pedump 0.5.4 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c167f3c637d0eb649e1ff15a7d18a58682ed89b318d2425c8f6713e5c203409e
-  data.tar.gz: f362fd8c83ad8697439b212751c7c8b5c4514a92fd5becaf4769bde5566f752a
+  metadata.gz: 73c28547719cedc77a48cbcd0b519283d09d061c358c24fd14fcff8e130072bf
+  data.tar.gz: 4444e01ee15c6920856ed30e63d118bc027758de0e696ea02d1c1bd3a6486bee
 SHA512:
-  metadata.gz: 8997606d9577b1e43e47681151017edfde52b32da1125ee67fab26c9649a9f6d03a9fdb3e5259a790c1519def75e536c124fefe59608af861e17d86e7e201a63
-  data.tar.gz: 62ad9a8fef0aaea4cc0b637f033705ee02e1623320bf043ad4e08c8834d95ce92f1b04639ec5e7e46c5212ba23d132181a664d41dd84d454cd72ed55ac19f6a7
+  metadata.gz: d35bdf91d6081245a723b569837b7332baf0b61962747d6595a0afed6625fba3f15fa1e7ae5db9734ed7e08f03008031037254fc2df60f655c10b0e95db5d005
+  data.tar.gz: e9ac50ac19c5814f6364dde31dd0a16c0e263015e752c4a82b04e707c08a3e999255572c643da990ce9fabb4d3e624e85bdab53697e702044f941772fc96974e

data/.github/FUNDING.yml

@@ -0,0 +1,2 @@
+#github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+ko_fi: zed_0xff

data/.github/dependabot.yml

@@ -0,0 +1,8 @@
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: bundler
+    directory: "/"
+    schedule:
+      interval: "weekly"

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at zed.0xff@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq

data/Gemfile

@@ -5,7 +5,6 @@ gem 'rainbow'
 gem "awesome_print"
 gem "iostruct",       ">= 0.0.4"
 gem "multipart-post", ">= 2.0.0"
-gem "progressbar"
 gem "zhexdump",       ">= 0.0.2"
 
 group :development do

data/Gemfile.lock

@@ -36,8 +36,8 @@ GEM
     mini_portile2 (2.4.0)
     multi_json (1.14.1)
     multi_xml (0.6.0)
-    multipart-post (2.0.0)
-    nokogiri (1.10.7)
+    multipart-post (2.1.1)
+    nokogiri (1.10.8)
       mini_portile2 (~> 2.4.0)
     oauth2 (1.4.2)
       faraday (>= 0.8, < 2.0)
@@ -45,9 +45,8 @@ GEM
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
-    progressbar (1.10.1)
     psych (3.1.0)
-    rack (2.1.1)
+    rack (2.2.3)
     rainbow (3.0.0)
     rake (13.0.1)
     rdoc (6.2.1)
@@ -80,7 +79,6 @@ DEPENDENCIES
   iostruct (>= 0.0.4)
   jeweler (~> 2.3.9)
   multipart-post (>= 2.0.0)
-  progressbar
   rainbow
   rspec (~> 3.9.0)
   rspec-its (~> 1.3.0)

data/README.md

@@ -1,6 +1,11 @@
-pedump    [![Build Status](https://travis-ci.org/zed-0xff/pedump.png?branch=master)](https://travis-ci.org/zed-0xff/pedump) [![Dependency Status](https://gemnasium.com/zed-0xff/pedump.png)](https://gemnasium.com/zed-0xff/pedump)
+pedump    [![Build Status](https://travis-ci.org/zed-0xff/pedump.png?branch=master)](https://travis-ci.org/zed-0xff/pedump) [![ko-fi](https://www.ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/K3K81Z3W5)
 ======
 
+News
+----
+2020.07.26 - now travis autotests run on ARM and OSX too!
+2020.07.25 - added EFI TE parsing; removed 'progressbar' gem dependency
+
 Description
 -----------
 A pure ruby implementation of win32 PE binary files dumper.
@@ -11,6 +16,7 @@ Supported formats:
  * win16 NE
  * win32 PE
  * win64 PE
+ * EFI TE
 
 Can dump:
 
@@ -50,6 +56,7 @@ Usage
             --rich
             --pe
             --ne
+            --te
             --data-directory
         -S, --sections
             --tls

data/VERSION

@@ -1 +1 @@
-0.5.4
+0.6.0

data/lib/pedump.rb

@@ -17,6 +17,7 @@ require 'pedump/security'
 require 'pedump/packer'
 require 'pedump/ne'
 require 'pedump/ne/version_info'
+require 'pedump/te'
 
