Created
January 13, 2022 20:41
-
-
Save namazso/68c1bc8b442d3b8483c05e68390ecbc2 to your computer and use it in GitHub Desktop.
Revisions
-
namazso created this gist
Jan 13, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,202 @@ meta: id: coff title: Common Object Format File file-extension: - obj license: CC0-1.0 ks-version: 0.9 endian: le doc-ref: https://wiki.osdev.org/COFF seq: - id: coff_hdr type: coff_header - id: optional_hdr type: optional_header if: coff_hdr.size_of_optional_header != 0 size: coff_hdr.size_of_optional_header - id: sections repeat: expr repeat-expr: coff_hdr.number_of_sections type: section types: coff_header: seq: - id: machine type: u2 enum: machine_type - id: number_of_sections type: u2 - id: time_date_stamp type: u4 - id: pointer_to_symbol_table type: u4 - id: number_of_symbols type: u4 - id: size_of_optional_header type: u2 - id: characteristics type: u2 instances: symbol_table_size: value: number_of_symbols * 18 symbol_name_table_offset: value: pointer_to_symbol_table + symbol_table_size symbol_name_table_size: pos: symbol_name_table_offset type: u4 symbol_table: pos: pointer_to_symbol_table type: coff_symbol repeat: expr repeat-expr: number_of_symbols enums: machine_type: # 3.3.1. Machine Types 0x0: unknown 0x1d3: am33 0x8664: amd64 0x1c0: arm 0xaa64: arm64 0x1c4: armnt 0xebc: ebc 0x14c: i386 0x200: ia64 0x9041: m32r 0x266: mips16 0x366: mipsfpu 0x466: mipsfpu16 0x1f0: powerpc 0x1f1: powerpcfp 0x166: r4000 0x5032: riscv32 0x5064: riscv64 0x5128: riscv128 0x1a2: sh3 0x1a3: sh3dsp 0x1a6: sh4 0x1a8: sh5 0x1c2: thumb 0x169: wcemipsv2 # Not mentioned in Microsoft documentation, but widely regarded 0x184: alpha optional_header: seq: - id: magic type: u2 - id: vstamp type: u2 - id: text_size type: u4 - id: data_size type: u4 - id: bss_size type: u4 - id: entry_point type: u4 - id: text_start type: u4 - id: data_start type: u4 coff_symbol: -webide-representation: '{name_annoying.name}' seq: - id: name_annoying type: annoyingstring size: 8 #- id: name_zeroes # type: u4 #- id: name_offset # type: u4 - id: value type: u4 - id: section_number type: u2 - id: type type: u2 - id: storage_class type: u1 - id: number_of_aux_symbols type: u1 instances: #effective_name: # value: name_zeroes == 0 ? name_from_offset : '"fixme"' #name_from_offset: # io: _root._io # pos: name_zeroes == 0 ? _parent.symbol_name_table_offset + name_offset : 0 # type: str # terminator: 0 # encoding: ascii section: value: _root.sections[section_number - 1] data: pos: section.pointer_to_raw_data + value size: 1 coff_reloc: seq: - id: vaddr type: u4 - id: symndx type: u4 - id: type type: u2 annoyingstring: -webide-representation: '{name}' instances: name_zeroes: pos: 0 type: u4 name_offset: pos: 4 type: u4 name_from_offset: io: _root._io pos: 'name_zeroes == 0 ? _parent._parent.symbol_name_table_offset + name_offset : 0' type: str terminator: 0 encoding: ascii eos-error: false if: name_zeroes == 0 name_from_short: pos: 0 type: str terminator: 0 encoding: ascii eos-error: false if: name_zeroes != 0 name: value: 'name_zeroes == 0 ? name_from_offset : name_from_short' section: -webide-representation: "{name}" seq: - id: name type: str encoding: UTF-8 size: 8 pad-right: 0 - id: virtual_size type: u4 - id: virtual_address type: u4 - id: size_of_raw_data type: u4 - id: pointer_to_raw_data type: u4 - id: pointer_to_relocations type: u4 - id: pointer_to_linenumbers type: u4 - id: number_of_relocations type: u2 - id: number_of_linenumbers type: u2 - id: characteristics type: u4 instances: body: pos: pointer_to_raw_data size: size_of_raw_data relocs: pos: pointer_to_relocations repeat: expr repeat-expr: number_of_relocations type: coff_reloc