java判断是否是exe文件

	public static int myReadFileInt(int off,RandomAccessFile raf){
		int ret=0;
		try {
			for(int i=0;i<4;i++){
				raf.seek(off+i);
				int tmp = raf.readUnsignedByte()<<(i*8);
				ret+=tmp;
			}
			
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}	
		return ret;
	}
	public static int myReadFileShort(int off,RandomAccessFile raf){
		int ret=0;
		try {
			for(int i=0;i<2;i++){
				raf.seek(off+i);
				int tmp = raf.readUnsignedByte()<<(i*8);
				ret+=tmp;
			}
			
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}	
		return ret;
	}
	
	public static boolean fileIsExe(String fpath){
		boolean bret = false;
		try {
			RandomAccessFile raf = new RandomAccessFile(fpath,"r");
			int offDosHeader=0;
			int offCommon=0;
			int offFileHeader=0;
			int offOptHeader=0;
			raf.seek(offDosHeader);
			byte[] mz = new byte[2];
			raf.read(mz, 0, 2);
			if((char)mz[0]!='M' && (char)mz[1]!='Z'){
				raf.close();	//非PE
				return false;
			}
			offCommon = myReadFileInt(60, raf);
			offFileHeader = offCommon+4;
			offOptHeader = offCommon+24;
			int pe = myReadFileInt(offCommon, raf);
			if(pe!=0x00004550){
				raf.close();	//非PE
				return false;
			}
			int Characteristics = myReadFileShort(offFileHeader+18, raf);
			if((Characteristics & 0x0002)==0){
				raf.close();	//非PE
				return false;
			}
			int Machine = myReadFileShort(offFileHeader, raf);
			if(Machine!=0x14c){
				raf.close();	//64位
				return false;
			}
			int Subsystem = myReadFileShort(offOptHeader+68, raf);
			if(Subsystem==1){
				raf.close();	//sys文件
				return false;
			}
			int MajorSubsystemVersion = myReadFileShort(offOptHeader+48, raf);
			int MinorSubsystemVersion = myReadFileShort(offOptHeader+50, raf);
			if(MajorSubsystemVersion > 5 || (MajorSubsystemVersion == 5 && MinorSubsystemVersion > 1)){
				raf.close();	//子系统版本过高
				return false;
			}
			if(Subsystem==2 || Subsystem == 3){
				if((Characteristics&0x2000)>1){
					raf.close();		//dll
					return false;
				} else {
					//exe
					bret = true;
				}
			}


			raf.close();
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
			return false;
		}
		return bret;
	}
	
	public static int bytestoint(byte[] b,int off,int cnt){
		int ret=0;
		for(int i=0;i<cnt;i++){
			ret += (b[off+i]&0xff)<<(i*8);
		}
		return ret;
	}
	
	public static boolean fileIsExe(InputStream ism){
		
		try {
			byte[] dosheader = new byte[64];
			ism.read(dosheader,0,64);
			if(bytestoint(dosheader,0,2) != 0x5a4d){
				return false;	//不是MZ头
			}
				
			int offcomheader = bytestoint(dosheader,60,4);
			byte[] tmp = new byte[offcomheader-64+24+70];
			ism.read(tmp,0,offcomheader-64+24+70);
			offcomheader = offcomheader-64;
			int offfileheader = offcomheader+4;
			int offoptheader = offcomheader+24;
			if(bytestoint(tmp,offcomheader,4) != 0x00004550){
				return false;	//签名不是PE
			}
			int Characteristics = bytestoint(tmp,offfileheader+18,2);
			if((Characteristics&0x0002)==0){
				return false;	//非PE
			}
			if(bytestoint(tmp,offfileheader,2) != 0x014C){
				return false;	//64位
			}
			int Subsystem = bytestoint(tmp,offoptheader+68,2);
			if(Subsystem == 1){
				return false;	//sys驱动
			}
			int MajorSubsystemVersion = bytestoint(tmp,offoptheader+48,2);
			int MinorSubsystemVersion = bytestoint(tmp,offoptheader+50,2);
			if(MajorSubsystemVersion > 5 || (MajorSubsystemVersion == 5 && MinorSubsystemVersion > 1)){
				//子系统版本过高
				return false;
			}
			if(Subsystem==2 || Subsystem == 3){
				if((Characteristics&0x2000)>1){
					//是dll
					return false;
				} else {
					//exe
					return true;
				}
			}
			
		} catch (IOException e) {
			log.error("fileIsExe is error :"+e.getMessage());
		}
		
		return false;
	}

 

你可能感兴趣的:(java)