-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | A parser for PE object files.
--   
--   Extract the header information and sections from a file of the PE
--   object format.
@package peparser
@version 0.6

module Data.PE.Utils
byte64String :: Word64 -> String
breakWord64 :: Word64 -> [Word8]
cleanWord :: [Word8] -> [Word8]
byte64 :: Int -> Word64 -> Word8

module Data.PE.Structures

-- | The over-arching container. Holds the headers and a list of binary
--   sections
data PEFile
PEFile :: PEHeader -> PEFile
peHeader :: PEFile -> PEHeader
data PEObject
PEObj :: PEObjectHeader -> PEObject
peObjHeader :: PEObject -> PEObjectHeader

-- | The Binary Section container. Holds names and containers.
data BinSection
BinSection :: String -> ByteString -> BinSection
secname :: BinSection -> String
binSection :: BinSection -> ByteString
data PEObjectHeader
PEObjHdr :: COFFHeader -> [(SectionTable, ByteString)] -> PEObjectHeader
objcoffhdr :: PEObjectHeader -> COFFHeader
objsectionTables :: PEObjectHeader -> [(SectionTable, ByteString)]

-- | The Header section, holds entries for each header in the PE File
data PEHeader
PEHeader :: MSDOSHeader -> PESignature -> COFFHeader -> StandardFields -> WindowsSpecFields -> [DirectoryEntry] -> [(SectionTable, ByteString)] -> PEHeader
msdosHeader :: PEHeader -> MSDOSHeader
peSignature :: PEHeader -> PESignature
coffHeader :: PEHeader -> COFFHeader
standardFields :: PEHeader -> StandardFields
windowsSpecFields :: PEHeader -> WindowsSpecFields
dataDirectories :: PEHeader -> [DirectoryEntry]
sectionTables :: PEHeader -> [(SectionTable, ByteString)]
data MSDOSHeader
MSDOSHeader :: Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word32 -> MSDOSHeader
signature :: MSDOSHeader -> Word16
lastsize :: MSDOSHeader -> Word16
pagesInFile :: MSDOSHeader -> Word16
relocations :: MSDOSHeader -> Word16
headerSizeInParagraph :: MSDOSHeader -> Word16
minExtraParagraphs :: MSDOSHeader -> Word16
maxExtraParagraphs :: MSDOSHeader -> Word16
ss :: MSDOSHeader -> Word16
sp :: MSDOSHeader -> Word16
checksum :: MSDOSHeader -> Word16
ip :: MSDOSHeader -> Word16
cs :: MSDOSHeader -> Word16
relocTableOffset :: MSDOSHeader -> Word16
overlayNumber :: MSDOSHeader -> Word16
oemIdentifier :: MSDOSHeader -> Word16
oemInformation :: MSDOSHeader -> Word16
offset :: MSDOSHeader -> Word32
data PESignature
PESignature :: Word32 -> PESignature
pesignature :: PESignature -> Word32
data COFFHeader
COFFHeader :: MachineType -> Word16 -> Word32 -> Word32 -> Word32 -> Word16 -> Word16 -> COFFHeader
targetMachine :: COFFHeader -> MachineType
numberOfSections :: COFFHeader -> Word16
timeDateStamp :: COFFHeader -> Word32
pointerToSymbolTable :: COFFHeader -> Word32
numberOfSymbols :: COFFHeader -> Word32
sizeofOptionalHeaders :: COFFHeader -> Word16
coffCharacteristics :: COFFHeader -> Word16
data StandardFields
StandardFields :: Word16 -> Word8 -> Word8 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> StandardFields
standardSig :: StandardFields -> Word16
lnMajorVersion :: StandardFields -> Word8
lnMinorVersion :: StandardFields -> Word8
sizeOfCode :: StandardFields -> Word32
sizeOfInitializedData :: StandardFields -> Word32
sizeOfUninitData :: StandardFields -> Word32
addressOfEntryPoint :: StandardFields -> Word32
baseOfCode :: StandardFields -> Word32
baseOfData :: StandardFields -> Word32
SFPlus :: Word16 -> Word8 -> Word8 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> StandardFields
standardSig :: StandardFields -> Word16
lnMajorVersion :: StandardFields -> Word8
lnMinorVersion :: StandardFields -> Word8
sizeOfCode :: StandardFields -> Word32
sizeOfInitializedData :: StandardFields -> Word32
sizeOfUninitData :: StandardFields -> Word32
addressOfEntryPoint :: StandardFields -> Word32
baseOfCode :: StandardFields -> Word32
data WindowsSpecFields
WindowsSpecFields :: Word32 -> Word32 -> Word32 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word32 -> Word32 -> Word32 -> Word32 -> Word16 -> Word16 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> WindowsSpecFields
