Files
addr2line
function.rslazy.rslib.rs
adler
algo.rslib.rs
aho_corasick
packed
teddy
compile.rsmod.rsruntime.rs
api.rsmod.rspattern.rsrabinkarp.rsvector.rs
ahocorasick.rsautomaton.rsbuffer.rsbyte_frequencies.rsclasses.rsdfa.rserror.rslib.rsnfa.rsprefilter.rsstate_id.rs
arrayvec
array.rsarray_string.rschar.rserrors.rslib.rsmaybe_uninit.rs
atty
lib.rs
backtrace
backtrace
libunwind.rsmod.rs
symbolize
gimli
elf.rslibs_dl_iterate_phdr.rsmmap_unix.rsstash.rs
gimli.rsmod.rs
capture.rslib.rsprint.rstypes.rs
bitflags
lib.rs
camino
lib.rsserde_impls.rs
cargo_metadata
dependency.rsdiagnostic.rserrors.rslib.rsmessages.rs
cargo_nextest
cargo_cli.rsdispatch.rserrors.rslib.rsoutput.rs
cargo_platform
cfg.rserror.rslib.rs
cfg_expr
expr
lexer.rsparser.rs
targets
builtins.rs
error.rsexpr.rslib.rstargets.rs
cfg_if
lib.rs
chrono
format
mod.rsparse.rsparsed.rsscan.rsstrftime.rs
naive
date.rsdatetime.rsinternals.rsisoweek.rstime.rs
offset
fixed.rslocal.rsmod.rsutc.rs
sys
unix.rs
date.rsdatetime.rsdiv.rslib.rsround.rssys.rs
clap
build
app
debug_asserts.rsmod.rssettings.rs
arg
debug_asserts.rsmod.rspossible_value.rssettings.rsvalue_hint.rs
arg_group.rsmacros.rsmod.rsusage_parser.rs
output
fmt.rshelp.rsmod.rsusage.rs
parse
features
mod.rssuggestions.rs
matches
arg_matches.rsmatched_arg.rsmod.rs
arg_matcher.rserrors.rsmod.rsparser.rsvalidator.rs
util
color.rsfnv.rsgraph.rsid.rsmod.rs
derive.rslib.rsmacros.rsmkeymap.rs
clap_derive
derives
arg_enum.rsargs.rsinto_app.rsmod.rsparser.rssubcommand.rs
utils
doc_comments.rsmod.rsspanned.rsty.rs
attrs.rsdummies.rslib.rsparse.rs
color_eyre
section
help.rsmod.rs
config.rsfmt.rshandler.rslib.rsprivate.rswriters.rs
config
file
format
mod.rstoml.rs
source
file.rsmod.rsstring.rs
mod.rs
path
mod.rsparser.rs
config.rsde.rsenv.rserror.rslib.rsser.rssource.rsvalue.rs
crossbeam_channel
flavors
array.rsat.rslist.rsmod.rsnever.rstick.rszero.rs
channel.rscontext.rscounter.rserr.rslib.rsselect.rsselect_macro.rsutils.rswaker.rs
crossbeam_deque
deque.rslib.rs
crossbeam_epoch
sync
list.rsmod.rsqueue.rs
atomic.rscollector.rsdefault.rsdeferred.rsepoch.rsguard.rsinternal.rslib.rs
crossbeam_utils
atomic
atomic_cell.rsconsume.rsmod.rsseq_lock.rs
sync
mod.rsparker.rssharded_lock.rswait_group.rs
backoff.rscache_padded.rslib.rsthread.rs
ctrlc
platform
unix
mod.rs
mod.rs
error.rslib.rssignal.rs
datatest_stable
lib.rsmacros.rsrunner.rsutils.rs
debug_ignore
lib.rs
duct
lib.rsunix.rs
either
lib.rs
enable_ansi_support
lib.rs
env_logger
filter
mod.rsstring.rs
fmt
humantime
mod.rsshim_impl.rs
writer
termcolor
mod.rsshim_impl.rs
atty.rsmod.rs
mod.rs
lib.rs
eyre
