Visual Basic Information Parsing, PCode detection #440
Conversation
JakubPruzinec
force-pushed
the
VB_header
branch
from
212b06a
to
016a490
Compare
JakubPruzinec
changed the title
|
I've implemented extraction of some VB metada features:
|
|
|
||
| } | ||
|
|
||
| std::size_t headerSize() |
| std::uint32_t helpFileOffset; ///< offset to the string containing name of the Help file | ||
| std::uint32_t projNameOffset; ///< offset to the string containing project's name | ||
|
|
||
| VBHeader() |
There was a problem hiding this comment.
I believe it's dangerous to leave the member variables uninitialized.
include/retdec/utils/conversion.h
Outdated
| @@ -300,6 +300,7 @@ void double10ToDouble8(std::vector<unsigned char> &dest, | |||
|
|
|||
| unsigned short byteSwap16(unsigned short val); | |||
| unsigned int byteSwap32(unsigned int val); | |||
| unsigned long byteSwap64(unsigned long val); | |||
There was a problem hiding this comment.
unsigned long is not 64-bit type when using MSVC.
| return; | ||
| } | ||
|
|
||
| vbh.signature = *reinterpret_cast<std::uint32_t *>(&bytes.data()[offset]); offset += sizeof(vbh.signature); |
There was a problem hiding this comment.
This line is recurring in your changes. I was thinking whether it would be possible for you to either create a function that would do this or even better, move DynamicBuffer from src/unpacker to utils and use it. It basically does what you do but it abstracts away all the casting and also maintains endianess, so you don't have to do byte swaps afterwards.
| @@ -781,6 +781,345 @@ bool FileInformation::hasRichHeaderRecords() const | |||
| return richHeader.hasRecords(); | |||
| } | |||
|
|
|||
|
|
|||
src/utils/string.cpp
Outdated
| std::string result; | ||
| if (!bytes) | ||
| { | ||
| return ""; |
There was a problem hiding this comment.
Replace "" with {}. It is much more efficient.
There was a problem hiding this comment.
For more information, see e.g. https://stackoverflow.com/questions/26587110/returning-an-empty-string-efficient-way-in-c
src/utils/string.cpp
Outdated
| } | ||
| else | ||
| { | ||
| const std::size_t maxC = std::pow(2, sizeof(std::string::value_type) * CHAR_BIT) - 1; |
There was a problem hiding this comment.
If you are doing power of 2 then it's much better to use bit shift rather than std::pow().
JakubPruzinec
force-pushed
the
VB_header
branch
from
35097fa
to
3687573
Compare
JakubPruzinec
force-pushed
the
VB_header
branch
from
2bd9a12
to
9da9543
Compare
There was a problem hiding this comment.
Thank you for taking your time and going through our comments. I just have a few other things. One is more serious and that is using namespace in the header files on multiple places. That is considered a bad practice. The other comment is just about the way you calculate the power of 2, because it's unusual that it is calculated from 2 and not from 1.
include/retdec/unpacker/signature.h
Outdated
| #include "retdec/unpacker/dynamic_buffer.h" | ||
| #include "retdec/utils/dynamic_buffer.h" | ||
|
|
||
| using namespace retdec::utils; |
There was a problem hiding this comment.
Do not put using namespace in header files. By including this file, you bring the whole namespace into all included files and this can cause you a headache or two.
There was a problem hiding this comment.
| #include "retdec/unpacker/plugin.h" | ||
|
|
||
| #define mpress_plugin plugin(retdec::unpackertool::mpress::MpressPlugin) | ||
|
|
||
| using namespace retdec::utils; |
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| @@ -12,11 +12,9 @@ | |||
|
|
|||
| #include "retdec/unpacker/decompression/compressed_data.h" | |||
|
|
|||
| namespace retdec { | |||
| using namespace retdec::utils; | |||
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| @@ -8,6 +8,8 @@ | |||
|
|
|||
| #include "unpackertool/plugins/upx/decompressors/decompressor_scrambler.h" | |||
|
|
|||
| using namespace retdec::utils; | |||
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| @@ -8,6 +8,8 @@ | |||
|
|
|||
| #include "unpackertool/plugins/upx/decompressors/decompressor.h" | |||
|
|
|||
| using namespace retdec::utils; | |||
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| #include "retdec/unpacker/signature.h" | ||
|
|
||
| using namespace retdec::utils; |
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| #include "retdec/unpacker/dynamic_buffer.h" | ||
| #include "retdec/utils/dynamic_buffer.h" | ||
|
|
||
| using namespace retdec::utils; |
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| #include "retdec/unpacker/unpacking_stub.h" | ||
|
|
||
| using namespace retdec::utils; |
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
| @@ -12,6 +12,8 @@ | |||
| #include "unpackertool/plugins/upx/upx_stub.h" | |||
| #include "retdec/unpacker/signature.h" | |||
|
|
|||
| using namespace retdec::utils; | |||
There was a problem hiding this comment.
Same as the comment I made earlier. Never put using namespace in header files.
src/utils/string.cpp
Outdated
| @@ -49,7 +49,7 @@ bool isNonasciiChar(unsigned char c) { | |||
| */ | |||
| std::string replaceChars(const std::string &str, bool (* predicate)(unsigned char)) { | |||
| std::stringstream result; | |||
| const std::size_t maxC = std::pow(2, sizeof(std::string::value_type) * CHAR_BIT) - 1; | |||
| const std::size_t maxC = (2 << (sizeof(std::string::value_type) * CHAR_BIT - 1)) - 1; | |||
There was a problem hiding this comment.
It's usually done by shifting 1 and not 2. Basically
1 << 0 = 2^0 = 1
1 << 1 = 2^1 = 2
1 << 2 = 2^2 = 4
and so on...
I guess that's why you put - 1 after CHAR_BIT there but I think that shifting 1 would be much easier to grasp at the first sight as it is the usual way to calculate powers of 2.
s3rvac
changed the title
| @@ -8,7 +8,7 @@ | |||
|
|
|||
There was a problem hiding this comment.
The current Windows TeamCity build fails with a lot of the following errors:
[21:43:46] : [Step 1/6] 68>e:\work\414c7650a8fb97ac\retdec\src\unpackertool\plugins\upx\unfilter.cpp(88): error C2039: 'min': is not a member of 'std' [E:\work\414c7650a8fb97ac\retdec\build\src\unpackertool\plugins\upx\retdec-unpacker-upx.vcxproj]
[21:43:46] : [Step 1/6] 68>e:\work\414c7650a8fb97ac\retdec\src\unpackertool\plugins\upx\unfilter.cpp(130): error C2039: 'min': is not a member of 'std' [E:\work\414c7650a8fb97ac\retdec\build\src\unpackertool\plugins\upx\retdec-unpacker-upx.vcxproj]
...
I believe that you are missing #include <algorithm> in the file (this is where std::min() is defined). Alternatively, if the file transitively includes windows.h, we will probably need to compile with NOMINMAX.
| return false; | ||
| } | ||
|
|
||
| DynamicBuffer structContent(bytes, retdec::utils::Endianness::LITTLE); |
There was a problem hiding this comment.
Shouldn't endianness be the endianness of the file itself? This seems like it forces little endian on the data.
There was a problem hiding this comment.
To be completed.