[PATCH v28 7/8] mspatcha: Use unaligned typedefs

From: ajkhoury aidankhoury@gmail.com

--- dlls/mspatcha/pa19.c | 259 ++++++++++++++++++++++++------------------- 1 file changed, 144 insertions(+), 115 deletions(-)

diff --git a/dlls/mspatcha/pa19.c b/dlls/mspatcha/pa19.c index bc41b5f1183..d9213cea0fc 100644 --- a/dlls/mspatcha/pa19.c +++ b/dlls/mspatcha/pa19.c @@ -50,6 +50,35 @@ WINE_DEFAULT_DEBUG_CHANNEL(mspatcha); #define PATCH_EXTRA_HAS_LZX_WINDOW_SIZE 0x00010000 #define PATCH_EXTRA_HAS_PATCH_TRANSFORMS 0x20000000

+/* Unaligned typedefs */ +typedef UINT16 DECLSPEC_ALIGN(1) UINT16_UNALIGNED; +typedef UINT64 DECLSPEC_ALIGN(1) UINT64_UNALIGNED; + +typedef SHORT DECLSPEC_ALIGN(1) SHORT_UNALIGNED; +typedef USHORT DECLSPEC_ALIGN(1) USHORT_UNALIGNED; +typedef LONG DECLSPEC_ALIGN(1) LONG_UNALIGNED; +typedef ULONG DECLSPEC_ALIGN(1) ULONG_UNALIGNED; + +typedef IMAGE_DOS_HEADER DECLSPEC_ALIGN(1) IMAGE_DOS_HEADER_UNALIGNED; +typedef IMAGE_NT_HEADERS32 DECLSPEC_ALIGN(1) IMAGE_NT_HEADERS32_UNALIGNED; +typedef IMAGE_DATA_DIRECTORY DECLSPEC_ALIGN(1) IMAGE_DATA_DIRECTORY_UNALIGNED; +typedef IMAGE_SECTION_HEADER DECLSPEC_ALIGN(1) IMAGE_SECTION_HEADER_UNALIGNED; + +typedef IMAGE_BASE_RELOCATION DECLSPEC_ALIGN(1) IMAGE_BASE_RELOCATION_UNALIGNED; + +typedef IMAGE_IMPORT_DESCRIPTOR DECLSPEC_ALIGN(1) IMAGE_IMPORT_DESCRIPTOR_UNALIGNED; +typedef IMAGE_BOUND_IMPORT_DESCRIPTOR DECLSPEC_ALIGN(1) IMAGE_BOUND_IMPORT_DESCRIPTOR_UNALIGNED; +typedef IMAGE_THUNK_DATA32 DECLSPEC_ALIGN(1) IMAGE_THUNK_DATA32_UNALIGNED; +typedef IMAGE_IMPORT_BY_NAME DECLSPEC_ALIGN(1) IMAGE_IMPORT_BY_NAME_UNALIGNED; + +typedef IMAGE_EXPORT_DIRECTORY DECLSPEC_ALIGN(1) IMAGE_EXPORT_DIRECTORY_UNALIGNED; + +typedef IMAGE_LOAD_CONFIG_DIRECTORY32 DECLSPEC_ALIGN(1) IMAGE_LOAD_CONFIG_DIRECTORY32_UNALIGNED; + +typedef IMAGE_RESOURCE_DIRECTORY DECLSPEC_ALIGN(1) IMAGE_RESOURCE_DIRECTORY_UNALIGNED; +typedef IMAGE_RESOURCE_DIRECTORY_ENTRY DECLSPEC_ALIGN(1) IMAGE_RESOURCE_DIRECTORY_ENTRY_UNALIGNED; +typedef IMAGE_RESOURCE_DATA_ENTRY DECLSPEC_ALIGN(1) IMAGE_RESOURCE_DATA_ENTRY_UNALIGNED; + /*********************************************************************************** * PatchAPI PA19 file header * @@ -321,7 +350,7 @@ static int read_patch_header(struct patch_file_header *ph, const BYTE *buf, size /* read the new coff image base and time used for normalization */ if ((ph->flags & PATCH_OPTION_NO_REBASE) == 0) { - ph->new_image_base = ((ULONG)*(UINT16 UNALIGNED *)ph->src) << 16; + ph->new_image_base = ((ULONG)*(UINT16_UNALIGNED *)ph->src) << 16; ph->src += sizeof(UINT16);

TRACE("new file requires rebasing to 0x%lX\n", ph->new_image_base); @@ -713,10 +742,10 @@ static void DECLSPEC_NORETURN throw_pe_fmt_exception(void) for (;;) { /* silence compiler warning */ } }

-static IMAGE_NT_HEADERS32 UNALIGNED *image_get_nt_headers(const void *image_base, size_t image_size) +static IMAGE_NT_HEADERS32_UNALIGNED *image_get_nt_headers(const void *image_base, size_t image_size) { - IMAGE_DOS_HEADER UNALIGNED *dos_hdr; - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers; + IMAGE_DOS_HEADER_UNALIGNED *dos_hdr; + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers; const UCHAR *const image_end = (PUCHAR)image_base + image_size;

if (image_size >= 0x200) { @@ -736,9 +765,9 @@ static IMAGE_NT_HEADERS32 UNALIGNED *image_get_nt_headers(const void *image_base }

static ULONG image_rva_to_file_offset( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, ULONG rva, PUCHAR image_base, ULONG image_size) + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, ULONG rva, PUCHAR image_base, ULONG image_size) { - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG section_count; ULONG i;

