE_REL_MIPS_REFHALF 01
560: #define IMAGE_REL_MIPS_REFWORD 02
561: #define IMAGE_REL_MIPS_JMPADDR 03
562: #define IMAGE_REL_MIPS_REFHI 04
563: #define IMAGE_REL_MIPS_REFLO 05
564: #define IMAGE_REL_MIPS_GPREL 06
565: #define IMAGE_REL_MIPS_LITERAL 07
566: #define IMAGE_REL_MIPS_SECTION 012
567: #define IMAGE_REL_MIPS_SECREL 013
568: #define IMAGE_REL_MIPS_REFWORDNB 042
569: #define IMAGE_REL_MIPS_PAIR 045
570:
571: //
1.1.1.2 ! root 572: // Alpha Relocation types.
! 573: //
! 574:
! 575: #define IMAGE_REL_ALPHA_ABSOLUTE 0x0
! 576: #define IMAGE_REL_ALPHA_REFLONG 0x1
! 577: #define IMAGE_REL_ALPHA_REFQUAD 0x2
! 578: #define IMAGE_REL_ALPHA_GPREL32 0x3
! 579: #define IMAGE_REL_ALPHA_LITERAL 0x4
! 580: #define IMAGE_REL_ALPHA_LITUSE 0x5
! 581: #define IMAGE_REL_ALPHA_GPDISP 0x6
! 582: #define IMAGE_REL_ALPHA_BRADDR 0x7
! 583: #define IMAGE_REL_ALPHA_HINT 0x8
! 584: #define IMAGE_REL_ALPHA_INLINE_REFLONG 0x9
! 585: #define IMAGE_REL_ALPHA_REFHI 0xA
! 586: #define IMAGE_REL_ALPHA_REFLO 0xB
! 587: #define IMAGE_REL_ALPHA_PAIR 0xC
! 588: #define IMAGE_REL_ALPHA_MATCH 0xD
! 589: #define IMAGE_REL_ALPHA_SECTION 0xE
! 590: #define IMAGE_REL_ALPHA_SECREL 0xF
! 591: #define IMAGE_REL_ALPHA_REFLONGNB 0x10
! 592:
! 593: //
1.1 root 594: // Based relocation format.
595: //
596:
597: typedef struct _IMAGE_BASE_RELOCATION {
598: ULONG VirtualAddress;
599: ULONG SizeOfBlock;
600: // USHORT TypeOffset[1];
601: } IMAGE_BASE_RELOCATION, *PIMAGE_BASE_RELOCATION;
602:
603: #define IMAGE_SIZEOF_BASE_RELOCATION 8
604:
605: //
606: // Based relocation types.
607: //
608:
609: #define IMAGE_REL_BASED_ABSOLUTE 0
610: #define IMAGE_REL_BASED_HIGH 1
611: #define IMAGE_REL_BASED_LOW 2
612: #define IMAGE_REL_BASED_HIGHLOW 3
613: #define IMAGE_REL_BASED_HIGHADJ 4
614: #define IMAGE_REL_BASED_MIPS_JMPADDR 5
615: #define IMAGE_REL_BASED_I860_BRADDR 6
616: #define IMAGE_REL_BASED_I860_SPLIT 7
617:
618: //
619: // Line number format.
620: //
621:
622: typedef struct _IMAGE_LINENUMBER {
623: union {
624: ULONG SymbolTableIndex; // Symbol table index of function name if Linenumber is 0.
625: ULONG VirtualAddress; // Virtual address of line number.
626: } Type;
627: USHORT Linenumber; // Line number.
628: } IMAGE_LINENUMBER;
629: typedef IMAGE_LINENUMBER UNALIGNED *PIMAGE_LINENUMBER;
630:
631: #define IMAGE_SIZEOF_LINENUMBER 6
632:
633: //
634: // Archive format.
