Have ideas to improve npm?Join in the discussion! »

    pe-signature

    1.0.0 • Public • Published

    pe-signature

    Test if buffer is a PE signature. As specified by Microsoft PE and COFF Specification 9.3 [doc], section 3.2:

    After the MS-DOS stub, at the file offset specified at offset 0x3c, is a 4-byte signature that identifies the file as a PE format image file. This signature is PE\0\0 (the letters "P" and "E" followed by two null bytes).

    npm status node Travis build status AppVeyor build status Dependency status

    usage

    const psig = require('pe-signature')
     
    const a = Buffer('PE\0\0')
    const b = Buffer('PE\0\0xxx')
    const c = Buffer('xxxPE\0\0')
     
    console.log(psig.is(a))    // true
    console.log(psig.is(b))    // false
    console.log(psig.has(b))   // true
    console.log(psig.is(c, 3)) // true

    related

    Use pe-signature-offset to get the position of the signature in a PE file:

    const open = require('fs-maybe-open')
        , getOffset = require('pe-signature-offset')
        , fs = require('fs')
        , len = psig.length
     
    function isPEFile (fdOrFile, done) {
      open(fdOrFile, 'r', function (err, fd, close) {
        if (err) return done(err)
     
        getOffset(fd, function (err, offset) {
          if (err) return close(done, err)
     
          fs.read(fd, Buffer(len), 0, len, offset, function (err, bytesRead, buf) {
            if (err) return close(done, err)
     
            close(done, null, psig.is(buf))
          })
        })
      })
    }
     
    isPEFile('chrome.exe', function (err, is) {
      if (err) throw err
      console.log(is) // true
    })

    install

    With npm do:

    npm install pe-signature
    

    license

    MIT © Vincent Weevers

    Install

    npm i pe-signature

    DownloadsWeekly Downloads

    68

    Version

    1.0.0

    License

    MIT

    Last publish

    Collaborators

    • avatar