RubyGems - pedump - Versions diffs - 0.5.0 → 0.6.0 - Mend

pedump 0.5.0 → 0.6.0

Files changed (53) hide show

checksums.yaml +7 -0
data/.github/FUNDING.yml +2 -0
data/.github/dependabot.yml +8 -0
data/CODE_OF_CONDUCT.md +76 -0
data/Gemfile +11 -16
data/Gemfile.lock +73 -27
data/README.md +15 -6
data/Rakefile +5 -44
data/VERSION +1 -1
data/lib/pedump.rb +101 -29
data/lib/pedump/cli.rb +29 -18
data/lib/pedump/loader.rb +1 -1
data/lib/pedump/loader/minidump.rb +195 -31
data/lib/pedump/ne.rb +1 -1
data/lib/pedump/pe.rb +63 -54
data/lib/pedump/te.rb +51 -0
data/lib/pedump/unpacker/aspack.rb +1 -1
data/lib/pedump/version.rb +2 -5
data/misc/aspack/aspack_unlzx.c +5 -3
data/pedump.gemspec +47 -74
metadata +50 -101
data/.document +0 -5
data/.rspec +0 -1
data/.travis.yml +0 -4
data/samples/bad/68.exe +0 -0
data/samples/bad/data_dir_15_entries.exe +0 -0
data/spec/65535sects_spec.rb +0 -8
data/spec/bad_imports_spec.rb +0 -20
data/spec/bad_samples_spec.rb +0 -13
data/spec/composite_io_spec.rb +0 -122
data/spec/data/calc.exe_sections.yml +0 -49
data/spec/data/data_dir_15_entries.exe_sections.yml +0 -95
data/spec/dllord_spec.rb +0 -21
data/spec/foldedhdr_spec.rb +0 -28
data/spec/imports_badterm_spec.rb +0 -52
data/spec/imports_vterm_spec.rb +0 -52
data/spec/loader/names_spec.rb +0 -24
data/spec/loader/va_spec.rb +0 -44
data/spec/manyimportsW7_spec.rb +0 -22
data/spec/ne_spec.rb +0 -125
data/spec/packer_spec.rb +0 -17
data/spec/pe_spec.rb +0 -67
data/spec/pedump_spec.rb +0 -19
data/spec/resource_spec.rb +0 -13
data/spec/sections_spec.rb +0 -11
data/spec/sig_all_packers_spec.rb +0 -24
data/spec/sig_spec.rb +0 -68
data/spec/spec_helper.rb +0 -24
data/spec/support/samples.rb +0 -24
data/spec/unpackers/aspack_spec.rb +0 -69
data/spec/unpackers/find_spec.rb +0 -21
data/spec/virtsectblXP_spec.rb +0 -12
data/tmp/.keep +0 -0

@@ -1,24 +0,0 @@
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-require 'rspec'
-require 'pedump'
-require 'fileutils'
-DATA_DIR = File.join(File.dirname(__FILE__), "data")
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
-def unarchive_samples fname
-  flag_fname = File.join(File.dirname(fname), ".#{File.basename(fname)}_unpacked")
-  # check if already unpacked
-  return if File.exist?(flag_fname)
-  system "7zr", "x", "-y", "-o#{SAMPLES_DIR}", fname
-  FileUtils.touch(flag_fname) if $?.success?
-end
-RSpec.configure do |config|
-  config.before :suite do
-    Dir[File.join(SAMPLES_DIR,"*.7z")].each do |fname|
-      unarchive_samples fname
-    end
-  end
-end

data/spec/support/samples.rb DELETED

@@ -1,24 +0,0 @@
-SAMPLES_DIR = File.expand_path(File.dirname(__FILE__) + '/../../samples/')
-def sample
-  @pedump ||=
-    begin
-      fname =
-        if self.example
-          # called from it(...)
-          self.example.full_description.split.first
-        else
-          # called from before(:all)
-          self.class.metadata[:example_group][:description_args].first
-        end
-      fname = File.join(SAMPLES_DIR, fname)
-      File.open(fname,"rb") do |f|
-        if block_given?
-          yield PEdump.new(f)
-        else
-          PEdump.new(f).dump
-        end
-      end
-    end
-end

