ExeFile: improved support for sections, relocs and 64-bit; add tests for BitManip

Rafael Stahl · Rafael Stahl · commit 9ca4777c63a0 · 2025-08-03T10:44:58.000+02:00
diff --git a/src/hacklib/include/hacklib/ExeFile.h b/src/hacklib/include/hacklib/ExeFile.h
@@ -5,13 +5,28 @@
 #include <string>
 #include <unordered_map>
 #include <vector>
+#include <span>
+#include <cstdint>
 
 
 namespace hl
 {
 // Represents an executable image in PE or EFI format.
 class ExeFile
 {
+public:
+    enum class SectionType
+    {
+        Unknown,
+        Code
+    };
+    struct Section
+    {
+        std::vector<uint8_t> data;
+        std::string name;
+        SectionType type = SectionType::Unknown;
+    };
+
 public:
     ExeFile();
     ~ExeFile();
@@ -27,11 +42,14 @@ class ExeFile
     // Returns null if not found.
     uintptr_t getExport(const std::string& name) const;
 
+    std::span<const Section> getSections() const { return m_sections; }
+
 private:
     std::unique_ptr<class ExeFileImpl> m_impl;
     bool m_valid = false;
     std::vector<uintptr_t> m_relocs;
     std::unordered_map<std::string, uintptr_t> m_exports;
+    std::vector<Section> m_sections;
 };
 }
 
diff --git a/src/hacklib/src/ExeFile_UNIX.cpp b/src/hacklib/src/ExeFile_UNIX.cpp
@@ -8,11 +8,13 @@ using Elf_Ehdr = Elf64_Ehdr;
 using Elf_Phdr = Elf64_Phdr;
 using Elf_Shdr = Elf64_Shdr;
 using Elf_Sym = Elf64_Sym;
+using Elf_Rel = Elf64_Rel;
 #else
 using Elf_Ehdr = Elf32_Ehdr;
 using Elf_Phdr = Elf32_Phdr;
 using Elf_Shdr = Elf32_Shdr;
 using Elf_Sym = Elf32_Sym;
+using Elf_Rel = Elf32_Rel;
 #endif
 
 
@@ -93,9 +95,25 @@ bool hl::ExeFile::loadFromMem(uintptr_t moduleBase)
     for (size_t i = 0; i < numSections; i++)
     {
         auto section = &m_impl->sectionHeaders[i];
+        auto sectionData = (uint8_t*)(moduleBase + section->sh_offset);
+        auto sectionName = m_impl->strTable + section->sh_name;
+
+        Section outSection;
+        outSection.name = sectionName;
+        if (section->sh_type != SHT_NOBITS)
+        {
+            outSection.data.assign(sectionData, sectionData + section->sh_size);
+        }
 
         switch (section->sh_type)
         {
+        case SHT_PROGBITS:
+            if (outSection.name == ".text")
+            {
+                outSection.type = SectionType::Code;
+            }
+            break;
+
         case SHT_SYMTAB:
         case SHT_DYNSYM:
             symTableSectionIndex = i;
@@ -112,9 +130,23 @@ bool hl::ExeFile::loadFromMem(uintptr_t moduleBase)
                 m_exports.insert(symbols.begin(), symbols.end());
                 symTableSectionIndex = -1;
             }
+
+        case SHT_REL:
+        {
+            size_t numRelocs = section->sh_size / sizeof(Elf_Rel);
+            for (size_t r = 0; r < numRelocs; r++)
+            {
+                Elf_Rel* rel = ((Elf_Rel*)sectionData) + r;
+                m_relocs.push_back(rel->r_offset);
+            }
+            break;
+        }
+
         default:
             break;
         }
+
+        m_sections.push_back(std::move(outSection));
     }
 
     m_valid = true;
diff --git a/src/hacklib/src/ExeFile_WIN32.cpp b/src/hacklib/src/ExeFile_WIN32.cpp
@@ -42,12 +42,32 @@ static std::vector<uintptr_t> LoadRelocs(uintptr_t relocData)
                 uintptr_t reloc = rvaRegion | relocLow;
                 relocs.push_back(reloc);
             }
+            else if (type == IMAGE_REL_BASED_DIR64)
+            {
+                uintptr_t reloc = rvaRegion + relocLow;
+                relocs.push_back(reloc);
+            }
         }
     }
 
     return relocs;
 }
 
+static uintptr_t RvaToRawDataOffset(const hl::ExeFileImpl& impl, DWORD rva)
+{
+    for (auto sectionHeader : impl.sectionHeaders)
+    {
+        uint32_t va = sectionHeader->VirtualAddress;
+        uint32_t size = sectionHeader->SizeOfRawData;
+        if (rva >= va && rva < va + size)
+        {
+            uint32_t delta = rva - va;
+            return sectionHeader->PointerToRawData + delta;
+        }
+    }
+    return 0;
+}
+
 
 hl::ExeFile::ExeFile()
 {
@@ -75,9 +95,14 @@ bool hl::ExeFile::loadFromMem(uintptr_t moduleBase)
         return false;
     }
 