@@ -764,10 +793,10 @@ static ULONG image_rva_to_file_offset( }

static ULONG image_directory_rva_and_size( - IMAGE_NT_HEADERS32 UNALIGNED *nt_header, USHORT directory_entry, ULONG *directory_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_header, USHORT directory_entry, ULONG *directory_size, PUCHAR image_base, ULONG image_size) { - IMAGE_DATA_DIRECTORY UNALIGNED *data_directory; + IMAGE_DATA_DIRECTORY_UNALIGNED *data_directory;

if (directory_entry >= nt_header->OptionalHeader.NumberOfRvaAndSizes) { return 0; @@ -786,7 +815,7 @@ static ULONG image_directory_rva_and_size( }

static ULONG image_directory_offset_and_size( - IMAGE_NT_HEADERS32 UNALIGNED *nt_header, USHORT directory_entry, ULONG *directory_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_header, USHORT directory_entry, ULONG *directory_size, PUCHAR image_base, ULONG image_size) { ULONG rva, offset = 0; @@ -798,7 +827,7 @@ static ULONG image_directory_offset_and_size( }

static PVOID image_rva_to_mapped_address( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, ULONG rva, PVOID image_base, ULONG image_size) + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, ULONG rva, PVOID image_base, ULONG image_size) { const ULONG offset = image_rva_to_file_offset(nt_headers, rva, image_base, image_size); if (offset && offset < image_size) { @@ -808,7 +837,7 @@ static PVOID image_rva_to_mapped_address( }

static PVOID image_directory_mapped_address( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, USHORT directory_entry, ULONG *directory_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, USHORT directory_entry, ULONG *directory_size, PUCHAR image_base, ULONG image_size) { ULONG dir_rva; @@ -842,17 +871,17 @@ static PVOID image_directory_mapped_address(

/* Fixup a given mapped image's relocation table for a new image base. */ static BOOL rebase_image( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, ULONG new_image_base) { BOOL result; - IMAGE_BASE_RELOCATION UNALIGNED *reloc_block; - IMAGE_BASE_RELOCATION UNALIGNED *reloc_block_base; + IMAGE_BASE_RELOCATION_UNALIGNED *reloc_block; + IMAGE_BASE_RELOCATION_UNALIGNED *reloc_block_base; PUCHAR reloc_fixup; LONG delta; LONG reloc_dir_remaining; ULONG reloc_dir_size; - USHORT UNALIGNED *reloc; + USHORT_UNALIGNED *reloc; ULONG reloc_count; PUCHAR mapped_image_end;

@@ -877,11 +906,11 @@ static BOOL rebase_image( && reloc_block->SizeOfBlock <= (ULONG)reloc_dir_remaining && reloc_block->SizeOfBlock > sizeof(IMAGE_BASE_RELOCATION)) { - reloc_block_base = (IMAGE_BASE_RELOCATION UNALIGNED *)(mapped_image_base + + reloc_block_base = (IMAGE_BASE_RELOCATION_UNALIGNED *)(mapped_image_base + image_rva_to_file_offset(nt_headers, reloc_block->VirtualAddress, mapped_image_base, mapped_image_size)); if (reloc_block_base) { - reloc = (USHORT UNALIGNED *)((PUCHAR)reloc_block + sizeof(IMAGE_BASE_RELOCATION)); + reloc = (USHORT_UNALIGNED *)((PUCHAR)reloc_block + sizeof(IMAGE_BASE_RELOCATION)); reloc_count = (reloc_block->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / sizeof(USHORT); while (reloc_count--) { if ((PUCHAR)reloc > mapped_image_end) { @@ -894,21 +923,21 @@ static BOOL rebase_image( switch (*reloc >> 12) { case IMAGE_REL_BASED_HIGH: - *(USHORT UNALIGNED *)reloc_fixup = (USHORT)(((*(USHORT UNALIGNED *)reloc_fixup << 16) + delta) >> 16); + *(USHORT_UNALIGNED *)reloc_fixup = (USHORT)(((*(USHORT_UNALIGNED *)reloc_fixup << 16) + delta) >> 16); break; case IMAGE_REL_BASED_LOW: - *(USHORT UNALIGNED *)reloc_fixup = (USHORT)(*(SHORT UNALIGNED *)reloc_fixup + delta); + *(USHORT_UNALIGNED *)reloc_fixup = (USHORT)(*(SHORT_UNALIGNED *)reloc_fixup + delta); break; case IMAGE_REL_BASED_HIGHLOW: if (reloc_fixup + sizeof(USHORT) <= mapped_image_end) { - *(LONG UNALIGNED *)reloc_fixup += delta; + *(LONG_UNALIGNED *)reloc_fixup += delta; } break; case IMAGE_REL_BASED_HIGHADJ: ++reloc; --reloc_count; if ((PUCHAR)reloc <= (mapped_image_end - sizeof(USHORT))) - *(USHORT UNALIGNED *)reloc_fixup = (USHORT)(((*(USHORT UNALIGNED *)reloc_fixup << 16) + (SHORT)*reloc + delta + 0x8000) >> 16); + *(USHORT_UNALIGNED *)reloc_fixup = (USHORT)(((*(USHORT_UNALIGNED *)reloc_fixup << 16) + (SHORT)*reloc + delta + 0x8000) >> 16); break; default:

