Add support for PE relocation (#41)

Author: xoofx

src/LibObjectFile.Tests/PE/PEReaderTests.cs

@@ -109,7 +109,7 @@ public void TestCreatePE()
         var exitProcessFunction = streamData.WriteHintName(new(0x178, "ExitProcess"));
 
         // PEImportAddressTableDirectory comes first, it is referenced by the RIP + 0xFF1, first address being ExitProcess
-        var peImportAddressTable = new PEImportAddressTable()
+        var peImportAddressTable = new PEImportAddressTable64()
         {
             exitProcessFunction
         };
@@ -118,7 +118,7 @@ public void TestCreatePE()
             peImportAddressTable
         };
 
-        var peImportLookupTable = new PEImportLookupTable()
+        var peImportLookupTable = new PEImportLookupTable64()
         {
             exitProcessFunction
         };
@@ -228,6 +228,11 @@ public async Task TestWindows(string sourceFile)
 
             ByteArrayAssert.AreEqual(inputBuffer, outputBuffer, $"Invalid roundtrip for `{sourceFile}`");
         }
+
+        // Try to relocate the image
+        var relocationDiagnostics = new DiagnosticBag();
+        peImage.Relocate(0x4000, relocationDiagnostics);
+        Assert.IsFalse(relocationDiagnostics.HasErrors, $"Relocation failed - {relocationDiagnostics}");
     }
 
     public static IEnumerable<object[]> GetWindowsExeAndDlls()

src/LibObjectFile.Tests/Verified/PEReaderTests.TestPrinter_name=NativeConsole2Win64.exe.verified.txt

@@ -99,7 +99,7 @@ Sections
     [01]   .rdata PESection                        Position = 0x00001400, Size = 0x00000E00, RVA = 0x00002000, VirtualSize = 0x00000C96, Characteristics = 0x40000040 (ContainsInitializedData, MemRead)
 
         [00] PEImportAddressTableDirectory    Position = 0x00001400, Size = 0x000000E8, RVA = 0x00002000, VirtualSize = 0x000000E8
-            [00] PEImportAddressTable             Position = 0x00001400, Size = 0x00000078, RVA = 0x00002000, VirtualSize = 0x00000078
+            [00] PEImportAddressTable64           Position = 0x00001400, Size = 0x00000078, RVA = 0x00002000, VirtualSize = 0x00000078
                 [0] PEImportHintName { Hint = 567, Name = GetCurrentThreadId } (RVA = 0x2C24, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x20C)
                 [1] PEImportHintName { Hint = 1284, Name = RtlVirtualUnwind } (RVA = 0x2B62, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x14A)
                 [2] PEImportHintName { Hint = 1277, Name = RtlLookupFunctionEntry } (RVA = 0x2B48, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x130)
@@ -115,13 +115,13 @@ Sections
                 [12] PEImportHintName { Hint = 936, Name = IsProcessorFeaturePresent } (RVA = 0x2BD8, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x1C0)
                 [13] PEImportHintName { Hint = 1476, Name = TerminateProcess } (RVA = 0x2BC4, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x1AC)
 
-            [01] PEImportAddressTable             Position = 0x00001478, Size = 0x00000028, RVA = 0x00002078, VirtualSize = 0x00000028
+            [01] PEImportAddressTable64           Position = 0x00001478, Size = 0x00000028, RVA = 0x00002078, VirtualSize = 0x00000028
                 [0] PEImportHintName { Hint = 60, Name = memcpy } (RVA = 0x2C8C, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x274)
                 [1] PEImportHintName { Hint = 37, Name = __std_type_info_destroy_list } (RVA = 0x2A30, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x18)
                 [2] PEImportHintName { Hint = 8, Name = __C_specific_handler } (RVA = 0x2A18, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x0)
                 [3] PEImportHintName { Hint = 62, Name = memset } (RVA = 0x2A50, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x38)
 
-            [02] PEImportAddressTable             Position = 0x000014A0, Size = 0x00000048, RVA = 0x000020A0, VirtualSize = 0x00000048
+            [02] PEImportAddressTable64           Position = 0x000014A0, Size = 0x00000048, RVA = 0x000020A0, VirtualSize = 0x00000048
                 [0] PEImportHintName { Hint = 22, Name = _cexit } (RVA = 0x2B08, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xF0)
                 [1] PEImportHintName { Hint = 34, Name = _execute_onexit_table } (RVA = 0x2AF0, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xD8)
                 [2] PEImportHintName { Hint = 52, Name = _initialize_onexit_table } (RVA = 0x2AD4, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xBC)
@@ -237,19 +237,19 @@ Sections
 