635: //
636:
637: #define IMAGE_ARCHIVE_START_SIZE 8
638: #define IMAGE_ARCHIVE_START "!<arch>\n"
639: #define IMAGE_ARCHIVE_END "`\n"
640: #define IMAGE_ARCHIVE_PAD "\n"
641: #define IMAGE_ARCHIVE_LINKER_MEMBER "/ "
642: #define IMAGE_ARCHIVE_LONGNAMES_MEMBER "// "
643:
644: typedef struct _IMAGE_ARCHIVE_MEMBER_HEADER {
645: UCHAR Name[16]; // File member name - `/' terminated.
646: UCHAR Date[12]; // File member date - decimal.
647: UCHAR UserID[6]; // File member user id - decimal.
648: UCHAR GroupID[6]; // File member group id - decimal.
649: UCHAR Mode[8]; // File member mode - octal.
650: UCHAR Size[10]; // File member size - decimal.
651: UCHAR EndHeader[2]; // String to end header.
652: } IMAGE_ARCHIVE_MEMBER_HEADER, *PIMAGE_ARCHIVE_MEMBER_HEADER;
653:
654: #define IMAGE_SIZEOF_ARCHIVE_MEMBER_HDR 60
655:
656: //
657: // DLL support.
658: //
659:
660: //
661: // Export Format
662: //
663:
664: typedef struct _IMAGE_EXPORT_DIRECTORY {
665: ULONG Characteristics;
666: ULONG TimeDateStamp;
667: USHORT MajorVersion;
668: USHORT MinorVersion;
669: ULONG Name;
670: ULONG Base;
671: ULONG NumberOfFunctions;
672: ULONG NumberOfNames;
673: PULONG *AddressOfFunctions;
674: PULONG *AddressOfNames;
675: PUSHORT *AddressOfNameOrdinals;
676: } IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
677:
678: //
679: // Import Format
680: //
681:
682: typedef struct _IMAGE_IMPORT_BY_NAME {
683: USHORT Hint;
684: UCHAR Name[1];
685: } IMAGE_IMPORT_BY_NAME, *PIMAGE_IMPORT_BY_NAME;
686:
687: typedef struct _IMAGE_THUNK_DATA {
688: union {
689: PULONG Function;
690: ULONG Ordinal;
691: PIMAGE_IMPORT_BY_NAME AddressOfData;
692: } u1;
693: } IMAGE_THUNK_DATA, *PIMAGE_THUNK_DATA;
694:
695: #define IMAGE_ORDINAL_FLAG 0x80000000
696: #define IMAGE_SNAP_BY_ORDINAL(Ordinal) ((Ordinal & IMAGE_ORDINAL_FLAG) != 0)
697: #define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
698:
699: typedef struct _IMAGE_IMPORT_DESCRIPTOR {
700: ULONG Characteristics;
701: ULONG TimeDateStamp;
1.1.1.2 ! root 702: ULONG ForwarderChain;
1.1 root 703: ULONG Name;
704: PIMAGE_THUNK_DATA FirstThunk;
705: } IMAGE_IMPORT_DESCRIPTOR, *PIMAGE_IMPORT_DESCRIPTOR;
706:
707: //
1.1.1.2 ! root 708: // Thread Local Storage
! 709: //
! 710:
! 711: typedef VOID
! 712: (NTAPI *PIMAGE_TLS_CALLBACK) (
! 713: PVOID DllHandle,
! 714: ULONG Reason,
! 715: PVOID Reserved
! 716: );
! 717:
! 718: typedef struct _IMAGE_TLS_DIRECTORY {
! 719: ULONG StartAddressOfRawData;
! 720: ULONG EndAddressOfRawData;
! 721: PULONG AddressOfIndex;
! 722: PIMAGE_TLS_CALLBACK *AddressOfCallBacks;
! 723: ULONG SizeOfZeroFill;
! 724: ULONG Characteristics;
! 725: } IMAGE_TLS_DIRECTORY, *PIMAGE_TLS_DIRECTORY;
! 726:
! 727:
! 728: //
1.1 root 729: // Resource Format.