@@ -920,7 +949,7 @@ static BOOL rebase_image( }

reloc_dir_remaining -= reloc_block->SizeOfBlock; - reloc_block = (IMAGE_BASE_RELOCATION UNALIGNED *)((PUCHAR)reloc_block + reloc_block->SizeOfBlock); + reloc_block = (IMAGE_BASE_RELOCATION_UNALIGNED *)((PUCHAR)reloc_block + reloc_block->SizeOfBlock);

if ((PUCHAR)reloc_block > (mapped_image_end - sizeof(IMAGE_BASE_RELOCATION))) { throw_pe_fmt_exception(); @@ -932,17 +961,17 @@ static BOOL rebase_image(

/* Remove all bound imports for a given mapped image. */ static BOOL unbind_image( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size) + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size) { BOOL result; PUCHAR mapped_image_end; - IMAGE_IMPORT_DESCRIPTOR UNALIGNED *import_desc; - IMAGE_BOUND_IMPORT_DESCRIPTOR UNALIGNED *bound_imports; + IMAGE_IMPORT_DESCRIPTOR_UNALIGNED *import_desc; + IMAGE_BOUND_IMPORT_DESCRIPTOR_UNALIGNED *bound_imports; ULONG bound_imports_size; - IMAGE_DATA_DIRECTORY UNALIGNED *bound_import_data_dir; - IMAGE_THUNK_DATA32 UNALIGNED *original_thunk; - IMAGE_THUNK_DATA32 UNALIGNED *bound_thunk; - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_DATA_DIRECTORY_UNALIGNED *bound_import_data_dir; + IMAGE_THUNK_DATA32_UNALIGNED *original_thunk; + IMAGE_THUNK_DATA32_UNALIGNED *bound_thunk; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG section_count;

result = FALSE; @@ -1012,7 +1041,7 @@ static BOOL unbind_image( }

/* tolower hack check for ".idata " */ - if ((*((ULONGLONG UNALIGNED *)&section_table[i].Name) | 0x2020202020202020) == 0x202061746164692E) { + if ((*((UINT64_UNALIGNED *)&section_table[i].Name) | 0x2020202020202020) == 0x202061746164692E) { if ((section_table[i].Characteristics & IMAGE_SCN_MEM_WRITE) == 0) { result = TRUE; section_table[i].Characteristics |= (IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_WRITE); @@ -1027,12 +1056,12 @@ static BOOL unbind_image(

/* Force all lock prefixes to the x86 LOCK (F0h) opcode in a given mapped image. */ static BOOL normalize_lock_prefixes_in_image( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size) + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size) { BOOL result = FALSE; PUCHAR mapped_image_end; - IMAGE_LOAD_CONFIG_DIRECTORY32 UNALIGNED *loadcfg; - ULONG UNALIGNED *lock_prefix_table; + IMAGE_LOAD_CONFIG_DIRECTORY32_UNALIGNED *loadcfg; + ULONG_UNALIGNED *lock_prefix_table;

mapped_image_end = &mapped_image[image_size];

@@ -1069,16 +1098,16 @@ static BOOL normalize_lock_prefixes_in_image( }

/* derived from imagehlp for calculating a new coff image checksum. */ -static WORD calc_chksum( - DWORD initial_value, PUCHAR buffer, DWORD size_in_bytes) +static USHORT calc_chksum( + ULONG initial_value, PUCHAR buffer, ULONG size_in_bytes) { - DWORD sum; - DWORD words_remaining; - DWORD partial_words; - DWORD partial_sum; + ULONG sum; + ULONG words_remaining; + ULONG partial_words; + ULONG partial_sum;

sum = initial_value; - words_remaining = size_in_bytes / sizeof(WORD); + words_remaining = size_in_bytes / sizeof(USHORT);

for (; words_remaining; sum += HIWORD(partial_sum) + LOWORD(partial_sum)) { @@ -1090,8 +1119,8 @@ static WORD calc_chksum( words_remaining -= partial_words; partial_sum = 0; do { - partial_sum += *(WORD UNALIGNED *)buffer; - buffer += sizeof(WORD); + partial_sum += *(USHORT_UNALIGNED *)buffer; + buffer += sizeof(USHORT); --partial_words; } while (partial_words); } @@ -1100,7 +1129,7 @@ static WORD calc_chksum( sum += *buffer; }

- return (WORD)(HIWORD(sum) + LOWORD(sum)); + return (USHORT)(HIWORD(sum) + LOWORD(sum)); }

/* Normalizes a given 32-bit PE image to render a stream that is common. */ @@ -1113,7 +1142,7 @@ int normalize_old_file_image( { BOOL modified = FALSE; ULONG i; - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers; + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers;