 # pedump.rb by zed_0xff
 #
@@ -31,6 +32,7 @@ class PEdump
   MAX_IMAGE_IMPORT_DESCRIPTORS = 1000
   MAX_EXPORT_NUMBER_OF_NAMES = 16384 # got 7977 in http://pedump.me/03ad7400080678c6b1984f995d36fd04
   GOOD_FUNCTION_NAME_RE = /\A[\x21-\x7f]+\Z/
+  SUPPORTED_SIGNATURES = ['MZ', 'ZM', 'VZ']
 
   @@logger = nil
 
@@ -322,9 +324,9 @@ class PEdump
     @mz ||= f && MZ.read(f).tap do |mz|
       if mz.signature != 'MZ' && mz.signature != 'ZM'
         if @force
-          logger.warn  "[?] no MZ signature. want: 'MZ' or 'ZM', got: #{mz.signature.inspect}"
+          #logger.warn  "[?] no MZ signature. want: 'MZ' or 'ZM', got: #{mz.signature.inspect}"
         else
-          logger.error "[!] no MZ signature. want: 'MZ' or 'ZM', got: #{mz.signature.inspect}. (not forced)"
+          #logger.error "[!] no MZ signature. want: 'MZ' or 'ZM', got: #{mz.signature.inspect}. (not forced)"
           return nil
         end
       end
@@ -431,16 +433,22 @@ class PEdump
   end
 
   def _dump_handle h
-    return unless pe(h) # also calls mz(h)
-    rich_hdr h
-    resources h
-    imports h   # also calls tls(h)
-    exports h
-    packer h
+    if pe(h) # also calls mz(h)
+      rich_hdr h
+      resources h
+      imports h   # also calls tls(h)
+      exports h
+      packer h
+    elsif te(h)
+    end
   end
 
   def data_directory f=@io
-    pe(f) && pe.ioh && pe.ioh.DataDirectory
+    if pe(f)
+      pe.ioh && pe.ioh.DataDirectory
+    elsif te(f)
+      te.DataDirectory
+    end
   end
 
   def sections f=@io
@@ -448,16 +456,52 @@ class PEdump
       pe.section_table
     elsif ne(f)
       ne.segments
+    elsif te(f)
+      te.sections
     end
   end
   alias :section_table :sections
 
-  def ne?
-    @pe ? false : (@ne ? true : (pe ? false : (ne ? true : false)))
+  def supported_file? f=@io
+    pos = f.tell
+    sig = f.read(2)
+    f.seek(pos)
+    if SUPPORTED_SIGNATURES.include?(sig)
+      true
+    else
+      unless @not_supported_sig_warned
+        msg = "no supported signature. want: #{SUPPORTED_SIGNATURES.join("/")}, got: #{sig.inspect}"
+        if @force
+          logger.warn  "[?] #{msg}"
+        else
+          logger.error "[!] #{msg}. (not forced)"
+        end
+        @not_supported_sig_warned = true
+      end
+      false
+    end
+  end
+
+  def _detect_format
+    return :pe if @pe
+    return :ne if @ne
+    return :te if @te
+    return :pe if pe()
+    return :ne if ne()
+    return :te if te()
+    nil
   end
 
   def pe?
-    @pe ? true  : (@ne ? false : (pe ? true : false ))
+    _detect_format() == :pe
+  end
+
+  def ne?
+    _detect_format() == :ne
+  end
+
+  def te?
+    _detect_format() == :te
   end
 
   ##############################################################################

data/lib/pedump/cli.rb

@@ -33,7 +33,7 @@ class PEdump::CLI
   attr_accessor :data, :argv
 
   KNOWN_ACTIONS = (
-    %w'mz dos_stub rich pe ne data_directory sections tls security' +
+    %w'mz dos_stub rich pe ne te data_directory sections tls security' +
     %w'strings resources resource_directory imports exports version_info packer web console packer_only'
   ).map(&:to_sym)
 
@@ -135,7 +135,7 @@ class PEdump::CLI
       File.open(fname,'rb') do |f|
         @pedump = create_pedump fname
 
-        next if !@options[:force] && !@pedump.mz(f)
+        next if !@options[:force] && !@pedump.supported_file?(f)
 