730: //
731:
732: //
733: // Resource directory consists of two counts, following by a variable length
734: // array of directory entries. The first count is the number of entries at
735: // beginning of the array that have actual names associated with each entry.
736: // The entries are in ascending order, case insensitive strings. The second
737: // count is the number of entries that immediately follow the named entries.
738: // This second count identifies the number of entries that have 31-bit integer
739: // Ids as their name. These entries are also sorted in ascending order.
740: //
741: // This structure allows fast lookup by either name or number, but for any
742: // given resource entry only one form of lookup is supported, not both.
743: // This is consistant with the syntax of the .RC file and the .RES file.
744: //
745:
746: typedef struct _IMAGE_RESOURCE_DIRECTORY {
747: ULONG Characteristics;
748: ULONG TimeDateStamp;
749: USHORT MajorVersion;
750: USHORT MinorVersion;
751: USHORT NumberOfNamedEntries;
752: USHORT NumberOfIdEntries;
753: // IMAGE_RESOURCE_DIRECTORY_ENTRY DirectoryEntries[];
754: } IMAGE_RESOURCE_DIRECTORY, *PIMAGE_RESOURCE_DIRECTORY;
755:
756: #define IMAGE_RESOURCE_NAME_IS_STRING 0x80000000
757: #define IMAGE_RESOURCE_DATA_IS_DIRECTORY 0x80000000
758:
759: //
760: // Each directory contains the 32-bit Name of the entry and an offset,
761: // relative to the beginning of the resource directory of the data associated
762: // with this directory entry. If the name of the entry is an actual text
763: // string instead of an integer Id, then the high order bit of the name field
764: // is set to one and the low order 31-bits are an offset, relative to the
765: // beginning of the resource directory of the string, which is of type
766: // IMAGE_RESOURCE_DIRECTORY_STRING. Otherwise the high bit is clear and the
767: // low-order 31-bits are the integer Id that identify this resource directory
768: // entry. If the directory entry is yet another resource directory (i.e. a
769: // subdirectory), then the high order bit of the offset field will be
770: // set to indicate this. Otherwise the high bit is clear and the offset
771: // field points to a resource data entry.
772: //
773:
774: typedef struct _IMAGE_RESOURCE_DIRECTORY_ENTRY {
775: ULONG Name;
776: ULONG OffsetToData;
777: } IMAGE_RESOURCE_DIRECTORY_ENTRY, *PIMAGE_RESOURCE_DIRECTORY_ENTRY;
778:
779: //
780: // For resource directory entries that have actual string names, the Name
781: // field of the directory entry points to an object of the following type.
782: // All of these string objects are stored together after the last resource
783: // directory entry and before the first resource data object. This minimizes
784: // the impact of these variable length objects on the alignment of the fixed
785: // size directory entry objects.
786: //
787:
788: typedef struct _IMAGE_RESOURCE_DIRECTORY_STRING {
789: USHORT Length;
790: CHAR NameString[ 1 ];
791: } IMAGE_RESOURCE_DIRECTORY_STRING, *PIMAGE_RESOURCE_DIRECTORY_STRING;
792:
793:
794: typedef struct _IMAGE_RESOURCE_DIR_STRING_U {
795: USHORT Length;
796: WCHAR NameString[ 1 ];
797: } IMAGE_RESOURCE_DIR_STRING_U, *PIMAGE_RESOURCE_DIR_STRING_U;
798:
799:
800: //
801: // Each resource data entry describes a leaf node in the resource directory
802: // tree. It contains an offset, relative to the beginning of the resource
803: // directory of the data for the resource, a size field that gives the number
804: // of bytes of data at that offset, a CodePage that should be used when
805: // decoding code point values within the resource data. Typically for new
806: // applications the code page would be the unicode code page.
