Merge remote-tracking branch 'origin/master' into feature_dynamic_rel…

…ocations
erocarrera · Sep 12, 2022 · e7d9bd0 · e7d9bd0
2 parents 75bd46b + 9c1232f
commit e7d9bd0
Show file tree

Hide file tree

Showing 10 changed files with 120 additions and 110 deletions.
diff --git a/CITATION.cff b/CITATION.cff
@@ -0,0 +1,11 @@
+abstract: "pefile is a Python module to read and work with PE (Portable Executable) files"
+authors:
+  - family-names: Carrera Ventura
+    given-names: Ero
+cff-version: 1.2.0
+date-released: "2022-05-30"
+license: MIT
+message: "If you use this software, please cite it using these metadata."
+repository-code: "https://github.com/erocarrera/pefile"
+title: "pefile"
+version: "2022.5.30"
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2004-2021 Ero Carrera
+Copyright (c) 2004-2022 Ero Carrera
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README b/README
@@ -54,23 +54,22 @@ Prompted by the move to GitHub, the need to support Python 3 in addition to reso
   * [bbfreeze](http://pypi.python.org/pypi/bbfreeze)
   * **pyemu**: [download](http://www.openrce.org/repositories/browse/codypierce), [whitepaper](https://www.blackhat.com/presentations/bh-usa-07/Pierce/Whitepaper/bh-usa-07-pierce-WP.pdf)
   * [Immunity Debugger 1.1](http://www.openrce.org/blog/view/882/Immunity_Debugger_v1.1_Release)
-  * [PyInstaller](http://www.pyinstaller.org)
   * [Cuckoo](http://docs.cuckoosandbox.org/en/latest)
   * [MultiScanner](https://github.com/MITRECND/multiscanner)
 
 ## Additional resources
 
 PDFs of posters depicting the PE file format:
 
-  * [Portable Executable Format Layout](https://docs.google.com/open?id=0B3_wGJkuWLytbnIxY1J5WUs4MEk) shows the full view of the headers and structures defined by the PE format.
-  * [Portable Executable Header Walkthrough](https://docs.google.com/open?id=0B3_wGJkuWLytQmc2di0wajB1Xzg) shows the raw view of an executable file with the PE format fields laid out over the corresponding areas.
+  * [Portable Executable Format Layout](https://drive.google.com/file/d/0B3_wGJkuWLytbnIxY1J5WUs4MEk/view?usp=sharing&resourcekey=0-n5zZ2UW39xVTH8ZSu6C2aQ) shows the full view of the headers and structures defined by the PE format.
+  * [Portable Executable Header Walkthrough](https://drive.google.com/file/d/0B3_wGJkuWLytQmc2di0wajB1Xzg/view?resourcekey=0-coPypA_IwxaOCPwl1_4u2g) shows the raw view of an executable file with the PE format fields laid out over the corresponding areas.
 
 The following links provide detailed information about the PE format and its structures.
 
-  * [corkami's wiki page about the PE format](https://code.google.com/p/corkami/wiki/PE) has grown to be one of the most in-depth repositories of information about the PE format.
+  * [corkami's wiki page about the PE format](https://web.archive.org/web/20150821170441/https://code.google.com/p/corkami/wiki/PE) has grown to be one of the most in-depth repositories of information about the PE format.
   * [corkami's treasure trove of PE weirdness](https://github.com/corkami/pocs/tree/master/PE)
-  * corkami's copy of Solar Eclipse's [Tiny PE](https://code.google.com/p/corkami/source/browse/trunk/misc/MakePE/examples/PE/tinype.asm?r=179)
   * [An In-Depth Look into the Win32 Portable Executable File Format](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/february/inside-windows-win32-portable-executable-file-format-in-detail)
-  * [An In-Depth Look into the Win32 Portable Executable File Format, Part 2](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2%20)
+  * [An In-Depth Look into the Win32 Portable Executable File Format, Part 2](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2)
   * [The Portable Executable File Format](http://www.csn.ul.ie/~caolan/publink/winresdump/winresdump/doc/pefile.html)
   * [Get icons from Exe or DLL the PE way](https://www.codeproject.com/Articles/9303/Get-icons-from-Exe-or-DLL-the-PE-way)
+  * Solar Eclipse's Tiny PE page at "http://www.phreedom.org/solar/code/tinype/" is no longer available ([html-only archive](http://web.archive.org/web/20111001045025/http://www.phreedom.org/solar/code/tinype/)), corkami's TinyPE is available [here](https://github.com/corkami/pocs/blob/master/PE/tiny.asm) (Code only)
diff --git a/README.md b/README.md
@@ -62,23 +62,22 @@ Prompted by the move to GitHub, the need to support Python 3 in addition to reso
   * [bbfreeze](http://pypi.python.org/pypi/bbfreeze)
   * **pyemu**: [download](http://www.openrce.org/repositories/browse/codypierce), [whitepaper](https://www.blackhat.com/presentations/bh-usa-07/Pierce/Whitepaper/bh-usa-07-pierce-WP.pdf)
   * [Immunity Debugger 1.1](http://www.openrce.org/blog/view/882/Immunity_Debugger_v1.1_Release)
-  * [PyInstaller](http://www.pyinstaller.org)
   * [Cuckoo](http://docs.cuckoosandbox.org/en/latest)
   * [MultiScanner](https://github.com/MITRECND/multiscanner)
 