         @actions.each do |action|
           case action
@@ -194,16 +194,14 @@ class PEdump::CLI
   end
 
   class ProgressProxy
-    attr_reader :pbar
-
-    def initialize file
-      @file = file
-      @pbar = ProgressBar.new("[.] uploading", file.size, STDOUT)
-      @pbar.try(:file_transfer_mode)
-      @pbar.bar_mark = '='
+    def initialize file, prefix = "[.] uploading: ", io = STDOUT
+      @file   = file
+      @io     = io
+      @prefix = prefix
     end
     def read *args
-      @pbar.inc args.first
+      @io.write("\r#{@prefix}#{@file.tell}/#{@file.size} ")
+      @io.flush
       @file.read *args
     end
     def method_missing *args
@@ -212,6 +210,10 @@ class PEdump::CLI
     def respond_to? *args
       @file.respond_to?(args.first) || super(*args)
     end
+
+    def finish!
+      @io.write("\r#{@prefix}#{@file.size}/#{@file.size} \n")
+    end
   end
 
   def upload f
@@ -224,7 +226,6 @@ class PEdump::CLI
     require 'open-uri'
     require 'net/http'
     require 'net/http/post/multipart'
-    require 'progressbar'
 
     stdout_sync = STDOUT.sync
     STDOUT.sync = true
@@ -250,15 +251,15 @@ class PEdump::CLI
 
     f.rewind
 
-    # upload with progressbar
+    # upload with progress
     post_url = URI.parse(URL_BASE+'/')
+    # UploadIO is from multipart-post
     uio = UploadIO.new(f, "application/octet-stream", File.basename(f.path))
     ppx = ProgressProxy.new(uio)
     req = Net::HTTP::Post::Multipart.new post_url.path, "file" => ppx
     res = Net::HTTP.start(post_url.host, post_url.port){ |http| http.request(req) }
-    ppx.pbar.finish
+    ppx.finish!
 
-    puts
     puts "[.] analyzing..."
 
     if (r=open(File.join(URL_BASE,md5,'analyze')).read) != "OK"
@@ -457,6 +458,8 @@ class PEdump::CLI
       case data.first
       when PEdump::IMAGE_DATA_DIRECTORY
         dump_data_dir data
+      when PEdump::EFI_IMAGE_DATA_DIRECTORY
+        dump_efi_data_dir data
       when PEdump::IMAGE_SECTION_HEADER
         dump_sections data
       when PEdump::Resource
@@ -781,13 +784,18 @@ class PEdump::CLI
     end
   end
 
-
   def dump_data_dir data
     data.each do |row|
       printf "  %-12s  rva:0x%8x   size:0x %8x\n", row.type, row.va.to_i, row.size.to_i
     end
   end
 
+  def dump_efi_data_dir data
+    data.each_with_index do |row, idx|
+      printf "  %-12s  rva:0x%8x   size:0x %8x\n", PEdump::EFI_IMAGE_DATA_DIRECTORY::TYPES[idx], row.va.to_i, row.size.to_i
+    end
+  end
+
   def dump_rich_hdr data
     if decoded = data.decode
       puts "    LIB_ID        VERSION        TIMES_USED   "

data/lib/pedump/ne.rb

@@ -405,7 +405,7 @@ class PEdump
       begin
         ne_offset = mz(f) && mz(f).lfanew
         if ne_offset.nil?
-          logger.fatal "[!] NULL NE offset (e_lfanew)."
+          logger.debug "[!] NULL NE offset (e_lfanew)."
           nil
         elsif ne_offset > f.size
           logger.fatal "[!] NE offset beyond EOF."

data/lib/pedump/pe.rb

@@ -24,78 +24,87 @@ class PEdump
       signature + ifh.pack + ioh.pack
     end
 
-    def self.read f, args = {}
+    def self.read_sections f, nToRead, args = {}
       force = args[:force]
 
