pedump 0.4.9.2 → 0.4.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/Gemfile +4 -4
  2. data/Gemfile.lock +19 -17
  3. data/VERSION +1 -1
  4. data/lib/pedump.rb +23 -7
  5. data/lib/pedump/version.rb +1 -1
  6. data/pedump.gemspec +11 -14
  7. metadata +11 -27
data/Gemfile CHANGED
@@ -9,10 +9,10 @@ gem "awesome_print"
9
9
  # Add dependencies to develop your gem here.
10
10
  # Include everything needed to run rake, tests, features, etc.
11
11
  group :development do
12
- gem "rspec", "~> 2.3.0"
13
- gem "bundler", "~> 1.0.0"
14
- gem "jeweler", "~> 1.6.4"
15
- gem "rcov", ">= 0"
12
+ gem "rspec"
13
+ gem "bundler"
14
+ gem "jeweler"
15
+ # gem "rcov", ">= 0"
16
16
  gem "what_methods"
17
17
  gem "looksee"
18
18
  end
data/Gemfile.lock CHANGED
@@ -1,26 +1,29 @@
1
1
  GEM
2
2
  remote: http://rubygems.org/
3
3
  specs:
4
- awesome_print (1.0.2)
4
+ awesome_print (1.1.0)
5
5
  diff-lcs (1.1.3)
6
6
  git (1.2.5)
7
- jeweler (1.6.4)
7
+ jeweler (1.8.4)
8
8
  bundler (~> 1.0)
9
9
  git (>= 1.2.5)
10
10
  rake
11
+ rdoc
12
+ json (1.7.5)
11
13
  looksee (1.0.3)
12
- multipart-post (1.1.4)
14
+ multipart-post (1.1.5)
13
15
  progressbar (0.9.2)
14
- rake (0.9.2.2)
15
- rcov (0.9.11)
16
- rspec (2.3.0)
17
- rspec-core (~> 2.3.0)
18
- rspec-expectations (~> 2.3.0)
19
- rspec-mocks (~> 2.3.0)
20
- rspec-core (2.3.1)
21
- rspec-expectations (2.3.0)
22
- diff-lcs (~> 1.1.2)
23
- rspec-mocks (2.3.0)
16
+ rake (10.0.2)
17
+ rdoc (3.12)
18
+ json (~> 1.4)
19
+ rspec (2.12.0)
20
+ rspec-core (~> 2.12.0)
21
+ rspec-expectations (~> 2.12.0)
22
+ rspec-mocks (~> 2.12.0)
23
+ rspec-core (2.12.1)
24
+ rspec-expectations (2.12.0)
25
+ diff-lcs (~> 1.1.3)
26
+ rspec-mocks (2.12.0)
24
27
  what_methods (1.0.1)
25
28
 
26
29
  PLATFORMS
@@ -28,11 +31,10 @@ PLATFORMS
28
31
 
29
32
  DEPENDENCIES
30
33
  awesome_print
31
- bundler (~> 1.0.0)
32
- jeweler (~> 1.6.4)
34
+ bundler
35
+ jeweler
33
36
  looksee
34
37
  multipart-post (~> 1.1.4)
35
38
  progressbar (~> 0.9.2)
36
- rcov
37
- rspec (~> 2.3.0)
39
+ rspec
38
40
  what_methods
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.9.2
1
+ 0.4.10
data/lib/pedump.rb CHANGED
@@ -587,7 +587,7 @@ class PEdump
587
587
  ##############################################################################
588
588
 