-    // Only support 32-bit images for now.
+    // Check if image type matches.
+#ifdef ARCH_64BIT
+    if (m_impl->peHeader->FileHeader.Machine != IMAGE_FILE_MACHINE_AMD64 ||
+        (m_impl->peHeader->FileHeader.Characteristics & IMAGE_FILE_32BIT_MACHINE))
+#else
     if (m_impl->peHeader->FileHeader.Machine != IMAGE_FILE_MACHINE_I386 ||
         !(m_impl->peHeader->FileHeader.Characteristics & IMAGE_FILE_32BIT_MACHINE))
+#endif
     {
         return false;
     }
@@ -89,13 +114,37 @@ bool hl::ExeFile::loadFromMem(uintptr_t moduleBase)
         auto sectionHeader = (IMAGE_SECTION_HEADER*)((uintptr_t)m_impl->peHeader + sizeof(IMAGE_NT_HEADERS) +
                                                      i * sizeof(IMAGE_SECTION_HEADER));
         m_impl->sectionHeaders.push_back(sectionHeader);
+
+        Section outSection;
+        for (int i = 0; i < IMAGE_SIZEOF_SHORT_NAME; i++)
+        {
+            if (sectionHeader->Name[i] == 0)
+            {
+                break;
+            }
+            outSection.name.push_back((char)sectionHeader->Name[i]);
+        }
+        if (sectionHeader->SizeOfRawData > 0)
+        {
+            auto sectionData = (const uint8_t*)(moduleBase + sectionHeader->PointerToRawData);
+            outSection.data.assign(sectionData, sectionData + sectionHeader->SizeOfRawData);
+        }
+        if (sectionHeader->Characteristics & IMAGE_SCN_CNT_CODE)
+        {
+            outSection.type = SectionType::Code;
+        }
+        m_sections.push_back(std::move(outSection));
     }
 
     // Load relocs.
     auto relocDir = &m_impl->peHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC];
     if (relocDir->VirtualAddress != 0)
     {
-        m_relocs = LoadRelocs(moduleBase + relocDir->VirtualAddress);
+        uintptr_t relocsOffset = RvaToRawDataOffset(*m_impl, relocDir->VirtualAddress);
+        if (relocsOffset)
+        {
+            m_relocs = LoadRelocs(moduleBase + relocsOffset);
+        }
     }
 
     m_valid = true;
diff --git a/src/hacklib/src/Process_WIN32.cpp b/src/hacklib/src/Process_WIN32.cpp
@@ -40,7 +40,7 @@ hl::Process hl::LaunchProcess(const std::string& command, const std::vector<std:
 
     STARTUPINFOA startupInfo = {};
     startupInfo.cb = sizeof(startupInfo);
-    PROCESS_INFORMATION processInfo;
+    PROCESS_INFORMATION processInfo{};
     BOOL result = CreateProcessA(NULL, const_cast<char*>(cmdline.c_str()), NULL, NULL, false, 0, NULL,
                                  initialDirectoryCStr, &startupInfo, &processInfo);
 
diff --git a/src/test/test.cpp b/src/test/test.cpp
@@ -9,12 +9,14 @@
 #include "hacklib/Patch.h"
 #include "hacklib/PatternScanner.h"
 #include "hacklib/Process.h"
+#include "hacklib/BitManip.h"
 #include <chrono>
 #include <cstdio>
 #include <functional>
 #include <iostream>
 #include <stdexcept>
 #include <thread>
+#include <algorithm>
 
 
 #define HL_ASSERT(cond, format, ...)                                                                                   \
@@ -144,6 +146,59 @@ static void ExpectException(F func)
 }
 
 
+#define ASSERT_EQ(a, b) HL_ASSERT((a) == (b), #a " == " #b)
+static void TestBitManip()
+{
+    ASSERT_EQ(hl::HasOverlap(0, 1, 2, 3), false);
+    ASSERT_EQ(hl::HasOverlap(2, 3, 0, 1), false);
+    ASSERT_EQ(hl::HasOverlap(0, 1, 1, 2), false);
+    ASSERT_EQ(hl::HasOverlap(1, 2, 0, 1), false);
+    ASSERT_EQ(hl::HasOverlap(0, 1, 0, 1), true);
+    ASSERT_EQ(hl::HasOverlap(0, 1, 0, 3), true);
+    ASSERT_EQ(hl::HasOverlap(5, 7, 6, 8), true);
+    ASSERT_EQ(hl::HasOverlap(6, 8, 5, 7), true);
+
+    ASSERT_EQ(hl::HasOverlapInclusive(0, 1, 2, 3), false);
+    ASSERT_EQ(hl::HasOverlapInclusive(2, 3, 0, 1), false);
+    ASSERT_EQ(hl::HasOverlapInclusive(0, 1, 1, 2), true);
+    ASSERT_EQ(hl::HasOverlapInclusive(1, 2, 0, 1), true);
+    ASSERT_EQ(hl::HasOverlapInclusive(0, 1, 0, 1), true);
+    ASSERT_EQ(hl::HasOverlapInclusive(0, 1, 0, 3), true);
+    ASSERT_EQ(hl::HasOverlapInclusive(5, 7, 6, 8), true);
+    ASSERT_EQ(hl::HasOverlapInclusive(6, 8, 5, 7), true);
+
+    ASSERT_EQ(hl::Align(0x0, 0x10), 0x0);
+    ASSERT_EQ(hl::Align(0x5, 0x10), 0x10);
+    ASSERT_EQ(hl::Align(0x15, 0x10), 0x20);
+    ASSERT_EQ(hl::Align(0x25, 0x10), 0x30);
+    ASSERT_EQ(hl::Align(0x10, 0x10), 0x10);
+    ASSERT_EQ(hl::Align(0x11, 0x10), 0x20);
+    ASSERT_EQ(hl::Align(0x1f, 0x10), 0x20);
+    ASSERT_EQ(hl::Align(0xffffffff, 0x10u), 0x0);
+
+    ASSERT_EQ(hl::AlignDown(0x0, 0x10), 0x0);
+    ASSERT_EQ(hl::AlignDown(0x5, 0x10), 0x0);
+    ASSERT_EQ(hl::AlignDown(0x15, 0x10), 0x10);
+    ASSERT_EQ(hl::AlignDown(0x25, 0x10), 0x20);
+    ASSERT_EQ(hl::AlignDown(0x10, 0x10), 0x10);
+    ASSERT_EQ(hl::AlignDown(0x11, 0x10), 0x10);
+    ASSERT_EQ(hl::AlignDown(0x1f, 0x10), 0x10);
+    ASSERT_EQ(hl::AlignDown(0xffffffff, 0x10u), 0xfffffff0);
+
+    ASSERT_EQ(hl::MakeMask<uint8_t>(0, 0), 0x0);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(0, 1), 0x1);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(0, 2), 0x3);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(0, 4), 0xf);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(0, 8), 0xff);
+    ASSERT_EQ(hl::MakeMask<uint16_t>(0, 16), 0xffff);
+
+    ASSERT_EQ(hl::MakeMask<uint8_t>(1, 0), 0x0);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(1, 1), 0x2);
+    ASSERT_EQ(hl::MakeMask<uint8_t>(1, 7), 0xfe);
+
+    ASSERT_EQ(hl::MakeMask<uint64_t>(0, 64), 0xffffffffffffffffull);
+}
+
 static void TestMemory()
 {
     void* mem = g_dummyCode.data();
@@ -242,7 +297,12 @@ static void TestInject()
     libName = "lib" + libName + ".so";
 #endif
 
-    auto process = hl::LaunchProcess("./hl_test", { "--child" });
+#ifdef WIN32
+    std::string procName = "hl_test";
+#else
+    std::string procName = "./hl_test";
+#endif
+    auto process = hl::LaunchProcess(procName, { "--child" });
 
     // Give the child time to set everything up.
     std::this_thread::sleep_for(std::chrono::milliseconds(200));
@@ -437,6 +497,25 @@ static void TestHooks()
     HL_ASSERT(cbCounter == 0, "Hook not undone");
 }
 
+static void TestExeFile()
+{
+#ifdef WIN32
+    std::string fileName = "hl_test.exe";
+#else
+    std::string fileName = "hl_test";
+#endif
+    hl::ExeFile exeFile;
+    HL_ASSERT(exeFile.loadFromFile(fileName), "ExeFile::loadFromFile failed");
+    auto relocs = exeFile.hasRelocs();
+    HL_ASSERT(relocs, "ExeFile::getRelocations returned non-empty list");
+    auto sections = exeFile.getSections();
+    HL_ASSERT(sections.size() > 1, "ExeFile::getSections returned wrong number of sections");
+    auto numCodeSections =
+        std::count_if(sections.begin(), sections.end(), [](const hl::ExeFile::Section& section)
+                      { return section.type == hl::ExeFile::SectionType::Code && section.name == ".text"; });
+    HL_ASSERT(numCodeSections > 0, "Must find at least one code section");
+}
+
 #ifdef WIN32
 static int vehCounter1 = 0;
 static int vehCounter2 = 0;
@@ -509,12 +588,14 @@ class TestMain : public hl::Main
         SetupLogging();
         TestCrashHandler();
 
+        HL_TEST(TestBitManip);
         HL_TEST(TestMemory);
         HL_TEST(TestInject);
         HL_TEST(TestModules);
         HL_TEST(TestPatch);
         HL_TEST(TestPatternScan);
         HL_TEST(TestHooks);
+        HL_TEST(TestExeFile);
         HL_TEST(TestVEH);
 
         HL_LOG_RAW("==========\nTests finished successfully.\n");