TRACE("normalizing image at 0x%p with options 0x%lX, new base 0x%lX, new time %lu\n", old_file_buffer, option_flags, new_image_base, new_image_time); @@ -1184,10 +1213,10 @@ int normalize_old_file_image( }

static void patch_transform_PE_mark_non_executable( - IMAGE_NT_HEADERS32 UNALIGNED *nt_header, PUCHAR mapped_image, ULONG image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_header, PUCHAR mapped_image, ULONG image_size, BYTE *hintmap, BOOL force) { - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG section_size_raw; ULONG directory_offset; ULONG directory_rva; @@ -1270,7 +1299,7 @@ static int __cdecl reloc_entry_compare(const void *a, const void *b) }

static void patch_transform_PE_relocations( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size, struct patch_transform_table *xfrm_tbl, BYTE *hintmap) { PUCHAR mapped_image_end; @@ -1285,17 +1314,17 @@ static void patch_transform_PE_relocations( USHORT reloc_offset; ULONG reloc_fixup_rva; PUCHAR reloc_fixup; - IMAGE_BASE_RELOCATION UNALIGNED *reloc_block; - IMAGE_BASE_RELOCATION UNALIGNED *reloc_block_base; + IMAGE_BASE_RELOCATION_UNALIGNED *reloc_block; + IMAGE_BASE_RELOCATION_UNALIGNED *reloc_block_base; ULONG reloc_block_base_va; ULONG reloc_count; - USHORT UNALIGNED *reloc; - USHORT UNALIGNED *reloc_start; + USHORT_UNALIGNED *reloc; + USHORT_UNALIGNED *reloc_start; ULONG new_rva; struct reloc_entry *reloc_entries; ULONG reloc_entry_count; ULONG reloc_entry_index; - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG section_count; ULONG i; PUCHAR p; @@ -1311,20 +1340,20 @@ static void patch_transform_PE_relocations( { if (nt_headers->FileHeader.Machine == IMAGE_FILE_MACHINE_I386) { - IMAGE_SECTION_HEADER UNALIGNED *const first_section = IMAGE_FIRST_SECTION(nt_headers); + IMAGE_SECTION_HEADER_UNALIGNED *const first_section = IMAGE_FIRST_SECTION(nt_headers); ULONG const first_section_va = image_base_va + first_section->VirtualAddress; ULONG const image_end_va = image_base_va + nt_headers->OptionalHeader.SizeOfImage; for (p = &mapped_image[first_section->PointerToRawData]; p < (mapped_image_end - 4); p++) { - reloc_target_va = *(ULONG UNALIGNED *)p; + reloc_target_va = *(ULONG_UNALIGNED *)p;

/* is this a possible rva? */ if (reloc_target_va >= first_section_va && reloc_target_va < image_end_va) { - *(ULONG UNALIGNED *)(hintmap + (p - mapped_image)) |= 0x01010101; + *(ULONG_UNALIGNED *)(hintmap + (p - mapped_image)) |= 0x01010101;

reloc_target_rva = reloc_target_va - image_base_va; new_rva = get_new_rva_from_xfrm_table(xfrm_tbl, reloc_target_rva); if (new_rva != reloc_target_rva) { - *(ULONG UNALIGNED *)p = image_base_va + new_rva; + *(ULONG_UNALIGNED *)p = image_base_va + new_rva; }

/* advance by 3 so next loop we advance to the next dword */ @@ -1348,7 +1377,7 @@ static void patch_transform_PE_relocations(

/* loop through the relocation table, updating the new rvas. */ reloc_entry_count = 0; - reloc_block = (IMAGE_BASE_RELOCATION UNALIGNED *)&mapped_image[reloc_dir_offset]; + reloc_block = (IMAGE_BASE_RELOCATION_UNALIGNED *)&mapped_image[reloc_dir_offset]; reloc_dir_remaining = (LONG)reloc_dir_size; while (reloc_dir_remaining > 0 && reloc_block->SizeOfBlock <= (ULONG)reloc_dir_remaining @@ -1358,7 +1387,7 @@ static void patch_transform_PE_relocations( throw_pe_fmt_exception(); }

- reloc_block_base = (IMAGE_BASE_RELOCATION UNALIGNED *)(mapped_image + + reloc_block_base = (IMAGE_BASE_RELOCATION_UNALIGNED *)(mapped_image + image_rva_to_file_offset(nt_headers, reloc_block->VirtualAddress, mapped_image, image_size)); if (reloc_block_base) {

@@ -1386,27 +1415,27 @@ static void patch_transform_PE_relocations( case IMAGE_REL_BASED_HIGH: case IMAGE_REL_BASED_LOW: if (reloc_fixup < mapped_image_end) { - *(USHORT UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x0101; + *(USHORT_UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x0101; } break;

case IMAGE_REL_BASED_HIGHLOW: if (reloc_fixup < (mapped_image_end - sizeof(LONG))) { - *(ULONG UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x01010101; + *(ULONG_UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x01010101;

- reloc_target_va = *(ULONG UNALIGNED *)reloc_fixup; + reloc_target_va = *(ULONG_UNALIGNED *)reloc_fixup; reloc_target_rva = reloc_target_va - image_base_va;

new_rva = get_new_rva_from_xfrm_table(xfrm_tbl, reloc_target_rva); if (new_rva != reloc_target_rva) { - *(ULONG UNALIGNED *)reloc_fixup = image_base_va + new_rva; + *(ULONG_UNALIGNED *)reloc_fixup = image_base_va + new_rva; } } break;

case IMAGE_REL_BASED_HIGHADJ: if (reloc_fixup < mapped_image_end) { - *(USHORT UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x0101; + *(USHORT_UNALIGNED *)(hintmap + (reloc_fixup - mapped_image)) |= 0x0101; }