589
589
  #http://msdn.microsoft.com/en-us/library/ms809762.aspx
590
- IMAGE_EXPORT_DIRECTORY = create_struct 'V2v2V7',
590
+ IMAGE_EXPORT_DIRECTORY = create_struct 'V2v2V2l2V3',
591
591
  :Characteristics,
592
592
  :TimeDateStamp,
593
593
  :MajorVersion, # These fields appear to be unused and are set to 0.
@@ -639,7 +639,7 @@ class PEdump
639
639
  x.name = f.gets("\x00").chomp("\x00")
640
640
  end
641
641
  end
642
- if x.NumberOfFunctions.to_i != 0
642
+ if x.NumberOfFunctions.to_i > 0
643
643
  if x.AddressOfFunctions.to_i !=0 && (ofs = va2file(x.AddressOfFunctions))
644
644
  f.seek ofs
645
645
  x.entry_points = []
@@ -663,7 +663,7 @@ class PEdump
663
663
  end
664
664
  end
665
665
  end
666
- if x.NumberOfNames.to_i != 0 && x.AddressOfNames.to_i !=0 && (ofs = va2file(x.AddressOfNames))
666
+ if x.NumberOfNames.to_i > 0 && x.AddressOfNames.to_i !=0 && (ofs = va2file(x.AddressOfNames))
667
667
  f.seek ofs
668
668
  x.names = []
669
669
  x.NumberOfNames.times do
@@ -673,15 +673,31 @@ class PEdump
673
673
  end
674
674
  x.names << f.read(4).unpack('V').first
675
675
  end
676
- x.names.map! do |va|
677
- f.seek va2file(va)
678
- f.gets("\x00").to_s.chomp("\x00")
676
+ nErrors = 0
677
+ x.names.size.times do |i|
678
+ begin
679
+ f.seek va2file(x.names[i])
680
+ x.names[i] = f.gets("\x00").to_s.chomp("\x00")
681
+ rescue
682
+ nErrors += 1
683
+ if nErrors > 100
684
+ logger.warn "[?] too many errors getting export names, stopped on #{i} of #{x.names.size}"
685
+ x.names = x.names[0,i]
686
+ break
687
+ end
688
+ nil
689
+ end
679
690
  end
680
691
  end
681
692
 
682
693
  ord2name = {}
683
694
  if x.names && x.names.any?
684
- x.NumberOfNames.times do |i|
695
+ n = x.NumberOfNames
696
+ if n > 2048
697
+ logger.warn "[?] NumberOfNames too big (#{x.NumberOfNames}), limiting to 2048"
698
+ n = 2048
699
+ end
700
+ n.times do |i|
685
701
  ord2name[x.name_ordinals[i]] ||= []
686
702
  ord2name[x.name_ordinals[i]] << x.names[i]
687
703
  end
data/lib/pedump/version.rb CHANGED
@@ -2,7 +2,7 @@ class PEdump
2
2
  module Version
3
3
  MAJOR = 0
4
4
  MINOR = 4
5
- PATCH = 9
5
+ PATCH = 10
6
6
  BUILD = nil
7
7
 
