pedump 0.4.9.2 → 0.4.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/Gemfile +4 -4
  2. data/Gemfile.lock +19 -17
  3. data/VERSION +1 -1
  4. data/lib/pedump.rb +23 -7
  5. data/lib/pedump/version.rb +1 -1
  6. data/pedump.gemspec +11 -14
  7. metadata +11 -27
data/Gemfile CHANGED
@@ -9,10 +9,10 @@ gem "awesome_print"
9
9
  # Add dependencies to develop your gem here.
10
10
  # Include everything needed to run rake, tests, features, etc.
11
11
  group :development do
12
- gem "rspec", "~> 2.3.0"
13
- gem "bundler", "~> 1.0.0"
14
- gem "jeweler", "~> 1.6.4"
15
- gem "rcov", ">= 0"
12
+ gem "rspec"
13
+ gem "bundler"
14
+ gem "jeweler"
15
+ # gem "rcov", ">= 0"
16
16
  gem "what_methods"
17
17
  gem "looksee"
18
18
  end
data/Gemfile.lock CHANGED
@@ -1,26 +1,29 @@
1
1
  GEM
2
2
  remote: http://rubygems.org/
3
3
  specs:
4
- awesome_print (1.0.2)
4
+ awesome_print (1.1.0)
5
5
  diff-lcs (1.1.3)
6
6
  git (1.2.5)
7
- jeweler (1.6.4)
7
+ jeweler (1.8.4)
8
8
  bundler (~> 1.0)
9
9
  git (>= 1.2.5)
10
10
  rake
11
+ rdoc
12
+ json (1.7.5)
11
13
  looksee (1.0.3)
12
- multipart-post (1.1.4)
14
+ multipart-post (1.1.5)
13
15
  progressbar (0.9.2)
14
- rake (0.9.2.2)
15
- rcov (0.9.11)
16
- rspec (2.3.0)
17
- rspec-core (~> 2.3.0)
18
- rspec-expectations (~> 2.3.0)
19
- rspec-mocks (~> 2.3.0)
20
- rspec-core (2.3.1)
21
- rspec-expectations (2.3.0)
22
- diff-lcs (~> 1.1.2)
23
- rspec-mocks (2.3.0)
16
+ rake (10.0.2)
17
+ rdoc (3.12)
18
+ json (~> 1.4)
19
+ rspec (2.12.0)
20
+ rspec-core (~> 2.12.0)
21
+ rspec-expectations (~> 2.12.0)
22
+ rspec-mocks (~> 2.12.0)
23
+ rspec-core (2.12.1)
24
+ rspec-expectations (2.12.0)
25
+ diff-lcs (~> 1.1.3)
26
+ rspec-mocks (2.12.0)
24
27
  what_methods (1.0.1)
25
28
 
26
29
  PLATFORMS
@@ -28,11 +31,10 @@ PLATFORMS
28
31
 
29
32
  DEPENDENCIES
30
33
  awesome_print
31
- bundler (~> 1.0.0)
32
- jeweler (~> 1.6.4)
34
+ bundler
35
+ jeweler
33
36
  looksee
34
37
  multipart-post (~> 1.1.4)
35
38
  progressbar (~> 0.9.2)
36
- rcov
37
- rspec (~> 2.3.0)
39
+ rspec
38
40
  what_methods
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.9.2
1
+ 0.4.10
data/lib/pedump.rb CHANGED
@@ -587,7 +587,7 @@ class PEdump
587
587
  ##############################################################################
588
588
 