++reloc; @@ -1424,7 +1453,7 @@ static void patch_transform_PE_relocations( }

reloc_dir_remaining -= reloc_block->SizeOfBlock; - reloc_block = (IMAGE_BASE_RELOCATION UNALIGNED *)((ULONG_PTR)reloc_block + reloc_block->SizeOfBlock); + reloc_block = (IMAGE_BASE_RELOCATION_UNALIGNED *)((ULONG_PTR)reloc_block + reloc_block->SizeOfBlock); }

/* sort reloc entries by rva. */ @@ -1444,7 +1473,7 @@ static void patch_transform_PE_relocations( }

/* tolower hack check for ".reloc " */ - if ((*(ULONGLONG UNALIGNED *)&section_table[i].Name | 0x2020202020202020) == 0x2020636F6C65722E) { + if ((*(UINT64_UNALIGNED *)&section_table[i].Name | 0x2020202020202020) == 0x2020636F6C65722E) { if (reloc_dir_offset >= section_table[i].PointerToRawData && reloc_dir_offset < (section_table[i].PointerToRawData + section_table[i].SizeOfRawData)) { @@ -1456,7 +1485,7 @@ static void patch_transform_PE_relocations( }

reloc_dir_remaining &= ~1; /* make even value */ - reloc_block = (IMAGE_BASE_RELOCATION UNALIGNED *)(mapped_image + reloc_dir_offset); + reloc_block = (IMAGE_BASE_RELOCATION_UNALIGNED *)(mapped_image + reloc_dir_offset); reloc_entry_index = 0; while (reloc_dir_remaining > sizeof(IMAGE_BASE_RELOCATION) && reloc_entry_index < reloc_entry_count) @@ -1491,14 +1520,14 @@ static void patch_transform_PE_relocations( }

reloc_block->SizeOfBlock = (ULONG)(((ULONG_PTR)reloc - (ULONG_PTR)reloc_start) + sizeof(IMAGE_BASE_RELOCATION)); - reloc_block = (IMAGE_BASE_RELOCATION UNALIGNED *)((ULONG_PTR)reloc_block + reloc_block->SizeOfBlock); + reloc_block = (IMAGE_BASE_RELOCATION_UNALIGNED *)((ULONG_PTR)reloc_block + reloc_block->SizeOfBlock); }

VirtualFree(reloc_entries, 0, MEM_RELEASE); }

static void patch_transform_PE_infer_relocs_x86( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, BYTE *hintmap) { const ULONG image_base_va = nt_headers->OptionalHeader.ImageBase; @@ -1508,20 +1537,20 @@ static void patch_transform_PE_infer_relocs_x86( for (; p < (mapped_image_end - 4); p++) {

/* Is this a possible valid rva? */ - const ULONG reloc_target_va = *(ULONG UNALIGNED *)p; + const ULONG reloc_target_va = *(ULONG_UNALIGNED *)p; if (reloc_target_va >= image_base_va && reloc_target_va < image_end_va) {

/* Check the hintmap. */ - const ULONG infer_mask = *(ULONG UNALIGNED *)(hintmap + (p - mapped_image_base)); + const ULONG infer_mask = *(ULONG_UNALIGNED *)(hintmap + (p - mapped_image_base)); if ((infer_mask & 0x02020202) == 0) {

const ULONG reloc_target_rva = reloc_target_va - image_base_va; const ULONG new_rva = get_new_rva_from_xfrm_table(xfrm_tbl, reloc_target_rva); if (new_rva != reloc_target_rva) { - *(ULONG UNALIGNED *)p = image_base_va + new_rva; + *(ULONG_UNALIGNED *)p = image_base_va + new_rva; }

- *(ULONG UNALIGNED *)(hintmap + (p - mapped_image_base)) = infer_mask | 0x01010101; + *(ULONG_UNALIGNED *)(hintmap + (p - mapped_image_base)) = infer_mask | 0x01010101;

/* advance by 3 so next loop we advance to the next dword */ p += 4-1; @@ -1531,7 +1560,7 @@ static void patch_transform_PE_infer_relocs_x86( }

static void patch_transform_PE_infer_relocs( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, BYTE *hintmap) { ULONG reloc_dir_offset; @@ -1554,16 +1583,16 @@ static void patch_transform_PE_infer_relocs( }

static void patch_transform_PE_imports( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, BYTE* hintmap) { ULONG import_dir_offset; ULONG import_dir_size; - IMAGE_IMPORT_DESCRIPTOR UNALIGNED *import_desc; + IMAGE_IMPORT_DESCRIPTOR_UNALIGNED *import_desc; ULONG thunk_offset; - IMAGE_THUNK_DATA32 UNALIGNED *thunk_data_start; - IMAGE_THUNK_DATA32 UNALIGNED *thunk_data; - IMAGE_IMPORT_BY_NAME UNALIGNED *import_by_name; + IMAGE_THUNK_DATA32_UNALIGNED *thunk_data_start; + IMAGE_THUNK_DATA32_UNALIGNED *thunk_data; + IMAGE_IMPORT_BY_NAME_UNALIGNED *import_by_name; ULONG import_by_name_offset;

import_dir_offset = image_directory_offset_and_size(nt_headers, IMAGE_DIRECTORY_ENTRY_IMPORT, @@ -1578,19 +1607,19 @@ static void patch_transform_PE_imports( memset(&hintmap[import_dir_offset], 0x03, import_dir_size);

