show some import addresses

2025-12-06 12:56:41 +01:00 · 2025-02-20 02:57:29 +02:00 · 2025-02-20 02:57:29 +02:00 · 513166ddd5
commit 513166ddd5
parent 18fbfe62ac
4 changed files with 44 additions and 5 deletions
--- a/crates/vestal/Cargo.toml
+++ b/crates/vestal/Cargo.toml
@ -11,6 +11,7 @@ hexy = "0.1.4"
 pretty-hex = "0.4.1"
 exe = "0.5.6"
 iced-x86 = "1.21.0"
+itertools = "0.14.0"
 #elf = "0.7.4"
 #goblin = "0.9.3"
 #lancelot = "0.9.7"
--- a/crates/vestal/src/main.rs
+++ b/crates/vestal/src/main.rs
@ -140,14 +140,35 @@ impl Vestal {
        for descriptor in directory.descriptors {
            let dep = descriptor.get_name(dll)?.as_str()?;
            let resolved = self.resolve(&dep)?.expect("no path for {name}");
-            print!("\n  (module\n    {dep:?}\n    {:?}", &resolved);
+            print!("\n  (module {dep:?} 0x{:>08x} 0x{:>08x}\n    {resolved:?}",
+                &descriptor.first_thunk.0,
+                &descriptor.original_first_thunk.0);
            let mut imports = Vec::new();
-            for import in descriptor.get_imports(dll)? {
+            let thunks  = descriptor.get_first_thunk(dll)?;
+            let origs   = descriptor.get_original_first_thunk(dll)?;
+            let lookups = descriptor.get_lookup_thunks(dll)?;
+            for (thunk, orig, lookup, import) in izip!(
+                thunks.iter().map(|thunk|format!("0x{:08x}", match thunk {
+                    Thunk::Thunk32(t) => panic!("32 bit thunk"),
+                    Thunk::Thunk64(t) => t.0
+                })),
+                origs.iter().map(|thunk|format!("0x{:08x}", match thunk {
+                    Thunk::Thunk32(t) => panic!("32 bit original thunk"),
+                    Thunk::Thunk64(t) => t.0
+                })),
+                lookups.iter().map(|thunk|format!("0x{:08x}", match thunk {
+                    Thunk::Thunk32(t) => panic!("32 bit original thunk"),
+                    Thunk::Thunk64(t) => t.0
+                })),
+                descriptor.get_imports(dll)?
+            ) {
                match import {
-                    ImportData::Ordinal(x) => print!("\n    (import-ordinal 0x{x:>04x})"),
-                    ImportData::ImportByName(n) => print!("\n    (import-by-name {n:?})"),
+                    ImportData::Ordinal(x) =>
+                        print!("\n    (import-ordinal {thunk} 0x{x:>04x})"),
+                    ImportData::ImportByName(n) =>
+                        print!("\n    (import-by-name {thunk} {n:?})"),
                }
-                imports.push(import);
+                imports.push((thunk, orig, import));
            }
            import_map.insert(dep, (resolved, imports));
            println!(")")
--- a/crates/vestal/src/util.rs
+++ b/crates/vestal/src/util.rs
@ -4,6 +4,7 @@ pub(crate) use std::error::Error;
 pub(crate) use std::path::{Path, PathBuf};
 pub(crate) use std::collections::{HashMap, HashSet};
 pub(crate) use std::fs::{read, canonicalize};
+pub(crate) use itertools::izip;
 //pub(crate) use ::lancelot::loader::pe::{PE, reloc::apply_relocations};
 //pub(crate) use ::goblin::{error, Object, pe::{import::Import, export::Export}};
 pub(crate) use ::object::endian::LittleEndian;