Skip to main content

OptionalHeader

pe_assembler::types

Struct OptionalHeader 

Source 
pub struct OptionalHeader {
Show 31 fields
    pub magic: u16,
    pub major_linker_version: u8,
    pub minor_linker_version: u8,
    pub size_of_code: u32,
    pub size_of_initialized_data: u32,
    pub size_of_uninitialized_data: u32,
    pub address_of_entry_point: u32,
    pub base_of_code: u32,
    pub base_of_data: Option<u32>,
    pub image_base: u64,
    pub section_alignment: u32,
    pub file_alignment: u32,
    pub major_operating_system_version: u16,
    pub minor_operating_system_version: u16,
    pub major_image_version: u16,
    pub minor_image_version: u16,
    pub major_subsystem_version: u16,
    pub minor_subsystem_version: u16,
    pub win32_version_value: u32,
    pub size_of_image: u32,
    pub size_of_headers: u32,
    pub checksum: u32,
    pub subsystem: SubsystemType,
    pub dll_characteristics: u16,
    pub size_of_stack_reserve: u64,
    pub size_of_stack_commit: u64,
    pub size_of_heap_reserve: u64,
    pub size_of_heap_commit: u64,
    pub loader_flags: u32,
    pub number_of_rva_and_sizes: u32,
    pub data_directories: Vec<DataDirectory>,

}
Expand description

Optional header structure

Contains loading and runtime information for the PE file, such as entry point address, memory layout, version info, etc. This structure is crucial for the Windows loader to correctly load and execute the program.

Fields§

§magic: u16

Magic number identifying PE32 or PE32+ format

§major_linker_version: u8

Major version of the linker

§minor_linker_version: u8

Minor version of the linker

§size_of_code: u32

Total size of the code section in bytes

§size_of_initialized_data: u32

Total size of initialized data

§size_of_uninitialized_data: u32

Total size of uninitialized data

§address_of_entry_point: u32

RVA (Relative Virtual Address) of the program entry point

§base_of_code: u32

Starting RVA of the code section

§base_of_data: Option<u32>

Starting RVA of the data section, only valid for PE32

§image_base: u64

Preferred loading address of the image

§section_alignment: u32

Alignment granularity of sections in memory

§file_alignment: u32

Alignment granularity of sections in the file

§major_operating_system_version: u16

Major version of the required operating system

§minor_operating_system_version: u16

Minor version of the required operating system

§major_image_version: u16

Major version of the image

§minor_image_version: u16

Minor version of the image

§major_subsystem_version: u16

Major version of the subsystem

§minor_subsystem_version: u16

Minor version of the subsystem

§win32_version_value: u32

Reserved field, must be 0

§size_of_image: u32

Total size of the image, including all headers and sections

§size_of_headers: u32

Total size of all headers

§checksum: u32

Checksum of the image, used for kernel mode and system DLLs

§subsystem: SubsystemType

Subsystem type, defining the runtime environment

§dll_characteristics: u16

DLL characteristics flags, describing various properties of the DLL

§size_of_stack_reserve: u64

Virtual memory size reserved for the thread stack

§size_of_stack_commit: u64

Virtual memory size committed for the thread stack

§size_of_heap_reserve: u64

Virtual memory size reserved for the process heap

§size_of_heap_commit: u64

Virtual memory size committed for the process heap

§loader_flags: u32

Reserved field, must be 0

§number_of_rva_and_sizes: u32

Number of entries in the data directory table

§data_directories: Vec<DataDirectory>

Data directory table, containing info about various data directories

Implementations§

Source§

impl OptionalHeader

Source

pub fn new( entry_point: u32, image_base: u64, size_of_code: u32, size_of_headers: u32, size_of_image: u32, subsystem: SubsystemType, ) -> Self

Create a standard optional header suitable for .NET programs

Source

pub fn new_for_architecture( architecture: &Architecture, entry_point: u32, image_base: u64, size_of_code: u32, size_of_headers: u32, size_of_image: u32, subsystem: SubsystemType, ) -> Self

Create optional header based on architecture

Source§

impl OptionalHeader

Source

pub fn read<R: Read>(reader: R) -> Result<Self, GaiaError>

从 ExeReader 读取可选头

Trait Implementations§

Source§

impl Clone for OptionalHeader

Source§

fn clone(&self) -> OptionalHeader

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for OptionalHeader

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for OptionalHeader

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Serialize for OptionalHeader

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,