Thursday, September 12, 2013

Don't you dare to deny my morning COFFee, PEople

This week I have been involved in a courageous project related Microsoft's linker for WP8 (part of VS2012). It required some knowledge of PE/COFF formats which I didn't have before and I have decided to learn these formats through wrinting a tool for reading this file the way we have "readelf" for ELF and "otool" for Mach-O formats.

Side-note: understanding PE/COFF after knowing ELF and Mach-O is a piece of cake. Most of the differences are merely syntactic...

So the product is a python parser of PE/COFF files. It works just as readelf:
c:\Users\pmon\Desktop\petools>readcoff.py -h winp8.o
COFF Header:
 Machine: 0x01c4
 Number of sections: 0x0006
 Time of creation: 2013-09-08 12:44:38
 Pointer to symbol table: 0x00003eff
 Number of symbols: 0x0000007b
 Size of optional headers: 0x0000
 Characteristics: 0x0000

The thing is not complete but you can use it to investigate object files.

It can be taken from:

https://bitbucket.org/pmon/petools
 
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)