8
8
  STRING = [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
data/pedump.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "pedump"
8
- s.version = "0.4.9.2"
8
+ s.version = "0.4.10"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Andrey \"Zed\" Zaikin"]
12
- s.date = "2012-05-31"
12
+ s.date = "2012-12-10"
13
13
  s.description = "dump headers, sections, extract resources of win32 PE exe,dll,etc"
14
14
  s.email = "zed.0xff@gmail.com"
15
15
  s.executables = ["pedump"]
@@ -90,20 +90,18 @@ Gem::Specification.new do |s|
90
90
  s.add_runtime_dependency(%q<multipart-post>, ["~> 1.1.4"])
91
91
  s.add_runtime_dependency(%q<progressbar>, ["~> 0.9.2"])
92
92
  s.add_runtime_dependency(%q<awesome_print>, [">= 0"])
93
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
94
- s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
95
- s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
96
- s.add_development_dependency(%q<rcov>, [">= 0"])
93
+ s.add_development_dependency(%q<rspec>, [">= 0"])
94
+ s.add_development_dependency(%q<bundler>, [">= 0"])
95
+ s.add_development_dependency(%q<jeweler>, [">= 0"])
97
96
  s.add_development_dependency(%q<what_methods>, [">= 0"])
98
97
  s.add_development_dependency(%q<looksee>, [">= 0"])
99
98
  else
100
99
  s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
101
100
  s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
102
101
  s.add_dependency(%q<awesome_print>, [">= 0"])
103
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
104
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
105
- s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
106
- s.add_dependency(%q<rcov>, [">= 0"])
102
+ s.add_dependency(%q<rspec>, [">= 0"])
103
+ s.add_dependency(%q<bundler>, [">= 0"])
104
+ s.add_dependency(%q<jeweler>, [">= 0"])
107
105
  s.add_dependency(%q<what_methods>, [">= 0"])
108
106
  s.add_dependency(%q<looksee>, [">= 0"])
109
107
  end
@@ -111,10 +109,9 @@ Gem::Specification.new do |s|
111
109
  s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
112
110
  s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
113
111
  s.add_dependency(%q<awesome_print>, [">= 0"])
114
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
115
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
116
- s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
117
- s.add_dependency(%q<rcov>, [">= 0"])
112
+ s.add_dependency(%q<rspec>, [">= 0"])
113
+ s.add_dependency(%q<bundler>, [">= 0"])
114
+ s.add_dependency(%q<jeweler>, [">= 0"])
118
115
  s.add_dependency(%q<what_methods>, [">= 0"])
119
116
  s.add_dependency(%q<looksee>, [">= 0"])
120
117
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pedump
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.9.2
4
+ version: 0.4.10
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-05-31 00:00:00.000000000 Z
12
+ date: 2012-12-10 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: multipart-post
@@ -64,51 +64,35 @@ dependencies:
64
64
  requirement: !ruby/object:Gem::Requirement
65
65
  none: false
66
66
  requirements:
67
- - - ~>
67
+ - - ! '>='
68
68
  - !ruby/object:Gem::Version
69
- version: 2.3.0
69
+ version: '0'
70
70
  type: :development
71
71
  prerelease: false
72
72
  version_requirements: !ruby/object:Gem::Requirement
73
73
  none: false
74
74
  requirements:
75
- - - ~>
75
+ - - ! '>='
76
76
  - !ruby/object:Gem::Version
77
- version: 2.3.0
77
+ version: '0'
78
78
  - !ruby/object:Gem::Dependency
79
79
  name: bundler
80
80
  requirement: !ruby/object:Gem::Requirement
81
81
  none: false
82
82
  requirements:
83
- - - ~>
83
+ - - ! '>='
84
84
  - !ruby/object:Gem::Version
85
- version: 1.0.0
85
+ version: '0'
86
86
  type: :development
87
87
  prerelease: false
88
88
  version_requirements: !ruby/object:Gem::Requirement
89
89
  none: false
90
90
  requirements:
91
- - - ~>
91
+ - - ! '>='
92
92
  - !ruby/object:Gem::Version
93
- version: 1.0.0
93
+ version: '0'
94
94
  - !ruby/object:Gem::Dependency
95
95
  name: jeweler
96
- requirement: !ruby/object:Gem::Requirement
97
- none: false
98
- requirements:
99
- - - ~>
100
- - !ruby/object:Gem::Version
101
- version: 1.6.4
102
- type: :development
103
- prerelease: false
104
- version_requirements: !ruby/object:Gem::Requirement
105
- none: false
106
- requirements:
107
- - - ~>
108
- - !ruby/object:Gem::Version
109
- version: 1.6.4
110
- - !ruby/object:Gem::Dependency
111
- name: rcov
112
96
  requirement: !ruby/object:Gem::Requirement
113
97
  none: false
114
98
  requirements:
@@ -237,7 +221,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
237
221
  version: '0'
238
222
  segments:
239
223
  - 0
240
- hash: 437507218408314467
224
+ hash: 1643171094839400469
241
225
  required_rubygems_version: !ruby/object:Gem::Requirement
242
226
  none: false
243
227
  requirements: