Differences

This shows you the differences between two versions of the page.

--- en:docs:tk:formats:newexe [2024/09/22 08:50] – created prokushev
+++ en:docs:tk:formats:newexe [2024/10/13 14:35] (current) – prokushev
@@ Line 1: / Line 1: @@
+====== New Executable file format ======
+New Executable (NE) file format used by set of operating system including OS/2, Windows, Multitasking MS-DOS 4 and set of DOS Extenders. It is designed to be store on disk and in-memory usage. In-disk format is same for all OSes, but In-memory usage is mostly specific for Windows systems.
 ^ Offset ^ Size ^ Name ^ Description ^
-| 00h | WORD | e_magic | 0x4d, 0x5a. This is the "magic number" of an EXE file. The first byte of the file is 0x4d and the second is 0x5a. |
+| 00h | WORD | ne_magic | Signature word NEMAGIC |
-| 02h | WORD | e_cblp  | The number of bytes in the last block of the program that are actually used. If this value is zero, that means the entire last block is used (i.e. the effective value is 512). |
+| On-disk ||||
-| 04h | WORD | e_cp | Number of blocks in the file that are part of the EXE file. If [02-03] is non-zero, only that much of the last block is used. |
+| 02h | BYTE | ne_ver | Version number of the linker |
-| 06h | WORD| e_crlc | Number of relocation entries stored after the header. May be zero. |
+| 03h | BYTE| ne_rev | Revision number of the linker |
-    WORD	e_cparhdr;			/* Number of paragraphs in the header. The program's data begins just after the header, and this field can be used to calculate the appropriate file offset. The header includes the relocation entries. Note that some OSs and/or programs may fail if the header is not a multiple of 512 bytes. */
+| In-memory ||||
-    WORD	e_minalloc;			/* Number of paragraphs of additional memory that the program will need. This is the equivalent of the BSS size in a Unix program. The program can't be loaded if there isn't at least this much memory available to it. */
+| 02h | WORD | count | Usage count (ne_ver/ne_rev on disk) |
-    WORD	e_maxalloc;			/* Maximum number of paragraphs of additional memory. Normally, the OS reserves all the remaining conventional memory for your program, but you can limit it with this field. */
+| 04h | WORD | ne_enttab | Entry Table file offset, relative to the beginning of the segmented EXE header |
-    WORD	e_ss;				/* Relative value of the stack segment. This value is added to the segment the program was loaded at, and the result is used to initialize the SS register. */
+| On-disk ||||
-    WORD	e_sp;				/* Initial value of the SP register. */
+| 06h | WORD | ne_cbenttab | Number of bytes in the entry table |
-    WORD	e_csum;				/* Word checksum. If set properly, the 16-bit sum of all words in the file should be zero. Usually, this isn't filled in. */
+| In-memory ||||
-    WORD	e_ip;				/* Initial value of the IP register. */
+| 06h | WORD | next | Selector to next module |
-    WORD	e_cs;				/* Initial value of the CS register, relative to the segment the program was loaded at. */
+| On-disk ||||
-    WORD	e_lfarlc;			/* Offset of the first relocation item in the file. */
+| 08h | DWORD | ne_crc | 32-bit CRC of entire contents of file. These words are taken as 00 during the calculation |
-    WORD	e_ovno;				/* Overlay number. Normally zero, meaning that it's the main program. */
+| In-memory ||||
-    WORD	e_res[ERES1WDS];
+| 08h | WORD | dgroup_entry | Near ptr to segment entry for DGROUP |
-    WORD	e_oemid;
+| 0Ah | WORD | fileinfo | Near ptr to file info (OFSTRUCT) |
-    WORD	e_oeminfo;
+| 0Ch | WORD | ne_flags | Flag word |
-    WORD	e_res2[ERES2WDS];
+| 0Eh | WORD | ne_autodata | Segment number of automatic data segment. This value is set to zero if SINGLEDATA and MULTIPLEDATA flag bits are clear, NOAUTODATA is indicated in the flags word. A Segment number is an index into the module's segment table. The first entry in the segment table is segment number 1 |
-    DWORD	e_lfanew;
+| 10h | WORD | ne_heap | Initial size, in bytes, of dynamic heap added to the data segment. This value is zero if no initial local heap is allocated |
-};
+| 12h | WORD | ne_stack | Initial size, in bytes, of stack added to the data segment. This value is zero to indicate no initial stack allocation, or when SS is not equal to DS |
+| 14h | DWORD | ne_csip | Segment number:offset of CS:IP |