+      if nToRead > 0xffff
+        if force.is_a?(Numeric) && force > 1
+          PEdump.logger.warn "[!] too many sections (#{nToRead}). forced. reading all"
+        else
+          PEdump.logger.warn "[!] too many sections (#{nToRead}). not forced, reading first 65535"
+          nToRead = 65535
+        end
+      end
+
+      sections = []
+      nToRead.times do
+        break if f.eof?
+        sections << IMAGE_SECTION_HEADER.read(f)
+      end
+
+      if sections.any?
+        # zero all missing values of last section
+        sections.last.tap do |last_section|
+          last_section.each_pair do |k,v|
+            last_section[k] = 0 if v.nil?
+          end
+        end
+      end
+
+      sections
+    end
+
+    def self.read f, args = {}
       pe_offset = f.tell
       pe_sig = f.read 4
       #logger.error "[!] 'NE' format is not supported!" if pe_sig == "NE\x00\x00"
       if pe_sig != "PE\x00\x00"
-        if force
+        if args[:force]
           logger.warn  "[?] no PE signature (want: 'PE\\x00\\x00', got: #{pe_sig.inspect})"
         else
           logger.debug "[?] no PE signature (want: 'PE\\x00\\x00', got: #{pe_sig.inspect}). (not forced)"
           return nil
         end
       end
-      PE.new(pe_sig).tap do |pe|
-        pe.image_file_header = IMAGE_FILE_HEADER.read(f)
-        ioh_offset = f.tell # offset to IMAGE_OPTIONAL_HEADER
-        if pe.ifh.SizeOfOptionalHeader.to_i > 0
-          if pe.x64?
-            pe.image_optional_header = IMAGE_OPTIONAL_HEADER64.read(f, pe.ifh.SizeOfOptionalHeader)
-          else
-            pe.image_optional_header = IMAGE_OPTIONAL_HEADER32.read(f, pe.ifh.SizeOfOptionalHeader)
-          end
+      pe = PE.new(pe_sig)
+      pe.image_file_header = IMAGE_FILE_HEADER.read(f)
+      ioh_offset = f.tell # offset to IMAGE_OPTIONAL_HEADER
+      if pe.ifh.SizeOfOptionalHeader.to_i > 0
+        if pe.x64?
+          pe.image_optional_header = IMAGE_OPTIONAL_HEADER64.read(f, pe.ifh.SizeOfOptionalHeader)
+        else
+          pe.image_optional_header = IMAGE_OPTIONAL_HEADER32.read(f, pe.ifh.SizeOfOptionalHeader)
         end
+      end
 
-        if (nToRead=pe.ifh.NumberOfSections.to_i) > 0xffff
-          if force.is_a?(Numeric) && force > 1
-            logger.warn "[!] too many sections (#{pe.ifh.NumberOfSections}). forced. reading all"
-          else
-            logger.warn "[!] too many sections (#{pe.ifh.NumberOfSections}). not forced, reading first 65535"
-            nToRead = 65535
-          end
-        end
+      nToRead=pe.ifh.NumberOfSections.to_i
 
-        # The Windows loader expects to find the PE section headers after the optional header. It calculates the address of the first section header by adding SizeOfOptionalHeader to the beginning of the optional header.
-        # // http://www.phreedom.org/research/tinype/
-        f.seek( ioh_offset + pe.ifh.SizeOfOptionalHeader.to_i )
-        pe.sections = []
-        nToRead.times do
-          break if f.eof?
-          pe.sections << IMAGE_SECTION_HEADER.read(f)
-        end
+      # The Windows loader expects to find the PE section headers after the optional header. It calculates the address of the first section header by adding SizeOfOptionalHeader to the beginning of the optional header.
+      # // http://www.phreedom.org/research/tinype/
+      f.seek( ioh_offset + pe.ifh.SizeOfOptionalHeader.to_i )
+      pe.sections = read_sections(f, nToRead, args)
 
-        if pe.sections.any?
-          # zero all missing values of last section
-          pe.sections.last.tap do |last_section|
-            last_section.each_pair do |k,v|
-              last_section[k] = 0 if v.nil?
-            end
-          end
-        end
+      pe_end = f.tell
+      if s=pe.sections.find{ |s| (pe_offset...pe_end).include?(s.va) }
+        if args[:pass2]
+          # already called with CompositeIO ?
+          PEdump.logger.error "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! 2nd time?!"
 
-        pe_end = f.tell
-        if s=pe.sections.find{ |s| (pe_offset...pe_end).include?(s.va) }
-          if args[:pass2]
-            # already called with CompositeIO ?
-            logger.error "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! 2nd time?!"
-
-          elsif pe_end-pe_offset < 0x100_000
-            logger.warn "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! trying to rebuild..."
-            f.seek pe_offset
-            data = f.read(s.va-pe_offset)
-            f.seek s.PointerToRawData
-            io = CompositeIO.new(StringIO.new(data), f)
-            args1 = args.dup
-            args1[:pass2] = true
-            return PE.read(io, args1)
-          else
-            logger.error "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! too big to rebuild!"
-          end
+        elsif pe_end-pe_offset < 0x100_000
+          PEdump.logger.warn "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! trying to rebuild..."
+          f.seek pe_offset
+          data = f.read(s.va-pe_offset)
+          f.seek s.PointerToRawData
+          io = CompositeIO.new(StringIO.new(data), f)
+          args1 = args.dup
+          args1[:pass2] = true
+          return PE.read(io, args1)
+        else
+          PEdump.logger.error "[!] section with va=0x#{s.va.to_s(16)} overwrites PE header! too big to rebuild!"
         end
       end
+
+      pe
     end
 
     def self.logger; PEdump.logger; end
@@ -106,7 +115,7 @@ class PEdump
       begin
         pe_offset = mz(f) && mz(f).lfanew
         if pe_offset.nil?
-          logger.fatal "[!] NULL PE offset (e_lfanew). cannot continue."
+          logger.debug "[!] NULL PE offset (e_lfanew). cannot continue."
           nil
         elsif pe_offset > f.size
           logger.fatal "[!] PE offset beyond EOF. cannot continue."

data/lib/pedump/te.rb

@@ -0,0 +1,51 @@
+class PEdump
+  # https://www.intel.com/content/www/us/en/architecture-and-technology/unified-extensible-firmware-interface/efi-specifications-general-technology.html
+  # http://wiki.phoenix.com/wiki/index.php/EFI_TE_IMAGE_HEADER
+  # https://formats.kaitai.io/uefi_te/index.html
+  # http://ho.ax/tag/efi/
+  
+  class EFI_TE_IMAGE_HEADER < IOStruct.new 'vvCCvVVQ',
+    :Signature,
+    :Machine,
+    :NumberOfSections,
+    :Subsystem,
+    :StrippedSize,
+    :AddressOfEntryPoint,
+    :BaseOfCode,
+    :ImageBase,
+    :DataDirectory # readed manually: EFI_IMAGE_DATA_DIRECTORY DataDirectory[2]
+
+    attr_accessor :sections
+
+    def self.read io, args = {}
+      super(io).tap do |te|
+        te.DataDirectory = 2.times.map do
+          EFI_IMAGE_DATA_DIRECTORY.read(io)
+        end
+        te.sections = PE.read_sections(io, te.NumberOfSections, args)
+      end
+    end
+  end
+  TE = EFI_TE_IMAGE_HEADER
+
+  EFI_IMAGE_DATA_DIRECTORY = IOStruct.new( "VV", :va, :size )
+  EFI_IMAGE_DATA_DIRECTORY::TYPES = %w'BASERELOC DEBUG'
+  EFI_IMAGE_DATA_DIRECTORY::TYPES.each_with_index do |type,idx|
+    EFI_IMAGE_DATA_DIRECTORY.const_set(type,idx)
+  end
+
+  def te f=@io
+    return @te if defined?(@te)
+    @te ||=
+      begin
+        te_offset = 0
+        f.seek te_offset
+        if f.read(2) == 'VZ'
+          f.seek te_offset
+          EFI_TE_IMAGE_HEADER.read f, :force => @force
+        else
+          nil
+        end
+      end
+  end
+end

data/misc/aspack/aspack_unlzx.c

@@ -30,6 +30,7 @@ int unpack(BYTE*packed_data, size_t packed_size, size_t unpacked_size){
     LZX_CONTEXT LZX;
     BYTE* unpacked_data = NULL;
     size_t decoded_size;
+    int r;
 
     bzero(&LZX, sizeof(LZX));
 
@@ -38,8 +39,9 @@ int unpack(BYTE*packed_data, size_t packed_size, size_t unpacked_size){
         return(ERR_NO_MEM);
     }
 
-    decoded_size = DecodeLZX(&LZX, packed_data, unpacked_data, packed_size, unpacked_size);
-    if ( decoded_size < 0 || decoded_size < unpacked_size ) {
+    r = DecodeLZX(&LZX, packed_data, unpacked_data, packed_size, unpacked_size);
+    decoded_size = (size_t)r;
+    if ( r < 0 || decoded_size < unpacked_size ) {
         free(unpacked_data);
         fprintf(stderr,"ERR_UNPACK\n");
         return(ERR_UNPACK);
@@ -58,7 +60,7 @@ int main(int argc, char*argv[]){
     if(argc != 3){
         fprintf(stderr, "ASPack unLZX\n");
         fprintf(stderr, "usage: %s <packed_size> <unpacked_size>\n", argv[0]);
-        fprintf(stderr, "(data is read from stdin and written to stdout)\n", argv[0]);
+        fprintf(stderr, "(data is read from stdin and written to stdout)\n");
         return 1;
     }
 