         [11] PEImportDirectory                Position = 0x00001CE0, Size = 0x00000050, RVA = 0x000028E0, VirtualSize = 0x00000050
             [0] ImportDllNameLink = VCRUNTIME140.dll (RVA = 0x2A5A, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x42)
-            [0] ImportAddressTable = RVA = 0x00002078 (PEImportAddressTable[1] -> PEImportAddressTableDirectory[0] -> .rdata)
-            [0] ImportLookupTable = RVA = 0x000029A8 (PEImportLookupTable[13] -> .rdata)
+            [0] ImportAddressTable = RVA = 0x00002078 (PEImportAddressTable64[1] -> PEImportAddressTableDirectory[0] -> .rdata)
+            [0] ImportLookupTable = RVA = 0x000029A8 (PEImportLookupTable64[13] -> .rdata)
 
             [1] ImportDllNameLink = api-ms-win-crt-runtime-l1-1-0.dll (RVA = 0x2B12, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xFA)
-            [1] ImportAddressTable = RVA = 0x000020A0 (PEImportAddressTable[2] -> PEImportAddressTableDirectory[0] -> .rdata)
-            [1] ImportLookupTable = RVA = 0x000029D0 (PEImportLookupTable[14] -> .rdata)
+            [1] ImportAddressTable = RVA = 0x000020A0 (PEImportAddressTable64[2] -> PEImportAddressTableDirectory[0] -> .rdata)
+            [1] ImportLookupTable = RVA = 0x000029D0 (PEImportLookupTable64[14] -> .rdata)
 
             [2] ImportDllNameLink = KERNEL32.dll (RVA = 0x2C7E, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x266)
-            [2] ImportAddressTable = RVA = 0x00002000 (PEImportAddressTable[0] -> PEImportAddressTableDirectory[0] -> .rdata)
-            [2] ImportLookupTable = RVA = 0x00002930 (PEImportLookupTable[12] -> .rdata)
+            [2] ImportAddressTable = RVA = 0x00002000 (PEImportAddressTable64[0] -> PEImportAddressTableDirectory[0] -> .rdata)
+            [2] ImportLookupTable = RVA = 0x00002930 (PEImportLookupTable64[12] -> .rdata)
 
 
-        [12] PEImportLookupTable              Position = 0x00001D30, Size = 0x00000078, RVA = 0x00002930, VirtualSize = 0x00000078
+        [12] PEImportLookupTable64            Position = 0x00001D30, Size = 0x00000078, RVA = 0x00002930, VirtualSize = 0x00000078
             [0] PEImportHintName { Hint = 567, Name = GetCurrentThreadId } (RVA = 0x2C24, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x20C)
             [1] PEImportHintName { Hint = 1284, Name = RtlVirtualUnwind } (RVA = 0x2B62, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x14A)
             [2] PEImportHintName { Hint = 1277, Name = RtlLookupFunctionEntry } (RVA = 0x2B48, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x130)
@@ -265,13 +265,13 @@ Sections
             [12] PEImportHintName { Hint = 936, Name = IsProcessorFeaturePresent } (RVA = 0x2BD8, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x1C0)
             [13] PEImportHintName { Hint = 1476, Name = TerminateProcess } (RVA = 0x2BC4, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x1AC)
 
-        [13] PEImportLookupTable              Position = 0x00001DA8, Size = 0x00000028, RVA = 0x000029A8, VirtualSize = 0x00000028
+        [13] PEImportLookupTable64            Position = 0x00001DA8, Size = 0x00000028, RVA = 0x000029A8, VirtualSize = 0x00000028
             [0] PEImportHintName { Hint = 60, Name = memcpy } (RVA = 0x2C8C, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x274)
             [1] PEImportHintName { Hint = 37, Name = __std_type_info_destroy_list } (RVA = 0x2A30, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x18)
             [2] PEImportHintName { Hint = 8, Name = __C_specific_handler } (RVA = 0x2A18, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x0)
             [3] PEImportHintName { Hint = 62, Name = memset } (RVA = 0x2A50, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0x38)
 
-        [14] PEImportLookupTable              Position = 0x00001DD0, Size = 0x00000048, RVA = 0x000029D0, VirtualSize = 0x00000048
+        [14] PEImportLookupTable64            Position = 0x00001DD0, Size = 0x00000048, RVA = 0x000029D0, VirtualSize = 0x00000048
             [0] PEImportHintName { Hint = 22, Name = _cexit } (RVA = 0x2B08, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xF0)
             [1] PEImportHintName { Hint = 34, Name = _execute_onexit_table } (RVA = 0x2AF0, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xD8)
             [2] PEImportHintName { Hint = 52, Name = _initialize_onexit_table } (RVA = 0x2AD4, PEStreamSectionData { RVA = 0x2A18, VirtualSize = 0x27E, Position = 0x1E18, Size = 0x27E }, Offset = 0xBC)

src/LibObjectFile.Tests/Verified/PEReaderTests.TestPrinter_name=NativeConsoleWin64.exe.verified.txt