imageBase :: WindowsSpecFields -> Word32
sectionAlignment :: WindowsSpecFields -> Word32
fileAlignment :: WindowsSpecFields -> Word32
majorOSVersion :: WindowsSpecFields -> Word16
minorOSVersion :: WindowsSpecFields -> Word16
majorImageVersion :: WindowsSpecFields -> Word16
minorImageVersion :: WindowsSpecFields -> Word16
majorSubSystemVersion :: WindowsSpecFields -> Word16
minorSubSystemVersion :: WindowsSpecFields -> Word16
win32VersionValue :: WindowsSpecFields -> Word32
sizeOfImage :: WindowsSpecFields -> Word32
sizeOfHeaders :: WindowsSpecFields -> Word32
checkSum32 :: WindowsSpecFields -> Word32
checkSum16 :: WindowsSpecFields -> Word16
dllCharacteristics :: WindowsSpecFields -> Word16
sizeOfStackReserve :: WindowsSpecFields -> Word32
sizeOfStackCommit :: WindowsSpecFields -> Word32
sizeOfHeapReserve :: WindowsSpecFields -> Word32
sizeOfHeapCommit :: WindowsSpecFields -> Word32
loaderFlags :: WindowsSpecFields -> Word32
numberOfRVAandSizes :: WindowsSpecFields -> Word32
WSFPlus :: Word64 -> Word32 -> Word32 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word16 -> Word32 -> Word32 -> Word32 -> Word32 -> Word16 -> Word16 -> Word64 -> Word64 -> Word64 -> Word64 -> Word32 -> Word32 -> WindowsSpecFields
imgBase :: WindowsSpecFields -> Word64
sectionAlignment :: WindowsSpecFields -> Word32
fileAlignment :: WindowsSpecFields -> Word32
majorOSVersion :: WindowsSpecFields -> Word16
minorOSVersion :: WindowsSpecFields -> Word16
majorImageVersion :: WindowsSpecFields -> Word16
minorImageVersion :: WindowsSpecFields -> Word16
majorSubSystemVersion :: WindowsSpecFields -> Word16
minorSubSystemVersion :: WindowsSpecFields -> Word16
win32VersionValue :: WindowsSpecFields -> Word32
sizeOfImage :: WindowsSpecFields -> Word32
sizeOfHeaders :: WindowsSpecFields -> Word32
checkSum32 :: WindowsSpecFields -> Word32
checkSum16 :: WindowsSpecFields -> Word16
dllCharacteristics :: WindowsSpecFields -> Word16
szOfStackReserve :: WindowsSpecFields -> Word64
szOfStackCommit :: WindowsSpecFields -> Word64
szOfHeapReserve :: WindowsSpecFields -> Word64
szOfHeapCommit :: WindowsSpecFields -> Word64
loaderFlags :: WindowsSpecFields -> Word32
numberOfRVAandSizes :: WindowsSpecFields -> Word32
data DirectoryEntry
DirEntry :: Word32 -> Word32 -> DirectoryEntry
virtualAddr :: DirectoryEntry -> Word32
entrySize :: DirectoryEntry -> Word32
data SectionTable
SectionTable :: String -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> Word16 -> Word16 -> Word32 -> SectionTable
sectionHeaderName :: SectionTable -> String
virtualSize :: SectionTable -> Word32
virtualAddress :: SectionTable -> Word32
sizeOfRawData :: SectionTable -> Word32
pointerToRawData :: SectionTable -> Word32
pointerToRelocations :: SectionTable -> Word32
pointerToLineNumbers :: SectionTable -> Word32
numberOfRelocations :: SectionTable -> Word16
numberOfLineNumbers :: SectionTable -> Word16
secCharacteristics :: SectionTable -> Word32
data MachineType
UNKNOWN :: MachineType
AM33 :: MachineType
AMD64 :: MachineType
ARM :: MachineType
ARMV7 :: MachineType
EBC :: MachineType
I386 :: MachineType
IA64 :: MachineType
M32R :: MachineType
MIPS16 :: MachineType
MIPSFPU :: MachineType
MIPSFPU16 :: MachineType
PPC :: MachineType
PPCFP :: MachineType
R4000 :: MachineType
SH3 :: MachineType
SH3DSP :: MachineType
SH4 :: MachineType
SH5 :: MachineType
THUMB :: MachineType
WCE :: MachineType
INVALID :: MachineType
mapMachine :: Word16 -> MachineType
getAStr :: Get String
instance Show BinSection
instance Show DirectoryEntry
instance Show SectionTable
instance Show MachineType
instance Show PEHeader
instance Show PEFile
instance Show PEObjectHeader
instance Show PEObject
instance Binary MachineType
instance Binary SectionTable
instance Binary DirectoryEntry
instance Show WindowsSpecFields
instance Show StandardFields
instance Show COFFHeader
instance Show PESignature
instance Show MSDOSHeader