data/pedump.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: pedump 0.5.4 ruby lib
+# stub: pedump 0.6.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "pedump".freeze
-  s.version = "0.5.4"
+  s.version = "0.6.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Andrey \"Zed\" Zaikin".freeze]
-  s.date = "2020-01-25"
+  s.date = "2020-07-27"
   s.description = "dump headers, sections, extract resources of win32 PE exe,dll,etc".freeze
   s.email = "zed.0xff@gmail.com".freeze
   s.executables = ["pedump".freeze]
@@ -20,6 +20,9 @@ Gem::Specification.new do |s|
     "README.md"
   ]
   s.files = [
+    ".github/FUNDING.yml",
+    ".github/dependabot.yml",
+    "CODE_OF_CONDUCT.md",
     "Gemfile",
     "Gemfile.lock",
     "LICENSE.txt",
@@ -49,6 +52,7 @@ Gem::Specification.new do |s|
     "lib/pedump/resources.rb",
     "lib/pedump/security.rb",
     "lib/pedump/sig_parser.rb",
+    "lib/pedump/te.rb",
     "lib/pedump/tls.rb",
     "lib/pedump/unpacker.rb",
     "lib/pedump/unpacker/aspack.rb",
@@ -75,7 +79,6 @@ Gem::Specification.new do |s|
       s.add_runtime_dependency(%q<awesome_print>.freeze, [">= 0"])
       s.add_runtime_dependency(%q<iostruct>.freeze, [">= 0.0.4"])
       s.add_runtime_dependency(%q<multipart-post>.freeze, [">= 2.0.0"])
-      s.add_runtime_dependency(%q<progressbar>.freeze, [">= 0"])
       s.add_runtime_dependency(%q<zhexdump>.freeze, [">= 0.0.2"])
       s.add_development_dependency(%q<rspec>.freeze, ["~> 3.9.0"])
       s.add_development_dependency(%q<rspec-its>.freeze, ["~> 1.3.0"])
@@ -86,7 +89,6 @@ Gem::Specification.new do |s|
       s.add_dependency(%q<awesome_print>.freeze, [">= 0"])
       s.add_dependency(%q<iostruct>.freeze, [">= 0.0.4"])
       s.add_dependency(%q<multipart-post>.freeze, [">= 2.0.0"])
-      s.add_dependency(%q<progressbar>.freeze, [">= 0"])
       s.add_dependency(%q<zhexdump>.freeze, [">= 0.0.2"])
       s.add_dependency(%q<rspec>.freeze, ["~> 3.9.0"])
       s.add_dependency(%q<rspec-its>.freeze, ["~> 1.3.0"])
@@ -98,7 +100,6 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<awesome_print>.freeze, [">= 0"])
     s.add_dependency(%q<iostruct>.freeze, [">= 0.0.4"])
     s.add_dependency(%q<multipart-post>.freeze, [">= 2.0.0"])
-    s.add_dependency(%q<progressbar>.freeze, [">= 0"])
     s.add_dependency(%q<zhexdump>.freeze, [">= 0.0.2"])
     s.add_dependency(%q<rspec>.freeze, ["~> 3.9.0"])
     s.add_dependency(%q<rspec-its>.freeze, ["~> 1.3.0"])

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pedump
 version: !ruby/object:Gem::Version
-  version: 0.5.4
+  version: 0.6.0
 platform: ruby
 authors:
 - Andrey "Zed" Zaikin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-01-25 00:00:00.000000000 Z
+date: 2020-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rainbow
@@ -66,20 +66,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.0.0
-- !ruby/object:Gem::Dependency
-  name: progressbar
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: zhexdump
   requirement: !ruby/object:Gem::Requirement
@@ -159,6 +145,9 @@ extra_rdoc_files:
 - LICENSE.txt
 - README.md
 files:
+- ".github/FUNDING.yml"
+- ".github/dependabot.yml"
+- CODE_OF_CONDUCT.md
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
@@ -188,6 +177,7 @@ files:
 - lib/pedump/resources.rb
 - lib/pedump/security.rb
 - lib/pedump/sig_parser.rb
+- lib/pedump/te.rb
 - lib/pedump/tls.rb
 - lib/pedump/unpacker.rb
 - lib/pedump/unpacker/aspack.rb