807: //
808:
809: typedef struct _IMAGE_RESOURCE_DATA_ENTRY {
810: ULONG OffsetToData;
811: ULONG Size;
812: ULONG CodePage;
813: ULONG Reserved;
814: } IMAGE_RESOURCE_DATA_ENTRY, *PIMAGE_RESOURCE_DATA_ENTRY;
815:
816: //
1.1.1.2 ! root 817: // Load Configuration Directory Entry
! 818: //
! 819:
! 820: typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY {
! 821: ULONG Characteristics;
! 822: ULONG TimeDateStamp;
! 823: USHORT MajorVersion;
! 824: USHORT MinorVersion;
! 825: ULONG GlobalFlagsClear;
! 826: ULONG GlobalFlagsSet;
! 827: ULONG CriticalSectionDefaultTimeout;
! 828: ULONG DeCommitFreeBlockThreshold;
! 829: ULONG DeCommitTotalFreeThreshold;
! 830: ULONG Reserved[ 8 ];
! 831: } IMAGE_LOAD_CONFIG_DIRECTORY, *PIMAGE_LOAD_CONFIG_DIRECTORY;
! 832:
! 833:
! 834: //
! 835: // Function table entry format for MIPS/ALPHA images. Function table is
! 836: // pointed to by the IMAGE_DIRECTORY_ENTRY_EXCEPTION directory entry.
! 837: // This definition duplicates ones in ntmips.h and ntalpha.h for use
! 838: // by portable image file mungers.
! 839: //
! 840:
! 841: typedef struct _IMAGE_RUNTIME_FUNCTION_ENTRY {
! 842: ULONG BeginAddress;
! 843: ULONG EndAddress;
! 844: PVOID ExceptionHandler;
! 845: PVOID HandlerData;
! 846: ULONG PrologEndAddress;
! 847: } IMAGE_RUNTIME_FUNCTION_ENTRY, *PIMAGE_RUNTIME_FUNCTION_ENTRY;
! 848:
! 849: //
1.1 root 850: // Debug Format
851: //
852:
853: typedef struct _IMAGE_DEBUG_DIRECTORY {
854: ULONG Characteristics;
855: ULONG TimeDateStamp;
856: USHORT MajorVersion;
857: USHORT MinorVersion;
858: ULONG Type;
859: ULONG SizeOfData;
860: ULONG AddressOfRawData;
861: ULONG PointerToRawData;
862: } IMAGE_DEBUG_DIRECTORY, *PIMAGE_DEBUG_DIRECTORY;
863:
1.1.1.2 ! root 864: #define IMAGE_DEBUG_TYPE_UNKNOWN 0
! 865: #define IMAGE_DEBUG_TYPE_COFF 1
! 866: #define IMAGE_DEBUG_TYPE_CODEVIEW 2
! 867: #define IMAGE_DEBUG_TYPE_FPO 3
! 868: #define IMAGE_DEBUG_TYPE_MISC 4
! 869: #define IMAGE_DEBUG_TYPE_EXCEPTION 5
! 870: #define IMAGE_DEBUG_TYPE_FIXUP 6
! 871: #define IMAGE_DEBUG_TYPE_RESERVED6 7
! 872: #define IMAGE_DEBUG_TYPE_RESERVED7 8
1.1 root 873:
1.1.1.2 ! root 874: typedef struct _IMAGE_COFF_SYMBOLS_HEADER {
1.1 root 875: ULONG NumberOfSymbols;
876: ULONG LvaToFirstSymbol;
877: ULONG NumberOfLinenumbers;
878: ULONG LvaToFirstLinenumber;
879: ULONG RvaToFirstByteOfCode;
880: ULONG RvaToLastByteOfCode;
881: ULONG RvaToFirstByteOfData;
882: ULONG RvaToLastByteOfData;
1.1.1.2 ! root 883: } IMAGE_COFF_SYMBOLS_HEADER, *PIMAGE_COFF_SYMBOLS_HEADER;
! 884:
! 885: #define FRAME_FPO 0
! 886: #define FRAME_TRAP 1
! 887: #define FRAME_TSS 2
! 888:
! 889: typedef struct _FPO_DATA {
! 890: ULONG ulOffStart; // offset 1st byte of function code
! 891: ULONG cbProcSize; // # bytes in function
! 892: ULONG cdwLocals; // # bytes in locals/4
