[PATCH] peflags: add support for IMAGE_DLLCHARACTERISTICS_GUARD_CF

Sun, 16 Apr 2023 06:12:11 -0700 

This allows for setting, clearing, and displaying the value of the
"control flow guard" dll characteristics flag.

For the option naming something like cfguard would probably be
easier to understand, but the MSVC flag is "/guard:cf" and the macro
contains GUARD_CF, so use "guard-cf" for consistency.

This is motivated by mingw-w64 and llvm v16 gaining support for
CFG (Control Flow Guard).
---
 peflags.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/peflags.c b/peflags.c
index b1cd7a8..83ce48e 100644
--- a/peflags.c
+++ b/peflags.c
@@ -121,7 +121,7 @@ static const symbolic_flags_t pe_symbolic_flags[] = {
   CF(0x0800, no-bind),
 /*CF(0x1000, reserved_0x1000),*/
   CF(0x2000, wdmdriver),
-/*CF(0x4000, reserved_0x4000),*/
+  CF(0x4000, guard-cf),
   CF(0x8000, tsaware),
   {0, 0, 0}
 };
@@ -182,6 +182,7 @@ sizeof_values_t sizeof_vals[5] = {
 static struct option long_options[] = {
   {"dynamicbase",  optional_argument, NULL, 'd'},
   {"high-entropy-va", optional_argument, NULL, 'e'},
+  {"guard-cf",     optional_argument, NULL, 'g'},
   {"forceinteg",   optional_argument, NULL, 'f'},
   {"nxcompat",     optional_argument, NULL, 'n'},
   {"no-isolation", optional_argument, NULL, 'i'},
@@ -204,7 +205,7 @@ static struct option long_options[] = {
   {NULL, no_argument, NULL, 0}
 };
 static const char *short_options
-       = "d::e::f::n::i::s::b::W::t::w::l::S::x::X::y::Y::z::T:vhV";
+       = "d::e::g::f::n::i::s::b::W::t::w::l::S::x::X::y::Y::z::T:vhV";
 
 static void short_usage (FILE *f);
 static void help (FILE *f);
@@ -706,6 +707,11 @@ parse_args (int argc, char *argv[])
                                 optarg,
                                 IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA);
          break;
+       case 'g':
+         handle_pe_flag_option (long_options[option_index].name,
+                                optarg,
+                                IMAGE_DLLCHARACTERISTICS_GUARD_CF);
+         break;
        case 'n':
          handle_pe_flag_option (long_options[option_index].name,
                                 optarg,
@@ -1079,6 +1085,7 @@ help (FILE *f)
 "  -e,\n"
 "  --high-entropy-va  [BOOL]   Image is compatible with 64-bit address space\n"
 "                              layout randomization (ASLR).\n"
+"  -g, --guard-cf     [BOOL]   Image supports Control Flow Guard.\n"
 "  -f, --forceinteg   [BOOL]   Code integrity checks are enforced.\n"
 "  -n, --nxcompat     [BOOL]   Image is compatible with data execution\n"
 "                              prevention (DEP).\n"
-- 
2.40.0

Reply via email to