Merge pull request #197 from DrChat/export_ordinal

Find Xexport by ordinal
This commit is contained in:
Ben Vanik 2015-05-05 16:57:08 -07:00
commit 3f1131c65f
3 changed files with 57 additions and 10 deletions

View File

@ -143,9 +143,12 @@ X_STATUS XUserModule::LoadFromMemory(const void* addr, const size_t length) {
} }
void* XUserModule::GetProcAddressByOrdinal(uint16_t ordinal) { void* XUserModule::GetProcAddressByOrdinal(uint16_t ordinal) {
// TODO(benvanik): check export tables. PEExport export;
XELOGE("GetProcAddressByOrdinal not implemented"); int ret = xe_xex2_lookup_export(xex_, ordinal, export);
return NULL;
if (ret) return nullptr;
return (void*)export.addr;
} }
void* XUserModule::GetProcAddressByName(const char* name) { void* XUserModule::GetProcAddressByName(const char* name) {
@ -153,7 +156,7 @@ void* XUserModule::GetProcAddressByName(const char* name) {
int ret = xe_xex2_lookup_export(xex_, name, export); int ret = xe_xex2_lookup_export(xex_, name, export);
// Failure. // Failure.
if (ret) return NULL; if (ret) return nullptr;
return (void*)export.addr; return (void*)export.addr;
} }

View File

@ -1004,14 +1004,15 @@ int xe_xex2_lookup_export(xe_xex2_ref xex, const char *name,
// e->AddressOfX RVAs are relative to the IMAGE_EXPORT_DIRECTORY! // e->AddressOfX RVAs are relative to the IMAGE_EXPORT_DIRECTORY!
uint32_t *function_table = uint32_t *function_table =
(uint32_t *)((uint64_t)e + (uint32_t *)((uint64_t)e + e->AddressOfFunctions);
e->AddressOfFunctions); // Functions relative to base
// Names relative to directory
uint32_t *name_table = uint32_t *name_table =
(uint32_t *)((uint64_t)e + (uint32_t *)((uint64_t)e + e->AddressOfNames);
e->AddressOfNames); // Names relative to directory
// Table of ordinals (by name)
uint16_t *ordinal_table = uint16_t *ordinal_table =
(uint16_t *)((uint64_t)e + (uint16_t *)((uint64_t)e + e->AddressOfNameOrdinals);
e->AddressOfNameOrdinals); // Table of ordinals
const char *mod_name = (const char *)((uint64_t)e + e->Name); const char *mod_name = (const char *)((uint64_t)e + e->Name);
@ -1033,3 +1034,44 @@ int xe_xex2_lookup_export(xe_xex2_ref xex, const char *name,
// No match // No match
return 1; return 1;
} }
int xe_xex2_lookup_export(xe_xex2_ref xex, int ordinal,
PEExport &peexport) {
auto header = xe_xex2_get_header(xex);
// no exports :(
if (!header->export_table_offset) {
return 1;
}
uint64_t baseaddr =
(uint64_t)xex->memory->TranslateVirtual(header->exe_address);
IMAGE_EXPORT_DIRECTORY *e =
(PIMAGE_EXPORT_DIRECTORY)(baseaddr + header->export_table_offset);
// e->AddressOfX RVAs are relative to the IMAGE_EXPORT_DIRECTORY!
// Functions relative to base
uint32_t *function_table =
(uint32_t *)((uint64_t)e + e->AddressOfFunctions);
// Names relative to directory
uint32_t *name_table =
(uint32_t *)((uint64_t)e + e->AddressOfNames);
// Table of ordinals (by name)
uint16_t *ordinal_table =
(uint16_t *)((uint64_t)e + e->AddressOfNameOrdinals);
const char *mod_name = (const char *)((uint64_t)e + e->Name);
if (ordinal < e->NumberOfFunctions) {
peexport.name = nullptr; // TODO: Backwards conversion to get this
peexport.ordinal = ordinal;
peexport.addr = (uint64_t)(baseaddr + function_table[ordinal]);
return 0;
}
// No match
return 1;
}

View File

@ -64,5 +64,7 @@ int xe_xex2_get_import_infos(xe_xex2_ref xex,
int xe_xex2_lookup_export(xe_xex2_ref xex, const char* name, int xe_xex2_lookup_export(xe_xex2_ref xex, const char* name,
PEExport& peexport); PEExport& peexport);
int xe_xex2_lookup_export(xe_xex2_ref xex, int ordinal,
PEExport& peexport);
#endif // XENIA_KERNEL_UTIL_XEX2_H_ #endif // XENIA_KERNEL_UTIL_XEX2_H_