 ## Additional resources
 
 PDFs of posters depicting the PE file format:
 
-  * [Portable Executable Format Layout](https://docs.google.com/open?id=0B3_wGJkuWLytbnIxY1J5WUs4MEk) shows the full view of the headers and structures defined by the PE format.
-  * [Portable Executable Header Walkthrough](https://docs.google.com/open?id=0B3_wGJkuWLytQmc2di0wajB1Xzg) shows the raw view of an executable file with the PE format fields laid out over the corresponding areas.
+  * [Portable Executable Format Layout](https://drive.google.com/file/d/0B3_wGJkuWLytbnIxY1J5WUs4MEk/view?usp=sharing&resourcekey=0-n5zZ2UW39xVTH8ZSu6C2aQ) shows the full view of the headers and structures defined by the PE format.
+  * [Portable Executable Header Walkthrough](https://drive.google.com/file/d/0B3_wGJkuWLytQmc2di0wajB1Xzg/view?resourcekey=0-coPypA_IwxaOCPwl1_4u2g) shows the raw view of an executable file with the PE format fields laid out over the corresponding areas.
 
 The following links provide detailed information about the PE format and its structures.
 
-  * [corkami's wiki page about the PE format](https://code.google.com/p/corkami/wiki/PE) has grown to be one of the most in-depth repositories of information about the PE format.
+  * [corkami's wiki page about the PE format](https://web.archive.org/web/20150821170441/https://code.google.com/p/corkami/wiki/PE) has grown to be one of the most in-depth repositories of information about the PE format.
   * [corkami's treasure trove of PE weirdness](https://github.com/corkami/pocs/tree/master/PE)
-  * corkami's copy of Solar Eclipse's [Tiny PE](https://code.google.com/p/corkami/source/browse/trunk/misc/MakePE/examples/PE/tinype.asm?r=179)
   * [An In-Depth Look into the Win32 Portable Executable File Format](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/february/inside-windows-win32-portable-executable-file-format-in-detail)
-  * [An In-Depth Look into the Win32 Portable Executable File Format, Part 2](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2%20)
+  * [An In-Depth Look into the Win32 Portable Executable File Format, Part 2](https://docs.microsoft.com/en-us/archive/msdn-magazine/2002/march/inside-windows-an-in-depth-look-into-the-win32-portable-executable-file-format-part-2)
   * [The Portable Executable File Format](http://www.csn.ul.ie/~caolan/publink/winresdump/winresdump/doc/pefile.html)
   * [Get icons from Exe or DLL the PE way](https://www.codeproject.com/Articles/9303/Get-icons-from-Exe-or-DLL-the-PE-way)
+  * Solar Eclipse's Tiny PE page at "http://www.phreedom.org/solar/code/tinype/" is no longer available ([html-only archive](http://web.archive.org/web/20111001045025/http://www.phreedom.org/solar/code/tinype/)), corkami's TinyPE is available [here](https://github.com/corkami/pocs/blob/master/PE/tiny.asm) (Code only)
diff --git a/ordlookup/__init__.py b/ordlookup/__init__.py
@@ -1,5 +1,3 @@
-from __future__ import absolute_import
-import sys
 from . import ws2_32
 from . import oleaut32
 
@@ -15,18 +13,9 @@
     b"oleaut32.dll": oleaut32.ord_names,
 }
 
-PY3 = sys.version_info > (3,)
 
-if PY3:
-
-    def formatOrdString(ord_val):
-        return "ord{}".format(ord_val).encode()
-
-
-else:
-
-    def formatOrdString(ord_val):
-        return b"ord%d" % ord_val
+def formatOrdString(ord_val):
+    return "ord{}".format(ord_val).encode()
 
 
 def ordLookup(libname, ord_val, make_name=False):