/* Loop through the import table, updating the new rvas. */ - import_desc = (IMAGE_IMPORT_DESCRIPTOR UNALIGNED *)(mapped_image_base + import_dir_offset); + import_desc = (IMAGE_IMPORT_DESCRIPTOR_UNALIGNED *)(mapped_image_base + import_dir_offset); while (import_desc->OriginalFirstThunk) { if (import_desc->TimeDateStamp == 0) { /* 0 if not bound */

thunk_offset = image_rva_to_file_offset(nt_headers, import_desc->OriginalFirstThunk, mapped_image_base, mapped_image_size); - thunk_data_start = (IMAGE_THUNK_DATA32 UNALIGNED *)(mapped_image_base + thunk_offset); + thunk_data_start = (IMAGE_THUNK_DATA32_UNALIGNED *)(mapped_image_base + thunk_offset); thunk_data = thunk_data_start; while (thunk_data->u1.Ordinal != 0) { if (!IMAGE_SNAP_BY_ORDINAL32(thunk_data->u1.Ordinal)) { import_by_name_offset = image_rva_to_file_offset(nt_headers, thunk_data->u1.AddressOfData, mapped_image_base, mapped_image_size); - import_by_name = (IMAGE_IMPORT_BY_NAME UNALIGNED *)(mapped_image_base + import_by_name_offset); + import_by_name = (IMAGE_IMPORT_BY_NAME_UNALIGNED *)(mapped_image_base + import_by_name_offset); memset(&hintmap[import_by_name_offset], 0x03, sizeof(IMAGE_IMPORT_BY_NAME) + strlen((char*)import_by_name->Name)); thunk_data->u1.AddressOfData = get_new_rva_from_xfrm_table(xfrm_tbl, thunk_data->u1.AddressOfData); @@ -1601,13 +1630,13 @@ static void patch_transform_PE_imports(

thunk_offset = image_rva_to_file_offset(nt_headers, import_desc->FirstThunk, mapped_image_base, mapped_image_size); - thunk_data_start = (IMAGE_THUNK_DATA32 UNALIGNED *)(mapped_image_base + thunk_offset); + thunk_data_start = (IMAGE_THUNK_DATA32_UNALIGNED *)(mapped_image_base + thunk_offset); thunk_data = thunk_data_start; while (thunk_data->u1.Ordinal != 0) { if (!IMAGE_SNAP_BY_ORDINAL32(thunk_data->u1.Ordinal)) { import_by_name_offset = image_rva_to_file_offset(nt_headers, thunk_data->u1.AddressOfData, mapped_image_base, mapped_image_size); - import_by_name = (IMAGE_IMPORT_BY_NAME UNALIGNED *)(mapped_image_base + import_by_name_offset); + import_by_name = (IMAGE_IMPORT_BY_NAME_UNALIGNED *)(mapped_image_base + import_by_name_offset); memset(&hintmap[import_by_name_offset], 0x03, sizeof(IMAGE_IMPORT_BY_NAME) + strlen((char*)import_by_name->Name)); thunk_data->u1.AddressOfData = get_new_rva_from_xfrm_table(xfrm_tbl, thunk_data->u1.AddressOfData); @@ -1626,11 +1655,11 @@ static void patch_transform_PE_imports( }

static void patch_transform_PE_exports( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, BYTE *hintmap) { - IMAGE_EXPORT_DIRECTORY UNALIGNED *export_directory; - ULONG UNALIGNED *export; + IMAGE_EXPORT_DIRECTORY_UNALIGNED *export_directory; + ULONG_UNALIGNED *export; ULONG export_count; PUCHAR mapped_image_end; ULONG offset; @@ -1650,7 +1679,7 @@ static void patch_transform_PE_exports( /* Update the hint map of the export directory. */ memset(hintmap + export_dir_offset, 0x03, export_dir_size);

- export_directory = (IMAGE_EXPORT_DIRECTORY UNALIGNED *)(mapped_image_base + export_dir_offset); + export_directory = (IMAGE_EXPORT_DIRECTORY_UNALIGNED *)(mapped_image_base + export_dir_offset);

