Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dynamic relocations support #353

Merged
merged 7 commits into from
Feb 1, 2023
Merged

Dynamic relocations support #353

merged 7 commits into from
Feb 1, 2023

Conversation

pspcreateprocess
Copy link
Contributor

Adds support of IMAGE_DYNAMIC_RELOCATION_TABLE in PE file.
There are also issues about extending format of IMAGE_LOAD_CONFIG_DIRECTORY here #220 and here #317.
I added support of load config because it contains dynamic relocation information.

From winnt.h:

//
// Dynamic value relocation table in loadconfig
//

typedef struct _IMAGE_DYNAMIC_RELOCATION_TABLE {
    DWORD Version;
    DWORD Size;
//  IMAGE_DYNAMIC_RELOCATION DynamicRelocations[0];
} IMAGE_DYNAMIC_RELOCATION_TABLE, *PIMAGE_DYNAMIC_RELOCATION_TABLE;

//
// Dynamic value relocation entries following IMAGE_DYNAMIC_RELOCATION_TABLE
//

#include "pshpack1.h"

typedef struct _IMAGE_DYNAMIC_RELOCATION32 {
    DWORD      Symbol;
    DWORD      BaseRelocSize;
//  IMAGE_BASE_RELOCATION BaseRelocations[0];
} IMAGE_DYNAMIC_RELOCATION32, *PIMAGE_DYNAMIC_RELOCATION32;

typedef struct _IMAGE_DYNAMIC_RELOCATION64 {
    ULONGLONG  Symbol;
    DWORD      BaseRelocSize;
//  IMAGE_BASE_RELOCATION BaseRelocations[0];
} IMAGE_DYNAMIC_RELOCATION64, *PIMAGE_DYNAMIC_RELOCATION64;

typedef struct _IMAGE_DYNAMIC_RELOCATION32_V2 {
    DWORD      HeaderSize;
    DWORD      FixupInfoSize;
    DWORD      Symbol;
    DWORD      SymbolGroup;
    DWORD      Flags;
    // ...     variable length header fields
    // BYTE    FixupInfo[FixupInfoSize]
} IMAGE_DYNAMIC_RELOCATION32_V2, *PIMAGE_DYNAMIC_RELOCATION32_V2;

typedef struct _IMAGE_DYNAMIC_RELOCATION64_V2 {
    DWORD      HeaderSize;
    DWORD      FixupInfoSize;
    ULONGLONG  Symbol;
    DWORD      SymbolGroup;
    DWORD      Flags;
    // ...     variable length header fields
    // BYTE    FixupInfo[FixupInfoSize]
} IMAGE_DYNAMIC_RELOCATION64_V2, *PIMAGE_DYNAMIC_RELOCATION64_V2;

Some description of dynamic relocations structures could also be found here.
And some example code here.
Also related to that is a retpoline presentation with details about dynamic relocation types like IMAGE_IMPORT_CONTROL_TRANSFER_DYNAMIC_RELOCATION.

@erocarrera erocarrera merged commit db572d5 into erocarrera:master Feb 1, 2023
@erocarrera
Copy link
Owner

This is a great PR, thank you!

@zjgcjy zjgcjy mentioned this pull request Apr 12, 2023
Merged
zjgcjy
zjgcjy reviewed Apr 12, 2023
View reviewed changes
Copy link
Contributor

@zjgcjy zjgcjy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

find some mistakes

pefile.py
__IMAGE_INDIR_CONTROL_TRANSFER_DYNAMIC_RELOCATION_format__ = (
"IMAGE_INDIR_CONTROL_TRANSFER_DYNAMIC_RELOCATION",
(
"I:12,PageRelativeOffset",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

type error, which is actually WORD

pefile.py
"I,DynamicValueRelocTableOffset",
"H,DynamicValueRelocTableSection",
"H,Reserved2",
"I,GuardRFVerifyStackPointerFunctionPointer"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing comma

@zjgcjy
Copy link
Contributor

zjgcjy commented Apr 12, 2023

#374 has fixed them

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zjgcjy zjgcjy zjgcjy left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pspcreateprocess @erocarrera @zjgcjy