backtrace.rschain.rscontext.rserror.rsfmt.rskind.rslib.rsmacros.rswrapper.rs
fixedbitset
lib.rsrange.rs
gimli
read
abbrev.rsaddr.rsaranges.rscfi.rsdwarf.rsendian_slice.rsindex.rsline.rslists.rsloclists.rslookup.rsmod.rsop.rspubnames.rspubtypes.rsreader.rsrnglists.rsstr.rsunit.rsutil.rsvalue.rs
arch.rscommon.rsconstants.rsendianity.rsleb128.rslib.rs
guppy
graph
cargo
build.rscargo_api.rsmod.rs
feature
build.rscycles.rsfeature_list.rsgraph_impl.rsmod.rsquery.rsresolve.rs
build.rsbuild_targets.rscycles.rsgraph_impl.rsmod.rsquery.rsquery_core.rsresolve.rsresolve_core.rs
petgraph_support
dfs.rsdot.rsedge_ref.rsmod.rsscc.rstopo.rswalk.rs
platform
mod.rsplatform_eval.rsplatform_spec.rs
dependency_kind.rserrors.rslib.rsmacros.rsmetadata_command.rspackage_id.rssorted_set.rs
guppy_workspace_hack
lib.rs
hashbrown
external_trait_impls
mod.rs
raw
alloc.rsbitmask.rsmod.rssse2.rs
lib.rsmacros.rsmap.rsscopeguard.rsset.rs
humantime
date.rsduration.rslib.rswrapper.rs
humantime_serde
lib.rs
indent_write
fmt.rsindentable.rsio.rslib.rs
indenter
lib.rs
indexmap
map
core
raw.rs
core.rs
equivalent.rslib.rsmacros.rsmap.rsmutable_keys.rsset.rsutil.rs
is_ci
lib.rs
itertools
adaptors
coalesce.rsmap.rsmod.rsmulti_product.rs
combinations.rscombinations_with_replacement.rsconcat_impl.rscons_tuples_impl.rsdiff.rsduplicates_impl.rseither_or_both.rsexactly_one_err.rsflatten_ok.rsformat.rsfree.rsgroup_map.rsgroupbylazy.rsgrouping_map.rsimpl_macros.rsintersperse.rsk_smallest.rskmerge_impl.rslazy_buffer.rslib.rsmerge_join.rsminmax.rsmultipeek_impl.rspad_tail.rspeek_nth.rspeeking_take_while.rspermutations.rspowerset.rsprocess_results_impl.rsput_back_n_impl.rsrciter_impl.rsrepeatn.rssize_hint.rssources.rstee.rstuple_impl.rsunique_impl.rsunziptuple.rswith_position.rszip_eq_impl.rszip_longest.rsziptuple.rs
itoa
lib.rsudiv128.rs
lazy_static
inline_lazy.rslib.rs
lexical_core
atof
algorithm
format
exponent.rsinterface.rsmod.rsstandard.rstraits.rstrim.rsvalidate.rs
alias.rsbhcomp.rsbigcomp.rsbignum.rscached.rscached_float160.rscached_float80.rscorrect.rserrors.rslarge_powers.rslarge_powers_64.rsmath.rsmod.rssmall_powers.rssmall_powers_64.rs
api.rsmod.rs
atoi
api.rsexponent.rsgeneric.rsmantissa.rsmod.rsshared.rs
float
convert.rsfloat.rsmantissa.rsmod.rsrounding.rsshift.rs
ftoa
api.rsmod.rsryu.rs
itoa
api.rsdecimal.rsmod.rs
util
format
not_feature_format.rs
algorithm.rsassert.rscast.rsconfig.rsconsume.rsdiv128.rserror.rsformat.rsindex.rsiterator.rsmask.rsmod.rsnum.rsperftools.rspow.rsprimitive.rsresult.rsrounding.rssequence.rssign.rstable.rstraits.rs
lib.rs
libc
unix
linux_like
linux
arch
generic
mod.rs