@@ -96,7 +96,7 @@ Sections
     [01]   .rdata PESection                        Position = 0x00000600, Size = 0x00000200, RVA = 0x00002000, VirtualSize = 0x0000019C, Characteristics = 0x40000040 (ContainsInitializedData, MemRead)
 
         [00] PEImportAddressTableDirectory    Position = 0x00000600, Size = 0x00000010, RVA = 0x00002000, VirtualSize = 0x00000010
-            [00] PEImportAddressTable             Position = 0x00000600, Size = 0x00000010, RVA = 0x00002000, VirtualSize = 0x00000010
+            [00] PEImportAddressTable64           Position = 0x00000600, Size = 0x00000010, RVA = 0x00002000, VirtualSize = 0x00000010
                 [0] PEImportHintName { Hint = 376, Name = ExitProcess } (RVA = 0x2180, PEStreamSectionData { RVA = 0x2180, VirtualSize = 0x1C, Position = 0x780, Size = 0x1C }, Offset = 0x0)
 
 
@@ -112,13 +112,13 @@ Sections
 
         [05] PEImportDirectory                Position = 0x00000744, Size = 0x00000028, RVA = 0x00002144, VirtualSize = 0x00000028
             [0] ImportDllNameLink = KERNEL32.dll (RVA = 0x218E, PEStreamSectionData { RVA = 0x2180, VirtualSize = 0x1C, Position = 0x780, Size = 0x1C }, Offset = 0xE)
-            [0] ImportAddressTable = RVA = 0x00002000 (PEImportAddressTable[0] -> PEImportAddressTableDirectory[0] -> .rdata)
-            [0] ImportLookupTable = RVA = 0x00002170 (PEImportLookupTable[7] -> .rdata)
+            [0] ImportAddressTable = RVA = 0x00002000 (PEImportAddressTable64[0] -> PEImportAddressTableDirectory[0] -> .rdata)
+            [0] ImportLookupTable = RVA = 0x00002170 (PEImportLookupTable64[7] -> .rdata)
 
 
         [06] PEStreamSectionData              Position = 0x0000076C, Size = 0x00000004, RVA = 0x0000216C, VirtualSize = 0x00000004
 
-        [07] PEImportLookupTable              Position = 0x00000770, Size = 0x00000010, RVA = 0x00002170, VirtualSize = 0x00000010
+        [07] PEImportLookupTable64            Position = 0x00000770, Size = 0x00000010, RVA = 0x00002170, VirtualSize = 0x00000010
             [0] PEImportHintName { Hint = 376, Name = ExitProcess } (RVA = 0x2180, PEStreamSectionData { RVA = 0x2180, VirtualSize = 0x1C, Position = 0x780, Size = 0x1C }, Offset = 0x0)
 
         [08] PEStreamSectionData              Position = 0x00000780, Size = 0x0000001C, RVA = 0x00002180, VirtualSize = 0x0000001C

src/LibObjectFile.Tests/Verified/PEReaderTests.TestPrinter_name=NativeLibraryWin64.dll.verified.txt

@@ -179,6 +179,8 @@ public enum DiagnosticId
     PE_ERR_BaseRelocationDirectoryInvalidSizeOfBlock = 3705,
     PE_ERR_InvalidBaseRelocationBlock = 3706,
     PE_ERR_BaseRelocationDirectoryInvalidSectionLink = 3707,
+    PE_ERR_BaseRelocationInvalid = 3708,
+    PE_WRN_BaseRelocationInVirtualMemory = 3709,
 
     // PE Import
     PE_ERR_ImportDirectoryInvalidEndOfStream = 3800,

src/LibObjectFile.Tests/Verified/PEReaderTests.TestPrinter_name=RawNativeConsoleWin64.exe.verified.txt

@@ -43,7 +43,7 @@ public PEBaseRelocation(PEBaseRelocationType type, ushort offsetInBlock)
     /// <summary>
     /// Gets the virtual offset of the base relocation relative to the offset of the associated <see cref="PEBaseRelocationBlock"/>.
     /// </summary>
-    public ushort OffsetInBlock => (ushort)(_value & VirtualOffsetMask);
+    public ushort OffsetInPage => (ushort)(_value & VirtualOffsetMask);
 