data/spec/unpackers/aspack_spec.rb DELETED

@@ -1,69 +0,0 @@
-root = File.expand_path(File.dirname(File.dirname(File.dirname(__FILE__))))
-require "#{root}/spec/spec_helper"
-require "#{root}/lib/pedump"
-require "#{root}/lib/pedump/unpacker/aspack"
-require "#{root}/lib/pedump/comparer"
-describe PEdump::Unpacker::ASPack do
-  Dir["#{root}/samples/*.asp[1-9]*.{exe}"].each do |pname|
-    orig_fname = pname.sub(/\.asp[^.]+/,'')
-    describe File.basename(orig_fname) + " vs " + File.basename(pname) do
-      before :all do
-        @ldr = PEdump::Loader.new(File.open(orig_fname,"rb"))
-      end
-      it "should have no differences" do
-        File.open(pname,"rb") do |f|
-          u = PEdump::Unpacker::ASPack.new(f)
-          File.open("#{root}/tmp/unpacked.tmp","w+") do |fo|
-            u.unpack.dump(fo)
-            fo.rewind
-            ldr = PEdump::Loader.new(fo)
-            comparer = PEdump::Comparer.new(@ldr, ldr)
-            comparer.ignored_data_dirs = [
-              PEdump::IMAGE_DATA_DIRECTORY::LOAD_CONFIG,
-              PEdump::IMAGE_DATA_DIRECTORY::Bound_IAT,
-              PEdump::IMAGE_DATA_DIRECTORY::Delay_IAT
-            ]
-            comparer.ignored_sections = [ '.rsrc', '.aspack' ]
-            comparer.diff.should == []
-          end
-        end
-      end
-    end
-  end
-  Dir["#{root}/samples/*.asp[1-9]*.{ocx}"].each do |pname|
-    orig_fname = pname.sub(/\.asp[^.]+/,'')
-    describe File.basename(orig_fname) + " vs " + File.basename(pname) do
-      before :all do
-        @ldr = PEdump::Loader.new(File.open(orig_fname,"rb"))
-      end
-      it "should have no differences" do
-        File.open(pname,"rb") do |f|
-          u = PEdump::Unpacker::ASPack.new(f)
-          File.open("#{root}/tmp/unpacked.tmp","w+") do |fo|
-            u.unpack.dump(fo)
-            fo.rewind
-            ldr = PEdump::Loader.new(fo)
-            comparer = PEdump::Comparer.new(@ldr, ldr)
-            comparer.ignored_data_dirs = [
-              PEdump::IMAGE_DATA_DIRECTORY::LOAD_CONFIG,
-              PEdump::IMAGE_DATA_DIRECTORY::Bound_IAT,
-              PEdump::IMAGE_DATA_DIRECTORY::Delay_IAT,
-              PEdump::IMAGE_DATA_DIRECTORY::BASERELOC, # 0x15496 vs 0x15494
-              PEdump::IMAGE_DATA_DIRECTORY::IAT
-            ]
-            comparer.ignored_sections = [ '.rsrc', '.aspack', '.cas' ]
-            comparer.diff.should == []
-          end
-        end
-      end
-    end
-  end
-end

data/spec/unpackers/find_spec.rb DELETED

@@ -1,21 +0,0 @@
-root = File.expand_path(File.dirname(File.dirname(File.dirname(__FILE__))))
-require "#{root}/spec/spec_helper"
-require "#{root}/lib/pedump/unpacker"
-describe PEdump::Unpacker do
-  it "finds UPX" do
-    PEdump::Unpacker.find("#{root}/samples/calc_upx.exe").should == PEdump::Unpacker::UPX
-  end
-  it "finds ARM UPX" do
-    PEdump::Unpacker.find("#{root}/samples/arm_upx.exe").should == PEdump::Unpacker::UPX
-  end
-  it "finds ASPack" do
-    PEdump::Unpacker.find("#{root}/samples/calc.asp212.exe").should == PEdump::Unpacker::ASPack
-  end
-  it "finds nothing" do
-    PEdump::Unpacker.find("#{root}/samples/calc.exe").should be_nil
-  end
-end

data/spec/virtsectblXP_spec.rb DELETED

@@ -1,12 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../lib/pedump')
-describe 'corkami/virtsectblXP.exe' do
-  it "should have 2 imports" do
-    sample.imports.size.should == 2
-    sample.imports.map(&:module_name).should == %w'kernel32.dll msvcrt.dll'
-    sample.imports.map do |iid|
-      (iid.original_first_thunk + iid.first_thunk).uniq.map(&:name)
-    end.flatten.should == ["ExitProcess", "printf"]
-  end
-end

data/tmp/.keep DELETED

File without changes