589
589
  #http://msdn.microsoft.com/en-us/library/ms809762.aspx
590
- IMAGE_EXPORT_DIRECTORY = create_struct 'V2v2V7',
590
+ IMAGE_EXPORT_DIRECTORY = create_struct 'V2v2V2l2V3',
591
591
  :Characteristics,
592
592
  :TimeDateStamp,
593
593
  :MajorVersion, # These fields appear to be unused and are set to 0.
@@ -639,7 +639,7 @@ class PEdump
639
639
  x.name = f.gets("\x00").chomp("\x00")
640
640
  end
641
641
  end
642
- if x.NumberOfFunctions.to_i != 0
642
+ if x.NumberOfFunctions.to_i > 0
643
643
  if x.AddressOfFunctions.to_i !=0 && (ofs = va2file(x.AddressOfFunctions))
644
644
  f.seek ofs
645
645
  x.entry_points = []
@@ -663,7 +663,7 @@ class PEdump
663
663
  end
664
664
  end
665
665
  end
666
- if x.NumberOfNames.to_i != 0 && x.AddressOfNames.to_i !=0 && (ofs = va2file(x.AddressOfNames))
666
+ if x.NumberOfNames.to_i > 0 && x.AddressOfNames.to_i !=0 && (ofs = va2file(x.AddressOfNames))
667
667
  f.seek ofs
668
668
  x.names = []
669
669
  x.NumberOfNames.times do
@@ -673,15 +673,31 @@ class PEdump
673
673
  end
674
674
  x.names << f.read(4).unpack('V').first
675
675
  end
676
- x.names.map! do |va|
677
- f.seek va2file(va)
678
- f.gets("\x00").to_s.chomp("\x00")
676
+ nErrors = 0
677
+ x.names.size.times do |i|
678
+ begin
679
+ f.seek va2file(x.names[i])
680
+ x.names[i] = f.gets("\x00").to_s.chomp("\x00")
681
+ rescue
682
+ nErrors += 1
683
+ if nErrors > 100
684
+ logger.warn "[?] too many errors getting export names, stopped on #{i} of #{x.names.size}"
685
+ x.names = x.names[0,i]
686
+ break
687
+ end
688
+ nil
689
+ end
679
690
  end
680
691
  end
681
692
 
682
693
  ord2name = {}
683
694
  if x.names && x.names.any?
684
- x.NumberOfNames.times do |i|
695
+ n = x.NumberOfNames
696
+ if n > 2048
697
+ logger.warn "[?] NumberOfNames too big (#{x.NumberOfNames}), limiting to 2048"
698
+ n = 2048
699
+ end
700
+ n.times do |i|
685
701
  ord2name[x.name_ordinals[i]] ||= []
686
702
  ord2name[x.name_ordinals[i]] << x.names[i]
687
703
  end
data/lib/pedump/version.rb CHANGED
@@ -2,7 +2,7 @@ class PEdump
2
2
  module Version
3
3
  MAJOR = 0
4
4
  MINOR = 4
5
- PATCH = 9
5
+ PATCH = 10
6
6
  BUILD = nil
7
7
 