mod.rs
gnu
b64
x86_64
align.rsmod.rsnot_x32.rs
mod.rs
align.rsmod.rs
align.rsmod.rsnon_exhaustive.rs
mod.rs
align.rsmod.rs
fixed_width_ints.rslib.rsmacros.rs
log
lib.rsmacros.rs
memchr
memchr
x86
avx.rsmod.rssse2.rs
fallback.rsiter.rsmod.rsnaive.rs
memmem
prefilter
x86
avx.rsmod.rssse.rs
fallback.rsgenericsimd.rsmod.rs
x86
avx.rsmod.rssse.rs
byte_frequencies.rsgenericsimd.rsmod.rsrabinkarp.rsrarebytes.rstwoway.rsutil.rsvector.rs
cow.rslib.rs
memoffset
lib.rsoffset_of.rsraw_field.rsspan_of.rs
miniz_oxide
deflate
buffer.rscore.rsmod.rsstream.rs
inflate
core.rsmod.rsoutput_buffer.rsstream.rs
lib.rsshared.rs
nested
lib.rs
nextest_metadata
errors.rsexit_codes.rslib.rstest_list.rs
nextest_runner
reporter
aggregator.rs
test_list
output_format.rs
config.rserrors.rshelpers.rslib.rspartition.rsreporter.rsrunner.rssignal.rsstopwatch.rstest_filter.rstest_list.rs
nix
mount
linux.rsmod.rs
net
if_.rsmod.rs
sys
ioctl
linux.rsmod.rs
ptrace
linux.rsmod.rs
socket
addr.rsmod.rssockopt.rs
aio.rsepoll.rseventfd.rsinotify.rsmemfd.rsmman.rsmod.rspersonality.rspthread.rsquota.rsreboot.rsresource.rsselect.rssendfile.rssignal.rssignalfd.rsstat.rsstatfs.rsstatvfs.rssysinfo.rstermios.rstime.rstimerfd.rsuio.rsutsname.rswait.rs
dir.rsenv.rserrno.rsfcntl.rsfeatures.rsifaddrs.rskmod.rslib.rsmacros.rsmqueue.rspoll.rspty.rssched.rstime.rsucontext.rsunistd.rs
nom
bits
complete.rsmacros.rsmod.rsstreaming.rs
branch
macros.rsmod.rs
bytes
complete.rsmacros.rsmod.rsstreaming.rs
character
complete.rsmacros.rsmod.rsstreaming.rs
combinator
macros.rsmod.rs
multi
macros.rsmod.rs
number
complete.rsmacros.rsmod.rsstreaming.rs
sequence
macros.rsmod.rs
error.rsinternal.rslib.rsmethods.rsstr.rstraits.rsutil.rswhitespace.rs
num_cpus
lib.rslinux.rs
num_integer
average.rslib.rsroots.rs
num_traits
ops
checked.rsinv.rsmod.rsmul_add.rsoverflowing.rssaturating.rswrapping.rs
bounds.rscast.rsfloat.rsidentities.rsint.rslib.rsmacros.rspow.rssign.rs
object
read
coff
comdat.rsfile.rsmod.rsrelocation.rssection.rssymbol.rs
elf
comdat.rscompression.rsdynamic.rsfile.rshash.rsmod.rsnote.rsrelocation.rssection.rssegment.rssymbol.rsversion.rs
macho
dyld_cache.rsfat.rsfile.rsload_command.rsmod.rsrelocation.rssection.rssegment.rssymbol.rs
pe
data_directory.rsexport.rsfile.rsimport.rsmod.rsrelocation.rsrich.rssection.rs
any.rsarchive.rsmod.rsread_ref.rstraits.rsutil.rs
archive.rscommon.rself.rsendian.rslib.rsmacho.rspe.rspod.rs
once_cell
imp_std.rslib.rsrace.rs
os_pipe
lib.rsunix.rs
os_str_bytes
common
mod.rsraw.rs
iter.rslib.rspattern.rsraw_str.rsutil.rs
owo_colors
colors
css.rscustom.rsdynamic.rsxterm.rs
colors.rscombo.rsdyn_colors.rsdyn_styles.rslib.rsoverrides.rsstyles.rssupports_colors.rs
pathdiff
lib.rs
petgraph
algo
astar.rsbellman_ford.rsdijkstra.rsdominators.rsfeedback_arc_set.rsfloyd_warshall.rsisomorphism.rsk_shortest_path.rsmatching.rsmod.rssimple_paths.rstred.rs
graph_impl
frozen.rsmod.rs
visit
dfsvisit.rsfilter.rsmacros.rsmod.rsreversed.rstraversal.rs
adj.rscsr.rsdata.rsdot.rsiter_format.rsiter_utils.rslib.rsmacros.rsoperator.rsprelude.rsscored.rstraits_graph.rsunionfind.rsutil.rs
proc_macro2
detection.rsfallback.rslib.rsmarker.rsparse.rswrapper.rs
proc_macro_error
imp
fallback.rs
diagnostic.rsdummy.rslib.rsmacros.rssealed.rs
proc_macro_error_attr
lib.rsparse.rssettings.rs
quick_junit
lib.rsreport.rsserialize.rs
quick_xml
events
attributes.rsmod.rs
errors.rsescapei.rslib.rsreader.rsutils.rswriter.rs
quote
ext.rsformat.rsident_fragment.rslib.rsruntime.rsspanned.rsto_tokens.rs
rayon
collections
binary_heap.rsbtree_map.rsbtree_set.rshash_map.rshash_set.rslinked_list.rsmod.rsvec_deque.rs
compile_fail
cannot_collect_filtermap_data.rscannot_zip_filtered_data.rscell_par_iter.rsmod.rsmust_use.rsno_send_par_iter.rsrc_par_iter.rs
iter
collect
consumer.rsmod.rs
find_first_last
mod.rs
plumbing
mod.rs
chain.rschunks.rscloned.rscopied.rsempty.rsenumerate.rsextend.rsfilter.rsfilter_map.rsfind.rsflat_map.rsflat_map_iter.rsflatten.rsflatten_iter.rsfold.rsfor_each.rsfrom_par_iter.rsinspect.rsinterleave.rsinterleave_shortest.rsintersperse.rslen.rsmap.rsmap_with.rsmod.rsmultizip.rsnoop.rsonce.rspanic_fuse.rspar_bridge.rspositions.rsproduct.rsreduce.rsrepeat.rsrev.rsskip.rssplitter.rsstep_by.rssum.rstake.rstry_fold.rstry_reduce.rstry_reduce_with.rsunzip.rsupdate.rswhile_some.rszip.rszip_eq.rs
slice
mergesort.rsmod.rsquicksort.rs
array.rsdelegate.rslib.rsmath.rsoption.rspar_either.rsprelude.rsprivate.rsrange.rsrange_inclusive.rsresult.rssplit_producer.rsstr.rsstring.rsvec.rs
rayon_core
compile_fail
mod.rsquicksort_race1.rsquicksort_race2.rsquicksort_race3.rsrc_return.rsrc_upvar.rsscope_join_bad.rs
join
mod.rs
scope
mod.rs
sleep
counters.rsmod.rs
spawn
mod.rs
thread_pool
mod.rs
job.rslatch.rslib.rslog.rsprivate.rsregistry.rsunwind.rs
regex
literal
imp.rsmod.rs
backtrack.rscompile.rsdfa.rserror.rsexec.rsexpand.rsfind_byte.rsinput.rslib.rspikevm.rspool.rsprog.rsre_builder.rsre_bytes.rsre_set.rsre_trait.rsre_unicode.rssparse.rsutf8.rs
regex_syntax
ast
mod.rsparse.rsprint.rsvisitor.rs
hir
literal
mod.rs
interval.rsmod.rsprint.rstranslate.rsvisitor.rs
unicode_tables
age.rscase_folding_simple.rsgeneral_category.rsgrapheme_cluster_break.rsmod.rsperl_word.rsproperty_bool.rsproperty_names.rsproperty_values.rsscript.rsscript_extension.rssentence_break.rsword_break.rs
either.rserror.rslib.rsparser.rsunicode.rsutf8.rs
rustc_demangle
legacy.rslib.rsv0.rs
ryu
buffer
mod.rs
pretty
exponent.rsmantissa.rsmod.rs
common.rsd2s.rsd2s_full_table.rsd2s_intrinsics.rsdigit_table.rsf2s.rsf2s_intrinsics.rslib.rs
same_file
lib.rsunix.rs
scopeguard
lib.rs
semver
backport.rsdisplay.rserror.rseval.rsidentifier.rsimpls.rslib.rsparse.rsserde.rs
serde
de
format.rsignored_any.rsimpls.rsmod.rsseed.rsutf8.rsvalue.rs
private
de.rsdoc.rsmod.rsser.rssize_hint.rs
ser
fmt.rsimpls.rsimpossible.rsmod.rs
integer128.rslib.rsmacros.rs
serde_derive
internals
ast.rsattr.rscase.rscheck.rsctxt.rsmod.rsreceiver.rsrespan.rssymbol.rs
bound.rsde.rsdummy.rsfragment.rslib.rspretend.rsser.rstry.rs
serde_json
features_check
mod.rs
io
mod.rs
value
de.rsfrom.rsindex.rsmod.rspartial_eq.rsser.rs
de.rserror.rsiter.rslib.rsmacros.rsmap.rsnumber.rsread.rsser.rs
shared_child
sys
mod.rsunix.rs
lib.rsunix.rs
shellwords
lib.rs
smallvec
lib.rs
static_assertions
assert_cfg.rsassert_eq_align.rsassert_eq_size.rsassert_fields.rsassert_impl.rsassert_obj_safe.rsassert_trait.rsassert_type.rsconst_assert.rslib.rs
strip_ansi_escapes
lib.rs
strsim
lib.rs
structopt
lib.rs
structopt_derive
attrs.rsdoc_comments.rslib.rsparse.rsspanned.rsty.rs
supports_color
lib.rs
syn
gen
clone.rsgen_helper.rs
attr.rsawait.rsbigint.rsbuffer.rscustom_keyword.rscustom_punctuation.rsdata.rsderive.rsdiscouraged.rserror.rsexport.rsexpr.rsext.rsfile.rsgenerics.rsgroup.rsident.rsitem.rslib.rslifetime.rslit.rslookahead.rsmac.rsmacros.rsop.rsparse.rsparse_macro_input.rsparse_quote.rspat.rspath.rsprint.rspunctuated.rsreserved.rssealed.rsspan.rsspanned.rsstmt.rsthread.rstoken.rsty.rsverbatim.rswhitespace.rs
target_lexicon
data_model.rshost.rslib.rsparse_error.rstargets.rstriple.rs
target_spec
errors.rslib.rsplatform.rssimple_eval.rsspec.rstriple.rs
termcolor
lib.rs
textwrap
core.rsindentation.rslib.rsword_separators.rsword_splitters.rswrap_algorithms.rs
time
display.rsduration.rslib.rsparse.rssys.rs
toml
datetime.rsde.rslib.rsmacros.rsmap.rsser.rsspanned.rstokens.rsvalue.rs
twox_hash
lib.rssixty_four.rsthirty_two.rsxxh3.rs
unicode_xid
lib.rstables.rs
utf8parse
lib.rstypes.rs
vte
definitions.rslib.rsparams.rstable.rs
vte_generate_state_changes
lib.rs
walkdir
dent.rserror.rslib.rsutil.rs
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

//! PE rich header handling

use core::mem;

use crate::pod::bytes_of_slice;
use crate::read::Bytes;
use crate::{pe, LittleEndian as LE, ReadRef, U32};

/// Parsed information about a Rich Header.
