PE查看器(C++）--下

GetFirstSectionHeader(Based)这个函数忘了写,在这里补上

PIMAGE_SECTION_HEADER GetFirstSectionHeader(LPVOID Based)
{
  	PIMAGE_NT_HEADERS     pNH=NULL;
        PIMAGE_SECTION_HEADER pSH=NULL;
    
        pNH=GetNtHeaders(Based);
   	pSH=IMAGE_FIRST_SECTION(pNtH);
 	return  pSH;
}

4、读取数据

/*--------------读取区段--------------------*/
typedef struct _SECTIONINFO_
{
    CString Name[8];
    CString VirtualAddress[8];
    CString VirtualSize[8];
    CString PointerToRawData[8];
    CString SizeOfRawData[8];
    CString Characteristics[8];
}SectionInfo;
void ShowSection(SectionInfo *si,DWORD Based)
{
   PIMAGE_FILE_HEADER       pFH;
   PIMAGE_SECTION_HEADER    pSH;
   pFH = GetFileHeader(Based);
   if(!pFH)
        return ;
/*-----------------------------------*/
    pSH = GetFirstSectionHeader(Based)
    for(int i = 0; i<pFH->NumberOfSections;i++)
    {
         si->Name[i] = pSH->Name;
         si->VirtualAddress[i].Format(_T("%s"),pSH->VirtualAddress);
         si->VirtualSize[i].Format(_T("%x"),pSH->Misc.VirtualSize);
         si->PointerToRawData[i].Format(_T("%x"),pSH->PointerToRawData);
         si->SizeOfRawData[i].Format(_T("%x"), pSH->SizeOfRawData);
         si->Characteristics[i].Format(_T("%x").pSH->Characteristics);
         ++pSH;
    }
}

/*----------读取数据表-------------*/
typedef struct _DATADIRECTORY_
{
      CString VirtualAddress[16];
      CString Size[16];
}DataDirectory;

void ShowDataDirectory(DataDirectory *dd,LPVOID Based)
{
         PIMAGE_OPTIONAL_HEADER pOH;
         pOH=GetOptionalHeader(Based);
         if(!pOH)
                return;

	for(int i=0;i<16;i++)
        {
                dd->VirtualAddress[i].Format(_T("%08lX"), pOH->DataDirectory[i].VirtualAddress);
                dd->Size[i].Format(_T("%08lX"), pOH->DataDirectory[i].Size);
        }
}

/*---------------输出表-----------------------*/
typedef struct _EXPORTDIRECTORY_
{
      CString szName;
      CString  Characteristics;  
      CString  TimeDateStamp;
      CString  Base;
      CString  Name;
      CString  NumberOfFunctions;
      CString  NumberOfNames;
      CString  AddressOfFunctions;
      CString  AddressOfNames;
      CString  AddressOfNameOrdinals;
}ExportDirectory;

void ShowExportDirectory(ExportDirectory *ed,LPVOID Based)
{
         PIMAGE_NT_HEADERS       pNH;
         PIMAGE_EXPORT_DIRECTORY pExportDir;
         pNH=GetNtHeaders(Based);
         pExportDir=GetExportDirectory(Based);
	 if(!pExportDir)
		return;
/*-----------------------------------------------*/
         ed->Characteristics.Format(_T("%08lX"), pExportDir->Characteristics);
	 ed->TimeDateStamp.Format(_T( "%08lX"), pExportDir->TimeDateStamp);
	 ed->Base.Format(_T("%08lX"), pExportDir->Base);	 
	 ed->Name.Format(_T("%08lX"), pExportDir->Name);
	 
	 ed->NumberOfFunctions.Format(_T("%08lX"), pExportDir->NumberOfFunctions); 
	 ed->NumberOfNames.Format(_T("%08lX"), pExportDir->NumberOfNames);	 
	 ed->AddressOfFunctions.Format(_T("%08lX"), pExportDir->AddressOfFunctions);	 
	 ed->AddressOfNames.format(_T("%08lX"), pExportDir->AddressOfNames);	 
	 ed->AddressOfNameOrdinals.Format(_T("%08lX"), pExportDir->AddressOfNameOrdinals);	 
	 ed->szName=(CString)RvaToVa(pNH,Based,pExportDir->Name);
}