def platformGetImageBaseAddress(self, name=None):
trace = self.trace
if name is None:
name = trace.getMeta("ExeName")
#print "Exe name is %s"%(str(name))
if name and os.path.split(trace.metadata['ExeName']) > 0:
fname = os.path.split(trace.metadata['ExeName'])[-1]
name = os.path.splitext(fname)[0]
#print "Exe base name is %s"%(str(name))
if name is None or\
not trace.hasMeta('LibraryBases') or\
not name in trace.getMeta('LibraryBases'):
return "0xFFFFFFFF"
baseAddr = trace.getMeta('LibraryBases')[name]
mem = PE.MemObjFile(trace, baseAddr)
pobj = PE.PE(mem, inmem=True)
optionalHeader = pobj.IMAGE_NT_HEADERS.OptionalHeader
#+x.BaseOfCode
return "0x%x" % (baseAddr + optionalHeader.BaseOfCode)
t = vdb.trace
bases = t.getMeta("LibraryBases")
paths = t.getMeta("LibraryPaths")
names = args
if len(names) == 0:
names = t.getNormalizedLibNames()
names.sort()
names = vdb.columnstr(names)
for libname in names:
base = bases.get(libname.strip(), -1)
path = paths.get(base, "unknown")
mem = PE.MemObjFile(t, base)
pobj = PE.PE(mem, inmem=True)
if showimps:
ldeps = {}
for rva, lname, fname in pobj.getImports():
ldeps[lname.lower()] = True
lnames = ldeps.keys()
lnames.sort()
vdb.vprint('0x%.8x - %.30s %s' % (base, libname, ' '.join(lnames)))
elif showvers:
vdb.vprint('0x%.8x - %.30s %s' % (base, libname, path))
elif showtime:
tstamp = pobj.IMAGE_NT_HEADERS.FileHeader.TimeDateStamp
vdb.vprint('0x%.8x - %.30s 0x%.8x' % (base, libname, tstamp))
else: