1    :  // Copyright 2015 Google Inc. All Rights Reserved.
   2    :  //
   3    :  // Licensed under the Apache License, Version 2.0 (the "License");
   4    :  // you may not use this file except in compliance with the License.
   5    :  // You may obtain a copy of the License at
   6    :  //
   7    :  //     http://www.apache.org/licenses/LICENSE-2.0
   8    :  //
   9    :  // Unless required by applicable law or agreed to in writing, software
  10    :  // distributed under the License is distributed on an "AS IS" BASIS,
  11    :  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12    :  // See the License for the specific language governing permissions and
  13    :  // limitations under the License.
  14    :  
  15    :  #ifndef SYZYGY_REFINERY_PROCESS_STATE_LAYER_DATA_H_
  16    :  #define SYZYGY_REFINERY_PROCESS_STATE_LAYER_DATA_H_
  17    :  
  18    :  #include <vector>
  19    :  
  20    :  #include "base/md5.h"
  21    :  #include "base/containers/hash_tables.h"
  22    :  #include "base/strings/string_piece.h"
  23    :  #include "syzygy/pe/pe_file.h"
  24    :  
  25    :  namespace refinery {
  26    :  
  27    :  // Empty shell.
  28    :  class NoData {
  29    :  };
  30    :  
  31    :  // An abstracted module identifier. This has a one-to-one mapping to platform
  32    :  // specific module identifiers, eg {size, checksum, timstamp} on Windows. Note
  33    :  // that multiple instances of the same module may be mapped at different
  34    :  // addresses in a process state.
  35    :  typedef uint32_t ModuleId;
  36    :  const ModuleId kNoModuleId = static_cast<ModuleId>(-1);
  37    :  
  38    :  struct PESignatureHasher {
  39    :   public:
  40    :    std::size_t operator()(pe::PEFile::Signature const& s) const;
  41    :  };
  42    :  
  43    :  // Data relevant to a process state's module layer.
  44    :  class ModuleLayerData {
  45    :   public:
  46    :    using Signatures = std::vector<pe::PEFile::Signature>;
  47    :  
  48    :    ModuleLayerData();
  49    :  
  50    :    // Find the module id corresponding to a signature.
  51    :    // @param signature the module's signature.
  52    :    // @returns the corresponding module id, or kNoModuleId if the signature is
  53    :    //     unknown.
  54    :    ModuleId Find(const pe::PEFile::Signature& signature) const;
  55    :  
  56    :    // Find the module id corresponding to a signature if it exists, otherwise
  57    :    // index the signature and return the newly assigned module id.
  58    :    // @param signature the module's signature.
  59    :    // @returns the corresponding module id.
  60    :    ModuleId FindOrIndex(const pe::PEFile::Signature& signature);
  61    :  
  62    :    // Find and return the signature corresponding to a module @p id.
  63    :    // @param id the module identifier.
  64    :    // @param signature on success, contains the signature corresponding to module
  65    :    //     @p id.
  66    :    // @returns true on success, false otherwise.
  67    :    bool Find(ModuleId id, pe::PEFile::Signature* signature) const;
  68    :  
  69  E :    const Signatures& signatures() const { return signatures_; }
  70    :  
  71    :   private:
  72    :    base::hash_map<pe::PEFile::Signature, ModuleId, PESignatureHasher>
  73    :        signature_to_id_;
  74    :    Signatures signatures_;
  75    :  };
  76    :  
  77    :  }  // namespace refinery
  78    :  
  79    :  #endif  // SYZYGY_REFINERY_PROCESS_STATE_LAYER_DATA_H_