! 893: USHORT cdwParams; // # bytes in params/4
! 894: USHORT cbProlog : 8; // # bytes in prolog
! 895: USHORT cbRegs : 3; // # regs saved
! 896: USHORT fHasSEH : 1; // TRUE if SEH in func
! 897: USHORT fUseBP : 1; // TRUE if EBP has been allocated
! 898: USHORT reserved : 1; // reserved for future use
! 899: USHORT cbFrame : 2; // frame type
! 900: } FPO_DATA, *PFPO_DATA;
! 901: #define SIZEOF_RFPO_DATA 16
! 902:
! 903:
! 904: #define IMAGE_DEBUG_MISC_EXENAME 1
! 905:
! 906: typedef struct _IMAGE_DEBUG_MISC {
! 907: ULONG DataType; // type of misc data, see defines
! 908: ULONG Length; // total length of record, rounded to four
! 909: // byte multiple.
! 910: BOOLEAN Unicode; // TRUE if data is unicode string
! 911: UCHAR Reserved[ 3 ];
! 912: UCHAR Data[ 1 ]; // Actual data
! 913: } IMAGE_DEBUG_MISC, *PIMAGE_DEBUG_MISC;
! 914:
! 915:
! 916: //
! 917: // Debugging information can be stripped from an image file and placed
! 918: // in a separate .DBG file, whose file name part is the same as the
! 919: // image file name part (e.g. symbols for CMD.EXE could be stripped
! 920: // and placed in CMD.DBG). This is indicated by the IMAGE_FILE_DEBUG_STRIPPED
! 921: // flag in the Characteristics field of the file header. The beginning of
! 922: // the .DBG file contains the following structure which captures certain
! 923: // information from the image file. This allows a debug to proceed even if
! 924: // the original image file is not accessable. This header is followed by
! 925: // zero of more IMAGE_SECTION_HEADER structures, followed by zero or more
! 926: // IMAGE_DEBUG_DIRECTORY structures. The latter structures and those in
! 927: // the image file contain file offsets relative to the beginning of the
! 928: // .DBG file.
! 929: //
! 930: // If symbols have been stripped from an image, the IMAGE_DEBUG_MISC structure
! 931: // is left in the image file, but not mapped. This allows a debugger to
! 932: // compute the name of the .DBG file, from the name of the image in the
! 933: // IMAGE_DEBUG_MISC structure.
! 934: //
! 935:
! 936: typedef struct _IMAGE_SEPARATE_DEBUG_HEADER {
! 937: USHORT Signature;
! 938: USHORT Flags;
! 939: USHORT Machine;
! 940: USHORT Characteristics;
! 941: ULONG TimeDateStamp;
! 942: ULONG CheckSum;
! 943: ULONG ImageBase;
! 944: ULONG SizeOfImage;
! 945: ULONG NumberOfSections;
! 946: ULONG ExportedNamesSize;
! 947: ULONG DebugDirectorySize;
! 948: ULONG Reserved[ 3 ];
! 949: } IMAGE_SEPARATE_DEBUG_HEADER, *PIMAGE_SEPARATE_DEBUG_HEADER;
! 950:
! 951: #define IMAGE_SEPARATE_DEBUG_SIGNATURE 0x4944
1.1 root 952:
953: #ifndef RC_INVOKED
954: #pragma pack ()
955: #endif // !RC_INVOKED
956:
957: //
958: // End Image Format
959: //
960:
961: // end_winnt
962:
963: #endif // _NTIMAGE_
1.1.1.2 ! root 964:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.