+| 18h | DWORD | ne_sssp | Segment number:offset of SS:SP \\ If SS equals the automatic data segment and SP equals zero, the stack pointer is set to the top of the automatic data segment just below the additional heap area. \\ +--------------------------+\\ ! additional dynamic heap  !\\ +--------------------------+ <- SP\\ !    additional stack      !\\ +--------------------------+\\ ! loaded auto data segment !%\\ +--------------------------+ <- DS, SS |
+| 1Ch | WORD | ne_cseg | Number of entries in the Segment Table |
+| 1Eh | WORD | ne_cmod | Number of entries in the Module Reference Table |
+| 20h | WORD | ne_cbnrestab | Number of bytes in the Non-Resident Name Table |
+| 22h | WORD | ne_segtab | Segment Table file offset, relative to the beginning of the segmented EXE header |
+| 24h | WORD | ne_rsrctab | Resource Table file offset, relative to the beginning of the segmented EXE header |
+| 26h | WORD | ne_restab | Resident Name Table file offset, relative to the beginning of the segmented EXE header |
+| 28h | WORD | ne_modtab | Module Reference Table file offset, relative to the beginning of the segmented EXE header |
+| 2Ah | WORD | ne_imptab | Imported Names Table file offset, relative to the beginning of the segmented EXE header |
+| 2Ch | DWORD | ne_nrestab | Non-Resident Name Table offset, relative to the beginning of the file |
+| 30h | WORD | ne_cmovent | Number of movable entries in the Entry Table |
+| 32h | WORD | ne_align | Logical sector alignment shift count, log(base 2) of the segment sector size (default 9) |
+| 34h | WORD | ne_cres | Number of resource entries |
+| 36h | BYTE | ne_exetyp | Executable type, used by loader. 02h = WINDOWS |
+| 37h | BYTE | ne_flagsothers | Operating system flags |
+| 38h | WORD | ??? | offset to return thunks or start of gangload area |
+| 3Ah | WORD | ??? | offset to segment reference thunks or length of gangload area |
+| 3Ch | WORD | ??? | minimum code swap area size |
+| 3Eh | 2 BYTEs | ??? | expected Windows version (minor version first) |
-/* In-disk and In-memory module structure. See 'Windows Internals' p. 219 */
+On-disk segment entry
-struct new_exe {
+^ Offset ^ Size ^ Name ^ Description ^
-    WORD  ne_magic;					/* Signature word EMAGIC */
+| 00h | WORD | ns_sector | Logical-sector offset (n byte) to the contents of the segment data, relative to the beginning of the file. Zero means no file data |
-	union {
+| 02h | WORD | ns_cbseg | Length of the segment in the file, in bytes. Zero means 64K |
-		struct {
+| 04h | WORD | ns_flags | Flag word |
-			BYTE   ne_ver;			/* Version number of the linker */
+| 06h | WORD | ns_minalloc | Minimum allocation size of the segment, in bytes. Total size of the segment. Zero means 64K |
-			BYTE   ne_rev;			/* Revision number of the linker */
-		};
-		WORD  count;				/* Usage count (ne_ver/ne_rev on disk) */
-	};
-    WORD  ne_enttab;				/* Entry Table file offset, relative to the beginning of
-									   the segmented EXE header */
-	union {
-		WORD  ne_cbenttab;			/* Number of bytes in the entry table */
-		WORD  next;					/* Selector to next module */
-	};
-	union {
-		DWORD            ne_crc;	/* 32-bit CRC of entire contents of file.
-									   These words are taken as 00 during the calculation */
-		struct {
-			WORD	dgroup_entry;	/* Near ptr to segment entry for DGROUP */
-			WORD	fileinfo;		/* Near ptr to file info (OFSTRUCT)*/
-		};
-	};
-    WORD  ne_flags;					/* Flag word */
-    WORD  ne_autodata;				/* Segment number of automatic data segment.
-									   This value is set to zero if SINGLEDATA and
-									   MULTIPLEDATA flag bits are clear, NOAUTODATA is
-									   indicated in the flags word.
-									   A Segment number is an index into the module's segment
+In-memory segment entry
-									   table. The first entry in the segment table is segment
-									   number 1 */
-    WORD  ne_heap;					/* Initial size, in bytes, of dynamic heap added to the
-									   data segment. This value is zero if no initial local
-									   heap is allocated */
-    WORD  ne_stack;					/* Initial size, in bytes, of stack added to the data
-									   segment. This value is zero to indicate no initial
-									   stack allocation, or when SS is not equal to DS */
-    DWORD            ne_csip;		/* Segment number:offset of CS:IP */
-	DWORD            ne_sssp;		/* Segment number:offset of SS:SP.
-									   If SS equals the automatic data segment and SP equals
-									   zero, the stack pointer is set to the top of the
-									   automatic data segment just below the additional heap
-									   area.
-									   +--------------------------+
+^ Offset ^ Size ^ Name ^ Description ^
-									   | additional dynamic heap  |
+| 00h | WORD | ns1_sector | Logical-sector offset (n byte) to the contents of the segment data, relative to the beginning of the file. Zero means no file data |
-									   +--------------------------+ <- SP
+| 02h | WORD | ns1_cbseg | Length of the segment in the file, in bytes. Zero means 64K |
-									   |    additional stack      |
+| 04h | WORD | ns1_flags | Flag word |
-									   +--------------------------+
+| 06h | WORD | ns1_minalloc | Minimum allocation size of the segment, in bytes. Total size of the segment. Zero means 64K |
-									   | loaded auto data segment |
+| 08h | WORD | ns1_handle | Selector or handle (selector - 1) of segment in memory |
-									   +--------------------------+ <- DS, SS */
-    WORD  ne_cseg;					/* Number of entries in the Segment Table */
-    WORD  ne_cmod;					/* Number of entries in the Module Reference Table */
-    WORD  ne_cbnrestab;				/* Number of bytes in the Non-Resident Name Table */
-    WORD  ne_segtab;				/* Segment Table file offset, relative to the beginning
-									   of the segmented EXE header */
-    WORD  ne_rsrctab;				/* Resource Table file offset, relative to the beginning
-									   of the segmented EXE header */
-	WORD  ne_restab;				/* Resident Name Table file offset, relative to the
-									   beginning of the segmented EXE header */
-    WORD  ne_modtab;				/* Module Reference Table file offset, relative to the
-									   beginning of the segmented EXE header */
-    WORD  ne_imptab;				/* Imported Names Table file offset, relative to the
-									   beginning of the segmented EXE header */
-    DWORD	ne_nrestab;				/* Non-Resident Name Table offset, relative to the
-									   beginning of the file */
-    WORD	ne_cmovent;				/* Number of movable entries in the Entry Table */
-    WORD	ne_align;				/* Logical sector alignment shift count, log(base 2) of
-									   the segment sector size (default 9) */
-    WORD	ne_cres;				/* Number of resource entries */
-    BYTE	ne_exetyp;				/* Executable type, used by loader.
-h = WINDOWS */
-    BYTE	ne_flagsothers;			/* Operating system flags */
-    char	ne_res[NERESBYTES];		/* Reserved */
-};
-// On-disk segment entry
-struct new_seg {
-    WORD  ns_sector;				/* Logical-sector offset (n byte) to the contents of the segment
-									   data, relative to the beginning of the file. Zero means no
-									   file data */
-    WORD  ns_cbseg;					/* Length of the segment in the file, in bytes. Zero means 64K */
-    WORD  ns_flags;					/* Flag word */
-    WORD  ns_minalloc;				/* Minimum allocation size of the segment, in bytes. Total size
-									   of the segment. Zero means 64K */
-};
-// In-memory segment entry
-struct new_seg1 {
-    WORD  ns1_sector;				/* Logical-sector offset (n byte) to the contents of the segment
-									   data, relative to the beginning of the file. Zero means no
-									   file data */
-    WORD  ns1_cbseg;				/* Length of the segment in the file, in bytes. Zero means 64K */
-    WORD  ns1_flags;				/* Flag word */
-    WORD  ns1_minalloc;				/* Minimum allocation size of the segment, in bytes. Total size
-									   of the segment. Zero means 64K */
-    WORD  ns1_handle;				/* Selector or handle (selector - 1) of segment in memory */
-};
 struct new_segdata {
@@ Line 136: / Line 76: @@
 };
-struct new_rlcinfo {
+Relocation table header
-    WORD  nr_nreloc;
-};
-struct new_rlc {
+^ Offset ^ Size ^ Name ^ Description ^
-    char            nr_stype;
+| 00h | WORD | nr_nreloc | Number of relocation table entries |
-    char            nr_flags;
-    WORD  nr_soff;
-    union {
-        struct {
-            char            nr_segno;
-            char            nr_res;
-            WORD  nr_entry;
-          } nr_intref;
-        struct {
-            WORD  nr_mod;
-            WORD  nr_proc;
-          } nr_import;
-        struct {
-            WORD  nr_ostype;
-            WORD  nr_osres;
-          } nr_osfix;
-      } nr_union;
-};
-#define NR_STYPE(x)     (x).nr_stype
+Relocation table entry
-#define NR_FLAGS(x)     (x).nr_flags
-#define NR_SOFF(x)      (x).nr_soff
-#define NR_SEGNO(x)     (x).nr_union.nr_intref.nr_segno
-#define NR_RES(x)       (x).nr_union.nr_intref.nr_res
-#define NR_ENTRY(x)     (x).nr_union.nr_intref.nr_entry
-#define NR_MOD(x)       (x).nr_union.nr_import.nr_mod
-#define NR_PROC(x)      (x).nr_union.nr_import.nr_proc
-#define NR_OSTYPE(x)    (x).nr_union.nr_osfix.nr_ostype
-#define NR_OSRES(x)     (x).nr_union.nr_osfix.nr_osres
-#define NRSTYP      0x0f
+^ Offset ^ Size ^ Name ^ Description ^
-#define NRSBYT      0x00
+| 00h | char | nr_stype | Source type (0Fh = NRSTYP - source mask): 00h = LOBYTE, 02h = SEGMENT, 03h = FAR_ADDR (32-bit pointer), 05h = OFFSET (16-bit offset) |
-#define NRSSEG      0x02
+| 01h | char | nr_flags | Flags byte (03h = TARGET_MASK): 00h = INTERNALREF, 01h = IMPORTORDINAL, 02h = IMPORTNAME, 03h = OSFIXUP, 04h = ADDITIVE |
-#define NRSPTR      0x03
+| 02h | WORD | nr_soff | Offset within this segment of the source chain. If the ADDITIVE flag is set, then target value is added to the source contents, instead of replacing the source and following the chain. The source chain is an 0FFFFh terminated linked list within this segment of all references to the target |
-#define NRSOFF      0x05
+| Internal fixup ||||
-#define NRPTR48     0x06
+| 04h | char | nr_segno | Segment number (for fixed segment) or 0FFh (for movable segment) |
-#define NROFF32     0x07
+| 05h | char | nr_res | Reserved (usually zero) |
-#define NRSOFF32    0x08
+| 06h | WORD | nr_entry | Entry table number (for movable segment) offset segment |
+| Import ||||
+| 04h | WORD | nr_mod | ??? |
+| 06h | WORD | nr_proc | ??? |
+| OS Fixup ||||
+| 04h | WORD | nr_ostype | ??? |
+| 06h | WORD | nr_osres | ??? |
-#define NRADD       0x04
-#define NRRTYP      0x03
-#define NRRINT      0x00
-#define NRRORD      0x01
-#define NRRNAM      0x02
-#define NRROSF      0x03
-#define NRICHAIN    0x08
-#if (EXE386 == 0)
+^ Offset ^ Size ^ Name ^ Description ^
+| 00h | char | rs_len | ??? |
+| 01h | char | rs_string[1] | ??? |
-#define RS_LEN(x)       (x).rs_len
+^ Offset ^ Size ^ Name ^ Description ^
-#define RS_STRING(x)    (x).rs_string
+| 00h | WORD | rt_id | ??? |
-#define RS_ALIGN(x)     (x).rs_align
+| 02h | WORD | rt_nres | ??? |
+| 04h | DWORD | rt_proc | ??? |
-#define RT_ID(x)        (x).rt_id
+^ Offset ^ Size ^ Name ^ Description ^
-#define RT_NRES(x)      (x).rt_nres
+| 00h | WORD | rn_offset | ??? |
-#define RT_PROC(x)      (x).rt_proc
+| 02h | WORD | rn_length | ??? |
+| 04h | WORD | rn_flags | ??? |
+| 06h | WORD | rn_id | ??? |
+| 08h | WORD | rn_handle | ??? |
+| 0Ah | WORD | rn_usage | ??? |
-#define RN_OFFSET(x)    (x).rn_offset
+^ Offset ^ Size ^ Name ^ Description ^
-#define RN_LENGTH(x)    (x).rn_length
+| 00h | WORD | rs_align | ??? |
-#define RN_FLAGS(x)     (x).rn_flags
+| 02h | struct rsrc_typeinfo | rs_typeinfo | ??? |
-#define RN_ID(x)        (x).rn_id
-#define RN_HANDLE(x)    (x).rn_handle
-#define RN_USAGE(x)     (x).rn_usage
-#define RSORDID     0x8000
-#define RNMOVE      0x0010
-#define RNPURE      0x0020
-#define RNPRELOAD   0x0040
-#define RNDISCARD   0xF000
-#define NE_FFLAGS_LIBMODULE 0x8000
-struct rsrc_string {
-    char    rs_len;
-    char    rs_string[1];
-};
-struct rsrc_typeinfo {
-    WORD  rt_id;
-    WORD  rt_nres;
-    DWORD            rt_proc;
-};
-struct rsrc_nameinfo {
-    WORD  rn_offset;
-    WORD  rn_length;
-    WORD  rn_flags;
-    WORD  rn_id;
-    WORD  rn_handle;
-    WORD  rn_usage;
-};
-struct new_rsrc {
-    WORD          rs_align;
-    struct rsrc_typeinfo    rs_typeinfo;
-};
-#endif
-#pragma pack(pop)
-#ifdef __cplusplus
-} /* extern "C" */
-#endif
-#endif