retdec
|
#include <upx_stub.h>
Public Member Functions | |
UpxStub (retdec::loader::Image *inputFile, const UpxStubData *stubData, const DynamicBuffer &stubCapturedData, std::unique_ptr< Decompressor > decompressor, const UpxMetadata &metadata) | |
UpxStubVersion | getVersion () const |
const UpxStubData * | getStubData () const |
const DynamicBuffer * | getStubCapturedData () const |
Decompressor * | getDecompressor () const |
const UpxMetadata * | getUpxMetadata () const |
virtual std::uint32_t | getRealEpAddress () const |
void | setStubData (const UpxStubData *stubData) |
void | setStubCapturedData (const DynamicBuffer &stubCapturedData) |
![]() | |
UnpackingStub (loader::Image *file) | |
virtual | ~UnpackingStub ()=default |
virtual void | unpack (const std::string &outputFile)=0 |
virtual void | cleanup ()=0 |
loader::Image * | getFile () |
Static Public Member Functions | |
static std::shared_ptr< UpxStub > | createStub (retdec::loader::Image *file) |
static std::shared_ptr< UpxStub > | createStub (retdec::loader::Image *file, const DynamicBuffer &stubBytes) |
Protected Member Functions | |
std::unique_ptr< Decompressor > | decodePackingMethod (std::uint8_t packingMethod) const |
![]() | |
void | setFile (loader::Image *file) |
Protected Attributes | |
const UpxStubData * | _stubData |
Additional stub information. More... | |
DynamicBuffer | _stubCapturedData |
Data captured while matching signature of this stub. More... | |
std::unique_ptr< Decompressor > | _decompressor |
Decompressor associated with stub. More... | |
UpxMetadata | _metadata |
UPX metadata aka packheader. More... | |
![]() | |
loader::Image * | _file |
Static Private Member Functions | |
static std::shared_ptr< UpxStub > | _createStubImpl (retdec::loader::Image *file, const DynamicBuffer *stubBytes) |
Base class that represents UPX unpacking stub and its functionality. Every different type of unpacking stub should subclass this class and implement its unpacker, decompress and cleanup method.
retdec::unpackertool::upx::UpxStub::UpxStub | ( | retdec::loader::Image * | inputFile, |
const UpxStubData * | stubData, | ||
const DynamicBuffer & | stubCapturedData, | ||
std::unique_ptr< Decompressor > | decompressor, | ||
const UpxMetadata & | metadata | ||
) |
Creates a new UPX unpacking stub object.
inputFile | The packed input file. |
stubData | The additional information about the unpacking stub. |
stubCapturedData | Data that were captured during the signature matching. |
decompressor | Associated decompressor with this unpacking stub. |
metadata | The UPX metadata associated with this unpacking stub. |
|
staticprivate |
|
static |
|
static |
|
protected |
Decompressor * retdec::unpackertool::upx::UpxStub::getDecompressor | ( | ) | const |
Returns the decompressor associated with this stub.
|
virtual |
Returns the EP address of the packed input file. This method shouldn't be overridden until you really want to change the way EP address is being parsed. You may override this in case of UPX scramblers. Their real EP address lies somewhere else than the file EP address is set to.
Reimplemented in retdec::unpackertool::upx::PeUpxStub< bits >.
const DynamicBuffer * retdec::unpackertool::upx::UpxStub::getStubCapturedData | ( | ) | const |
Returns the captured data that were captured during signature matching.
const UpxStubData * retdec::unpackertool::upx::UpxStub::getStubData | ( | ) | const |
Returns a UpxStubData containg all the information about this stub.
const UpxMetadata * retdec::unpackertool::upx::UpxStub::getUpxMetadata | ( | ) | const |
Returns the UPX metadata aka UPX packheader.
UpxStubVersion retdec::unpackertool::upx::UpxStub::getVersion | ( | ) | const |
Returns a version of this UPX unpacking stub.
void retdec::unpackertool::upx::UpxStub::setStubCapturedData | ( | const DynamicBuffer & | stubCapturedData | ) |
void retdec::unpackertool::upx::UpxStub::setStubData | ( | const UpxStubData * | stubData | ) |
|
protected |
Decompressor associated with stub.
|
protected |
UPX metadata aka packheader.
|
protected |
Data captured while matching signature of this stub.
|
protected |
Additional stub information.