buna

module

v0.2.0 Latest Latest Go to latest Published: Jan 19, 2021 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fcharlie/buna

Links

Open Source Insights

README ¶

Buna

The software package provides various executable file format analysis capabilities

PE/COFF
ELF
Mach-O

This package is transplanted from debug in the Golang source code directory. Currently, it supports parsing ARM64 PE files, as well as parsing export tables and delayed import tables.

This package also ported ianlancetaylor/demangle, which can demangle MSVC ABI C++ functions in Windows.

Docs

https://pkg.go.dev/github.com/fcharlie/buna

Usage

go get github.com/fcharlie/buna

Example:

package main

import (
	"fmt"
	"os"

	"github.com/fcharlie/buna/debug/pe"
	"github.com/fcharlie/buna/demangle"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Fprintf(os.Stderr, "usage: %s pefile\n", os.Args[0])
		os.Exit(1)
	}
	fd, err := pe.Open(os.Args[1])
	if err != nil {
		fmt.Fprintf(os.Stderr, "unable open file: %s %v\n", os.Args[1], err)
		os.Exit(1)
	}
	defer fd.Close()
	ft, err := fd.LookupFunctionTable()
	if err != nil {
		fmt.Fprintf(os.Stderr, "unable LookupExports: %s %v\n", os.Args[1], err)
		os.Exit(1)
	}
	for dll, ims := range ft.Imports {
		fmt.Fprintf(os.Stderr, "\x1b[33mDllName: %s\x1b[0m\n", dll)
		for _, n := range ims {
			if n.Ordinal == 0 {
				fmt.Fprintf(os.Stderr, "%s %d\n", n.Name, n.Index)
				continue
			}
			fmt.Fprintf(os.Stderr, "Ordinal%d (Ordinal %d)\n", n.Ordinal, n.Ordinal)
		}
	}
	for dll, ims := range ft.Imports {
		fmt.Fprintf(os.Stderr, "\x1b[34mDelay DllName: %s\x1b[0m\n", dll)
		for _, n := range ims {
			if n.Ordinal == 0 {
				fmt.Fprintf(os.Stderr, "(Delay) %s %d\n", n.Name, n.Index)
				continue
			}
			fmt.Fprintf(os.Stderr, "(Delay) Ordinal%d (Ordinal %d)\n", n.Ordinal, n.Ordinal)
		}
	}
	for _, d := range ft.Exports {
		fmt.Fprintf(os.Stderr, "\x1b[35mE %5d %08X %s  (Hint: %d)\x1b[0m\n", d.Ordinal, d.Address, demangle.Demangle(d.Name), d.Hint)
	}
}

Directories ¶

Path	Synopsis
debug
dwarf Package dwarf provides access to DWARF debugging information loaded from executable files, as defined in the DWARF 2.0 Standard at http://dwarfstd.org/doc/dwarf-2.0.0.pdf	Package dwarf provides access to DWARF debugging information loaded from executable files, as defined in the DWARF 2.0 Standard at http://dwarfstd.org/doc/dwarf-2.0.0.pdf
elf Package elf implements access to ELF object files.	Package elf implements access to ELF object files.
gosym Package gosym implements access to the Go symbol and line number tables embedded in Go binaries generated by the gc compilers.	Package gosym implements access to the Go symbol and line number tables embedded in Go binaries generated by the gc compilers.
macho Package macho implements access to Mach-O object files.	Package macho implements access to Mach-O object files.
pe Package pe implements access to PE (Microsoft Windows Portable Executable) files.	Package pe implements access to PE (Microsoft Windows Portable Executable) files.
plan9obj Package plan9obj implements access to Plan 9 a.out object files.	Package plan9obj implements access to Plan 9 a.out object files.
demangle Package demangle defines functions that demangle GCC/LLVM C++ symbol names.	Package demangle defines functions that demangle GCC/LLVM C++ symbol names.
test
gope

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL