0cb742dafb
Rewrite with hard-coded offsets into the PE file format to discern if a binary is PE32 or PE32+, and then to determine if it contains a "CLR Data Directory" entry that looks valid. Tested with PE32 and PE32+ compiled Mono binaries, PE32 and PE32+ native binaries, and a random assortment of garbage files. Former-commit-id: 9e7ac86ec84f653a2f79b87183efd5b0ebda001b
29 lines
829 B
Plaintext
29 lines
829 B
Plaintext
binfmt-detector-cli
|
|
|
|
This utility determines the Microsoft PE executable file's
|
|
type (Native or .NET CLR).
|
|
|
|
It is inteded to be used as a filter a Linux binfmt
|
|
configuration, since binfmt itself is incapable of reliably
|
|
distinguishing between various PE file types (since they have
|
|
no different "magic string").
|
|
|
|
Technical information
|
|
|
|
The file's type is determined from certain characteristics
|
|
in the PE / COFF file header. It should be noted that the
|
|
techniques used might not be standard and are not throughtly
|
|
tested to work, so false detections might occur.
|
|
|
|
To be considered a CLR executable, the PE header's directory
|
|
entry for the "CLR Header" must have a non-zero address and
|
|
a non-zero size.
|
|
|
|
Original Author
|
|
|
|
Ilya Konstantinov <future@shiny.co.il>
|
|
|
|
Licenses
|
|
|
|
This utility is covered by the GPL license.
|