/* Update the hint map and rvas for the AddressOfFunctions table. */ export_count = export_directory->NumberOfFunctions; @@ -1700,11 +1729,11 @@ static void patch_transform_PE_exports( }

static void patch_transform_PE_relative_jmps( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, BYTE *hintmap) { ULONG image_size; - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG section_count; PBYTE section_start, section_end; ULONG section_size; @@ -1764,7 +1793,7 @@ static void patch_transform_PE_relative_jmps( }

if (needs_patch) { - disp = *(LONG UNALIGNED *)(p + 1); + disp = *(LONG_UNALIGNED *)(p + 1); if (disp > 127 || disp < -128) { ins_rva = section_rva + (ULONG)((p + 5) - section_start); @@ -1779,7 +1808,7 @@ static void patch_transform_PE_relative_jmps( new_disp = new_target_rva - new_ins_rva; if (new_disp > 127 || new_disp < -128) { if (new_disp != disp) { - *(LONG UNALIGNED *)(p + 1) = new_disp; + *(LONG_UNALIGNED *)(p + 1) = new_disp; } } else { @@ -1805,10 +1834,10 @@ static void patch_transform_PE_relative_jmps( }

static void patch_transform_PE_relative_calls( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image_base, ULONG mapped_image_size, struct patch_transform_table *xfrm_tbl, PUCHAR hintmap) { - IMAGE_SECTION_HEADER UNALIGNED *section_table; + IMAGE_SECTION_HEADER_UNALIGNED *section_table; ULONG sizeof_image; PUCHAR section_start, section_end; ULONG section_size; @@ -1861,7 +1890,7 @@ static void patch_transform_PE_relative_calls( }

if (needs_patch) { - disp = *(LONG UNALIGNED *)(p + 1); + disp = *(LONG_UNALIGNED *)(p + 1); ins_rva = section_rva + (ULONG)((ULONG_PTR)p - (ULONG_PTR)section_start) + 5; target_rva = ins_rva + disp; if (target_rva < sizeof_image) { @@ -1872,7 +1901,7 @@ static void patch_transform_PE_relative_calls( new_ins_rva = get_new_rva_from_xfrm_table(xfrm_tbl, ins_rva); new_disp = new_target_rva - new_ins_rva; if (new_disp != disp) { - *(LONG UNALIGNED *)(p + 1) = new_disp; + *(LONG_UNALIGNED *)(p + 1) = new_disp; } p += 4; } @@ -1901,12 +1930,12 @@ struct transform_resource_context { /* i386 | x64 */

static void transform_resources_recursive_old_compat( struct transform_resource_context *ctx, - IMAGE_RESOURCE_DIRECTORY UNALIGNED *res_dir) + IMAGE_RESOURCE_DIRECTORY_UNALIGNED *res_dir) { ULONG entry_count, i; - IMAGE_RESOURCE_DIRECTORY_ENTRY UNALIGNED *entry; - IMAGE_RESOURCE_DATA_ENTRY UNALIGNED *res_data; - IMAGE_RESOURCE_DIRECTORY UNALIGNED *recursive_res_dir; + IMAGE_RESOURCE_DIRECTORY_ENTRY_UNALIGNED *entry; + IMAGE_RESOURCE_DATA_ENTRY_UNALIGNED *res_data; + IMAGE_RESOURCE_DIRECTORY_UNALIGNED *recursive_res_dir; ULONG offset_to_data; ULONG name_offset; ULONG new_offset; @@ -1923,7 +1952,7 @@ static void transform_resources_recursive_old_compat( }

entry_count = res_dir->NumberOfNamedEntries + res_dir->NumberOfIdEntries; - entry = (IMAGE_RESOURCE_DIRECTORY_ENTRY UNALIGNED *)((PUCHAR)res_dir + sizeof(IMAGE_RESOURCE_DIRECTORY)); + entry = (IMAGE_RESOURCE_DIRECTORY_ENTRY_UNALIGNED *)((PUCHAR)res_dir + sizeof(IMAGE_RESOURCE_DIRECTORY));

for (i = 0; i < entry_count; i++, entry++) { if ((PUCHAR)entry >= (ctx->res_dir_end - sizeof(IMAGE_RESOURCE_DIRECTORY_ENTRY))) { @@ -1933,14 +1962,14 @@ static void transform_resources_recursive_old_compat( offset_to_data = entry->OffsetToData & ~IMAGE_RESOURCE_DATA_IS_DIRECTORY; if (entry->OffsetToData & IMAGE_RESOURCE_DATA_IS_DIRECTORY) { /* Recurse into next resource directory. */ - recursive_res_dir = (IMAGE_RESOURCE_DIRECTORY UNALIGNED *)&ctx->res_dir_base[offset_to_data]; + recursive_res_dir = (IMAGE_RESOURCE_DIRECTORY_UNALIGNED *)&ctx->res_dir_base[offset_to_data]; if ((PUCHAR)recursive_res_dir >= ctx->image_base) { transform_resources_recursive_old_compat(ctx, recursive_res_dir); }

} else { /* Update rva of valid resource data entry. */ - res_data = (IMAGE_RESOURCE_DATA_ENTRY UNALIGNED *)&ctx->res_dir_base[offset_to_data]; + res_data = (IMAGE_RESOURCE_DATA_ENTRY_UNALIGNED *)&ctx->res_dir_base[offset_to_data]; if ((PUCHAR)res_data > ctx->res_dir_base && (PUCHAR)res_data < (ctx->res_dir_end - sizeof(IMAGE_RESOURCE_DATA_ENTRY))) { @@ -1979,7 +2008,7 @@ static void transform_resources_recursive_old_compat( }

static void patch_transform_PE_resources_old_compat( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image, ULONG image_size, ULONG new_res_time, struct patch_transform_table *xfrm_tbl) { struct transform_resource_context ctx; @@ -2008,18 +2037,18 @@ static void patch_transform_PE_resources_old_compat(