#[derive(Debug, Clone, Copy)]
pub struct RichHeaderInfo<'data> {
    /// The offset at which the rich header starts.
    pub offset: usize,
    /// The length (in bytes) of the rich header.
    ///
    /// This includes the payload, but also the 16-byte start sequence and the
    /// 8-byte final "Rich" and XOR key.
    pub length: usize,
    /// The XOR key used to mask the rich header.
    ///
    /// Unless the file has been tampered with, it should be equal to a checksum
    /// of the file header.
    pub xor_key: u32,
    masked_entries: &'data [pe::MaskedRichHeaderEntry],
}

/// A PE rich header entry after it has been unmasked.
///
/// See [`pe::MaskedRichHeaderEntry`].
#[derive(Debug, Clone, Copy)]
#[repr(C)]
pub struct RichHeaderEntry {
    /// ID of the component.
    pub comp_id: u32,
    /// Number of times this component has been used when building this PE.
    pub count: u32,
}

impl<'data> RichHeaderInfo<'data> {
    /// Try to locate a rich header and its entries in the current PE file.
    pub fn parse<R: ReadRef<'data>>(data: R, nt_header_offset: u64) -> Option<Self> {
        // Locate the rich header, if any.
        // It ends with the "Rich" string and an XOR key, before the NT header.
        let data = data.read_bytes_at(0, nt_header_offset).map(Bytes).ok()?;
        let end_marker_offset = memmem(data.0, b"Rich", 4)?;
        let xor_key = *data.read_at::<U32<LE>>(end_marker_offset + 4).ok()?;

        // It starts at the masked "DanS" string and 3 masked zeroes.
        let masked_start_marker = U32::new(LE, 0x536e_6144 ^ xor_key.get(LE));
        let start_header = [masked_start_marker, xor_key, xor_key, xor_key];
        let start_sequence = bytes_of_slice(&start_header);
        let start_marker_offset = memmem(&data.0[..end_marker_offset], start_sequence, 4)?;

        // Extract the items between the markers.
        let items_offset = start_marker_offset + start_sequence.len();
        let items_len = end_marker_offset - items_offset;
        let item_count = items_len / mem::size_of::<pe::MaskedRichHeaderEntry>();
        let items = data.read_slice_at(items_offset, item_count).ok()?;
        Some(RichHeaderInfo {
            offset: start_marker_offset,
            // Includes "Rich" marker and the XOR key.
            length: end_marker_offset - start_marker_offset + 8,
            xor_key: xor_key.get(LE),
            masked_entries: items,
        })
    }

    /// Returns an iterator over the unmasked entries.
    pub fn unmasked_entries(&self) -> impl Iterator<Item = RichHeaderEntry> + 'data {
        let xor_key = self.xor_key;
        self.masked_entries
            .iter()
            .map(move |entry| RichHeaderEntry {
                comp_id: entry.masked_comp_id.get(LE) ^ xor_key,
                count: entry.masked_count.get(LE) ^ xor_key,
            })
    }
}

/// Find the offset of the first occurence of needle in the data.
///
/// The offset must have the given alignment.
fn memmem(data: &[u8], needle: &[u8], align: usize) -> Option<usize> {
    let mut offset = 0;
    loop {
        if data.get(offset..)?.get(..needle.len())? == needle {
            return Some(offset);
        }
        offset += align;
    }
}