module Data.PE.Parser

-- | Supply a filename of a PE file in the form of a string. Returns a
--   PEFile structure
buildFile :: String -> IO (PEFile)

-- | Supply a bytestring to be parsed as if it were a PE Binary. Returns a
--   PEFile structure
buildFileFromBS :: ByteString -> PEFile

module Data.PE.Tools
type Filename = String
type Secname = String
type SectionMeta = (SectionTable, ByteString)
getsecandinfo :: Filename -> Secname -> IO ((Maybe SectionMeta, MachineType))
getsec :: Filename -> Secname -> IO (Maybe SectionMeta)
getsecs :: Filename -> [SectionMeta]
getary :: Filename -> UArray Word32 Word8
getdirs :: Filename -> [DirectoryEntry]
getsection :: PEFile -> Secname -> Maybe SectionMeta
getmachinetype :: PEFile -> MachineType
showsections :: Filename -> IO ()
type ImportDirectory = [ImportDirectoryEntry]
type ImportLookupTable = [ImportLookupTableEntry]
data ImportDirectoryEntry
ID :: Word32 -> Word32 -> Word32 -> Word32 -> Word32 -> ImportDirectoryEntry
lookupTableRVA :: ImportDirectoryEntry -> Word32
timeStamp :: ImportDirectoryEntry -> Word32
forwarderChain :: ImportDirectoryEntry -> Word32
nameRVA :: ImportDirectoryEntry -> Word32
importAddressTableRVA :: ImportDirectoryEntry -> Word32
IDNull :: ImportDirectoryEntry
data HintNameEntry
HNE :: Word16 -> String -> HintNameEntry
hint :: HintNameEntry -> Word16
name :: HintNameEntry -> String
data ImportLookupTableEntry
ILTOrd :: Word16 -> ImportLookupTableEntry
ILTHint :: Word32 -> ImportLookupTableEntry
ILTNull :: ImportLookupTableEntry
getImpDir :: Get ImportDirectory
getLT :: Get ImportLookupTable
importInfo :: Filename -> [([Char], [String])]
importInfo' :: [SectionMeta] -> [DirectoryEntry] -> [([Char], [String])]
buildImport :: UArray Word32 Word8 -> [DirectoryEntry] -> ImportDirectory
buildLookup :: UArray Word32 Word8 -> ImportDirectoryEntry -> ImportLookupTable
buildHintName :: UArray Word32 Word8 -> ImportLookupTableEntry -> HintNameEntry
getdllname :: UArray Word32 Word8 -> ImportDirectoryEntry -> [Char]
sectoblist :: Num a => (SectionTable, ByteString) -> [(a, Word8)]
arrayrep :: [SectionMeta] -> UArray Word32 Word8
grabAt :: Int -> UArray Word32 Word8 -> ByteString
instance Show ImportDirectoryEntry
instance Eq ImportDirectoryEntry
instance Show HintNameEntry
instance Eq HintNameEntry
instance Show ImportLookupTableEntry
instance Eq ImportLookupTableEntry
instance Binary ImportLookupTableEntry
instance Binary ImportDirectoryEntry
instance Binary HintNameEntry