-    public override string ToString() => Type == PEBaseRelocationType.Absolute ? $"{Type} Zero Padding" : $"{Type} OffsetInBlock = 0x{OffsetInBlock:X}";
+    public override string ToString() => Type == PEBaseRelocationType.Absolute ? $"{Type} Zero Padding" : $"{Type} OffsetInBlock = 0x{OffsetInPage:X}";
 }

src/LibObjectFile/Diagnostics/DiagnosticId.cs

@@ -30,7 +30,7 @@ public PEBaseRelocationBlock()
     /// <summary>
     /// Gets or sets the linked <see cref="PESection"/> and its virtual offset within it.
     /// </summary>
-    public PESectionLink SectionLink { get; set; }
+    public PESectionLink PageLink { get; set; }
 
     /// <summary>
     /// Gets the list of relocations for this block.
@@ -55,7 +55,7 @@ protected override unsafe void UpdateLayoutCore(PELayoutContext context)
     /// </summary>
     /// <param name="relocation">The relocation.</param>
     /// <returns>The RVA of the relocation.</returns>
-    public RVA GetRVA(PEBaseRelocation relocation) => SectionLink.RVA() + relocation.OffsetInBlock;
+    public RVA GetRVA(PEBaseRelocation relocation) => PageLink.RVA() + relocation.OffsetInPage;
 
     /// <summary>
     /// Reads the address from the section data.
@@ -70,7 +70,7 @@ public ulong ReadAddress(PEFile file, PEBaseRelocation relocation)
             throw new InvalidOperationException($"The base relocation type {relocation.Type} not supported. Only Dir64 is supported for this method.");
         }
 
-        var vaOfReloc = SectionLink.RVA() + relocation.OffsetInBlock;
+        var vaOfReloc = PageLink.RVA() + relocation.OffsetInPage;
 
         if (!file.TryFindByRVA(vaOfReloc, out var container))
         {
@@ -125,7 +125,7 @@ public override unsafe void Read(PEImageReader reader)
         }
 
 
-        SectionLink = new PESectionLink(section, (uint)(block.PageRVA - section.RVA));
+        PageLink = new PESectionLink(section, (uint)(block.PageRVA - section.RVA));
 
         var sizeOfRelocations = block.SizeOfBlock - sizeof(ImageBaseRelocation);
 
@@ -156,7 +156,7 @@ public override unsafe void Write(PEImageWriter writer)
     {
         var block = new ImageBaseRelocation
         {
-            PageRVA = SectionLink.RVA(),
+            PageRVA = PageLink.RVA(),
             SizeOfBlock = (uint)Size
         };
 
@@ -174,7 +174,7 @@ public override unsafe void Write(PEImageWriter writer)
 
     public override void Verify(PEVerifyContext context)
     {
-        context.VerifyObject(SectionLink.Container, this, nameof(SectionLink), false);
+        context.VerifyObject(PageLink.Container, this, nameof(PageLink), false);
     }
 
     protected override bool PrintMembers(StringBuilder builder)
@@ -184,7 +184,7 @@ protected override bool PrintMembers(StringBuilder builder)
             builder.Append(", ");
         }
 
-        builder.Append($"Section = {SectionLink.Container?.Name}, Block RVA = {SectionLink.RVA()}, Relocations[{Relocations.Count}]");
+        builder.Append($"Section = {PageLink.Container?.Name}, Block RVA = {PageLink.RVA()}, Relocations[{Relocations.Count}]");
         return true;
     }
 

src/LibObjectFile/PE/DataDirectory/PEBaseRelocation.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Alexandre Mutel. All rights reserved.
+// Copyright (c) Alexandre Mutel. All rights reserved.
 // This file is licensed under the BSD-Clause 2 license.
 // See the license.txt file in the project root for more information.
 
@@ -32,4 +32,6 @@ public override void WriteAt(uint offset, ReadOnlySpan<byte> source)
         var buffer = MemoryMarshal.AsBytes(CollectionsMarshal.AsSpan(Entries));
         DataUtils.WriteAt(buffer, offset, source);
     }
+
+    public override unsafe bool CanReadWriteAt(uint offset, uint size) => offset + size <= (uint)Entries.Count * sizeof(VA32);
 }

src/LibObjectFile/PE/DataDirectory/PEBaseRelocationBlock.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Alexandre Mutel. All rights reserved.
+// Copyright (c) Alexandre Mutel. All rights reserved.
 // This file is licensed under the BSD-Clause 2 license.
 // See the license.txt file in the project root for more information.
 
@@ -32,4 +32,6 @@ public override void WriteAt(uint offset, ReadOnlySpan<byte> source)
         var buffer = MemoryMarshal.AsBytes(CollectionsMarshal.AsSpan(Entries));
         DataUtils.WriteAt(buffer, offset, source);
     }
+
+    public override unsafe bool CanReadWriteAt(uint offset, uint size) => offset + size <= (uint)Entries.Count * sizeof(VA64);
 }