if (ctx.res_dir_base >= mapped_image) { transform_resources_recursive_old_compat(&ctx, - (IMAGE_RESOURCE_DIRECTORY UNALIGNED *)ctx.res_dir_base); + (IMAGE_RESOURCE_DIRECTORY_UNALIGNED *)ctx.res_dir_base); } } }

static void transform_resources_recursive( struct transform_resource_context *ctx, - IMAGE_RESOURCE_DIRECTORY UNALIGNED *res_dir) + IMAGE_RESOURCE_DIRECTORY_UNALIGNED *res_dir) { - IMAGE_RESOURCE_DIRECTORY_ENTRY UNALIGNED *entry; - IMAGE_RESOURCE_DATA_ENTRY UNALIGNED *res_data; - IMAGE_RESOURCE_DIRECTORY UNALIGNED *recursive_res_dir; + IMAGE_RESOURCE_DIRECTORY_ENTRY_UNALIGNED *entry; + IMAGE_RESOURCE_DATA_ENTRY_UNALIGNED *res_data; + IMAGE_RESOURCE_DIRECTORY_UNALIGNED *recursive_res_dir; ULONG i; ULONG entry_count; ULONG offset_to_data; @@ -2043,7 +2072,7 @@ static void transform_resources_recursive( res_dir->TimeDateStamp = ctx->new_res_time; }

- entry = (IMAGE_RESOURCE_DIRECTORY_ENTRY UNALIGNED *)((PUCHAR)res_dir + sizeof(IMAGE_RESOURCE_DIRECTORY)); + entry = (IMAGE_RESOURCE_DIRECTORY_ENTRY_UNALIGNED *)((PUCHAR)res_dir + sizeof(IMAGE_RESOURCE_DIRECTORY)); entry_count = res_dir->NumberOfNamedEntries + res_dir->NumberOfIdEntries;

for (i = 0; i < entry_count; i++, entry++) { @@ -2064,7 +2093,7 @@ static void transform_resources_recursive( && (offset_to_data + sizeof(IMAGE_RESOURCE_DIRECTORY)) <= ctx->res_dir_size) {

/* Recurse into next resource directory. */ - recursive_res_dir = (IMAGE_RESOURCE_DIRECTORY UNALIGNED *)&ctx->res_dir_base[offset_to_data]; + recursive_res_dir = (IMAGE_RESOURCE_DIRECTORY_UNALIGNED *)&ctx->res_dir_base[offset_to_data]; if ((PUCHAR)recursive_res_dir >= ctx->res_dir_base) { transform_resources_recursive(ctx, recursive_res_dir); } else { @@ -2081,7 +2110,7 @@ static void transform_resources_recursive(

} else { /* Update rva of valid resource data entry. */ - res_data = (IMAGE_RESOURCE_DATA_ENTRY UNALIGNED *)&ctx->res_dir_base[offset_to_data]; + res_data = (IMAGE_RESOURCE_DATA_ENTRY_UNALIGNED *)&ctx->res_dir_base[offset_to_data]; if ((PUCHAR)res_data < ctx->res_dir_base && ((PUCHAR)res_data + sizeof(IMAGE_RESOURCE_DATA_ENTRY)) > ctx->res_dir_end) { ctx->out_of_bounds = TRUE; @@ -2110,7 +2139,7 @@ static void transform_resources_recursive( }

static BOOL patch_transform_PE_resources( - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, PUCHAR mapped_image, SIZE_T image_size, + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR mapped_image, SIZE_T image_size, ULONG new_res_time, struct patch_transform_table *xfrm_tbl) { BOOL result; @@ -2129,7 +2158,7 @@ static BOOL patch_transform_PE_resources( ctx.new_res_time = new_res_time; ctx.xfrm_tbl = xfrm_tbl; ctx.out_of_bounds = FALSE; - transform_resources_recursive(&ctx, (IMAGE_RESOURCE_DIRECTORY UNALIGNED *)ctx.res_dir_base); + transform_resources_recursive(&ctx, (IMAGE_RESOURCE_DIRECTORY_UNALIGNED *)ctx.res_dir_base); result = !ctx.out_of_bounds; } else { result = TRUE; @@ -2139,7 +2168,7 @@ static BOOL patch_transform_PE_resources( }

static BOOL patch_coff_image( - PULONG transform_option_flags, IMAGE_NT_HEADERS32 UNALIGNED *nt_headers, + PULONG transform_option_flags, IMAGE_NT_HEADERS32_UNALIGNED *nt_headers, PUCHAR old_file_buffer, ULONG old_file_size, ULONG new_res_time, struct patch_transform_table* xfrm_tbl, unsigned char *hintmap) { @@ -2231,7 +2260,7 @@ static DWORD perform_patches_on_old_file_image( ULONG new_file_res_time, struct patch_transform_table* xfrm_tbl) { DWORD err = ERROR_SUCCESS; - IMAGE_NT_HEADERS32 UNALIGNED *nt_headers; + IMAGE_NT_HEADERS32_UNALIGNED *nt_headers;

nt_headers = image_get_nt_headers(old_file_buffer, old_file_size); if (nt_headers) {