8
8
  STRING = [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
data/pedump.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "pedump"
8
- s.version = "0.4.9.2"
8
+ s.version = "0.4.10"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Andrey \"Zed\" Zaikin"]
12
- s.date = "2012-05-31"
12
+ s.date = "2012-12-10"
13
13
  s.description = "dump headers, sections, extract resources of win32 PE exe,dll,etc"
14
14
  s.email = "zed.0xff@gmail.com"
15
15
  s.executables = ["pedump"]
@@ -90,20 +90,18 @@ Gem::Specification.new do |s|
90
90
  s.add_runtime_dependency(%q<multipart-post>, ["~> 1.1.4"])
91
91
  s.add_runtime_dependency(%q<progressbar>, ["~> 0.9.2"])
92
92
  s.add_runtime_dependency(%q<awesome_print>, [">= 0"])
93
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
94
- s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
95
- s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
96
- s.add_development_dependency(%q<rcov>, [">= 0"])
93
+ s.add_development_dependency(%q<rspec>, [">= 0"])
94
+ s.add_development_dependency(%q<bundler>, [">= 0"])
95
+ s.add_development_dependency(%q<jeweler>, [">= 0"])
97
96
  s.add_development_dependency(%q<what_methods>, [">= 0"])
98
97
  s.add_development_dependency(%q<looksee>, [">= 0"])
99
98
  else
100
99
  s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
101
100
  s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
102
101
  s.add_dependency(%q<awesome_print>, [">= 0"])
103
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
104
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
105
- s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
106
- s.add_dependency(%q<rcov>, [">= 0"])
102
+ s.add_dependency(%q<rspec>, [">= 0"])
103
+ s.add_dependency(%q<bundler>, [">= 0"])
104
+ s.add_dependency(%q<jeweler>, [">= 0"])
107
105
  s.add_dependency(%q<what_methods>, [">= 0"])
108
106
  s.add_dependency(%q<looksee>, [">= 0"])
109
107
  end
@@ -111,10 +109,9 @@ Gem::Specification.new do |s|
111
109
  s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
112
110
  s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
113
111
  s.add_dependency(%q<awesome_print>, [">= 0"])
114
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
115
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
116
- s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
117
- s.add_dependency(%q<rcov>, [">= 0"])
112
+ s.add_dependency(%q<rspec>, [">= 0"])
113
+ s.add_dependency(%q<bundler>, [">= 0"])
114
+ s.add_dependency(%q<jeweler>, [">= 0"])
118
115
  s.add_dependency(%q<what_methods>, [">= 0"])
119
116
  s.add_dependency(%q<looksee>, [">= 0"])
120
117
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pedump
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.9.2
4
+ version: 0.4.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-05-31 00:00:00.000000000 Z
12
+ date: 2012-12-10 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multipart-post
@@ -64,51 +64,35 @@ dependencies:
64
64
  requirement: !ruby/object:Gem::Requirement
65
65
  none: false
66
66
  requirements:
67
- - - ~>
67
+ - - ! '>='
68
68
  - !ruby/object:Gem::Version
69
- version: 2.3.0
69
+ version: '0'
70
70
  type: :development
71
71
  prerelease: false
72
72
  version_requirements: !ruby/object:Gem::Requirement
73
73
  none: false
74
74
  requirements:
75
- - - ~>
75
+ - - ! '>='
76
76
  - !ruby/object:Gem::Version
77
- version: 2.3.0
77
+ version: '0'
78
78
  - !ruby/object:Gem::Dependency
79
79
  name: bundler
80
80
  requirement: !ruby/object:Gem::Requirement
81
81
  none: false
82
82
  requirements:
83
- - - ~>
83
+ - - ! '>='
84
84
  - !ruby/object:Gem::Version
85
- version: 1.0.0
85
+ version: '0'
86
86
  type: :development
87
87
  prerelease: false
88
88
  version_requirements: !ruby/object:Gem::Requirement
89
89
  none: false
90
90
  requirements:
91
- - - ~>
91
+ - - ! '>='
92
92
  - !ruby/object:Gem::Version
93
- version: 1.0.0
93
+ version: '0'
94
94
  - !ruby/object:Gem::Dependency
95
95
  name: jeweler
96
- requirement: !ruby/object:Gem::Requirement
97
- none: false
98
- requirements:
99
- - - ~>
100
- - !ruby/object:Gem::Version
101
- version: 1.6.4
102
- type: :development
103
- prerelease: false
104
- version_requirements: !ruby/object:Gem::Requirement
105
- none: false
106
- requirements:
107
- - - ~>
108
- - !ruby/object:Gem::Version
109
- version: 1.6.4
110
- - !ruby/object:Gem::Dependency
111
- name: rcov
112
96
  requirement: !ruby/object:Gem::Requirement
113
97
  none: false
114
98
  requirements:
@@ -237,7 +221,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
237
221
  version: '0'
238
222
  segments:
239
223
  - 0
240
- hash: 437507218408314467
224
+ hash: 1643171094839400469
241
225
  required_rubygems_version: !ruby/object:Gem::Requirement
242
226
  none: false
243
227
  requirements: