在运行二进制( EXE) 之前, 能否检查二进制( EXE) 的位数? 这很容易在 Linux 上完成, 但我不熟悉 Windows 二进制格式 。
谢谢
自从您给这个问题贴上标签 >C , 有一个 Win32 API 函数 < a href=" http://msdn.microsoft.com/en-us/library/windows/desktop/aa364819%28v=vs. 85%29.aspx" rel="nofollow"\\\code> GetBinaryType 。 但对于 DLLs 来说不起作用 。
if ( GetBinaryType(argv[i], &bintype) ) {
switch(bintype) {
case SCS_32BIT_BINARY: typename = TEXT("Windows 32 Bit"); break;
case SCS_64BIT_BINARY: typename = TEXT("Windows 64 Bit"); break;
case SCS_DOS_BINARY: typename = TEXT("DOS-Programm"); break;
case SCS_OS216_BINARY: typename = TEXT("OS/2-Programm"); break;
case SCS_PIF_BINARY: typename = TEXT("PIF-Datei"); break;
case SCS_POSIX_BINARY: typename = TEXT("POSIX-Programm"); break;
case SCS_WOW_BINARY: typename = TEXT("Windows 16 Bit"); break;
default: typename = TEXT("unknown"); break;
}
}
else {
typename = TEXT("not executable");
}
look at answers here
It says this information can be gotten by using dumpbin /headers from the Windows Platform SDK
有许多工具可以帮助您发现应用程序的比特性(如WinDbg或PeStudio)。
""https://i.sstatic.net/SiQ2G.png" alt="此处输入图像描述"/ >
读取标题 :
As a start you could do something like this, (should work for both dll and exe):
(Only tested on a few files – and those gave OK result.)
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
/* Runtime Byteorder detection - Motorola or Intel (Does not catch mixed) */
static int byteorder_mm(void)
{
union {double d; unsigned int i[2];} u;
u.d = 1.0;
return (u.i[0] != 0);
}
/* Char to unsigned int */
static unsigned int chr_to_ui(unsigned char *buf, int mm)
{
if (mm)
return buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3];
return buf[3] << 24 | buf[2] << 16 | buf[1] << 8 | buf[0];
}
/* Char to unsigned short */
static unsigned short chr_to_us(unsigned char *buf, int mm)
{
if (mm)
return buf[0] << 8 | buf[1];
return buf[1] << 8 | buf[0];
}
int main(int argc, char *argv[])
{
FILE *fh;
unsigned char buf[128] = {0};
char tmpstr[64];
unsigned int tmp_ui;
unsigned short tmp_us;
time_t tt;
int mm = byteorder_mm();
if (argc < 2) {
fprintf(stderr,
"Missing input file.
");
return 1;
}
if ((fh = fopen(argv[1], "rb")) == NULL) {
fprintf(stderr,
"Unable to open %s.
",
argv[1]);
perror(0);
return 1;
}
/* Read MS-DOS Segment */
if (!fread(buf, 64, 1, fh)) {
fprintf(stderr,
"Unable to read %d bytes, @%ld.
",
2, ftell(fh));
perror(0);
fclose(fh);
return 1;
}
/* Check header mark : MZ */
if (buf[0] != 0x4d || buf[1] != 0x5a) {
fprintf(stderr,
"%s is missing Mark Zbikowski header.
",
argv[1]);
fclose(fh);
return 2;
}
/* Get offset (from 0) to IMAGE_NT_HEADERS */
tmp_ui = chr_to_ui(buf+60, mm);
fseek(fh, tmp_ui - 64, SEEK_CUR);
/* Read IMAGE_NT_HEADER signature */
if (!fread(buf, 4, 1, fh)) {
fprintf(stderr,
"Unable to read %d bytes, @%ld.
",
4, ftell(fh));
perror(0);
fclose(fh);
return 1;
}
/* Check signature : PE x0 x0 */
if (buf[0] != 0x50 || buf[1] != 0x45 ||
buf[2] != 0x00 || buf[3] != 0x00) {
fprintf(stderr,
"%s is missing valid Portable Executable signature.
",
argv[1]);
fclose(fh);
return 2;
}
/* Read IMAGE_FILE_HEADER:
typedef struct _IMAGE_FILE_HEADER {
WORD Machine;
WORD NumberOfSections;
DWORD TimeDateStamp;
DWORD PointerToSymbolTable;
DWORD NumberOfSymbols;
WORD SizeOfOptionalHeader;
WORD Characteristics;
} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
*/
if (!fread(buf, 20, 1, fh)) {
fprintf(stderr,
"Unable to read %d bytes, @%ld.
",
4, ftell(fh));
perror(0);
fclose(fh);
return 1;
}
/* Bittype */
tmp_us = chr_to_us(buf, mm);
switch (tmp_us) {
case 0x014c: fprintf(stdout, "Machine: x86 (I386)
"); break;
case 0x0200: fprintf(stdout, "Machine: IA64 (Intel Itanium)
"); break;
case 0x8664: fprintf(stdout, "Machine: x64 (AMD64)
"); break;
default: fprintf(stderr,
"Unable to recognize machine type 0x%04x
",
tmp_us);
fclose(fh);
return 2;
}
/* Timestamp */
tmp_ui = chr_to_ui(buf+4, mm);
tt = tmp_ui;
strftime(tmpstr, 31, "%a %Y-%m-%d %H:%M:%S", localtime(&tt));
fprintf(stdout,
"Time : %s (%d)
",
tmpstr, tmp_ui);
/* ... */
fclose(fh);
return 0;
}
For example, let s say I want to find a particular word or number in a file. The contents are in sorted order (obviously). Since I want to run a binary search on the file, it seems like a real waste ...
最好、最小、最快、开放的来源、C/C++ 3d 提供方(在3ds max模型的支持下),而不是通用公平市价,
Given a 10 digit Telephone Number, we have to print all possible strings created from that. The mapping of the numbers is the one as exactly on a phone s keypad. i.e. for 1,0-> No Letter for 2->...
I m trying to find the source of a bug I have found in an open-source application. I have managed to get a build up and running on my Windows machine, but I m having trouble finding the spot in the ...
I wrote below code to readin line by line from stdin ex. city=Boston;city=New York;city=Chicago and then split each line by ; delimiter and print each record. Then in yet another loop I try to ...
I was wondering if there were any good free graphics libraries for C that are easy to use? It s for plotting 2d and 3d graphs and then saving to a file. It s on a Linux system and there s no gnuplot ...
Is there anything other than DDD that will draw diagrams of my data structures like DDD does that runs on Linux? ddd is okay and runs, just kind of has an old klunky feeling to it, just wanted to ...
Please note that this is not homework and i did search before starting this new thread. I got Store an int in a char array? I was looking for an answer but didn t get any satisfactory answer in the ...