Can anybody can describe the header 16 bit dos program header (.exe) 
Author Message
 Can anybody can describe the header 16 bit dos program header (.exe)

Hi!!!

I am very curious tu know how is made the header of a 16 bit dos program
(.exe). I found many tutorial on it over internet, but no one describe
wxactely what each section mean. What is relacotion table, what is his
utility, where start the data segment, etc.

Here is a short description, can anybody explain me and to the others what
each section mean exactely??
(sorry for my bad english...;) )

          .EXE - DOS EXE File Structure

      Offset Size      Description

        00   word  "MZ" - Link file .EXE signature (Mark Zbikowski?)
        02   word  length of image mod 512
        04   word  size of file in 512 byte pages
        06   word  number of relocation items following header
        08   word  size of header in 16 byte paragraphs, used to locate
              the beginning of the load module
        0A   word  min # of paragraphs needed to run program
        0C   word  max # of paragraphs the program would like
        0E   word  offset in load module of stack segment (in paras)
        10   word  initial SP value to be loaded
        12   word  negative checksum of pgm used while by EXEC loads pgm
        14   word  program entry point, (initial IP value)
        16   word  offset in load module of the code segment (in paras)
        18   word  offset in .EXE file of first relocation item
        1A   word  overlay number (0 for root program)

Thanks, Nemo :)



Mon, 26 Jan 2004 05:48:49 GMT  
 Can anybody can describe the header 16 bit dos program header (.exe)
On Wed, 8 Aug 2001 21:48:49 +0000 (UTC), "Nemo."

Quote:

>I am very curious tu know how is made the header of a 16 bit dos program
>(.exe). I found many tutorial on it over internet, but no one describe
>wxactely what each section mean. What is relacotion table, what is his
>utility, where start the data segment, etc.

I wrote this some time ago.  I believe it remains accurate, though I'd
more than welcome any and all criticism of it:

The .EXE file was introduced in DOS version 2 to acknowledge the fact
that programs were becoming larger.  A special header is included at
the beginning of the file to provide some additional information that
DOS can use, when loading the program into memory.  Providing this
extra information, instead of relying on a fixed set of assumptions,
allows programs to have program code much larger than 64k-byte, while
still allowing DOS to load the program into different parts of the
computer's RAM.  This is partly because some of the Intel instructions
require a segment value and the segment isn't known either at compile
or at link time.  It is only known when DOS loads the program, at run
time.

The first 28 bytes of every EXE-formated program is the header.  The
size of the header is stored in the header as the number of 16-byte
paragraphs, so the logical size must at least be 32 bytes.  I believe
that the extra 4 bytes (at minimum) reserved to the header can be used
as part of the relocation table, if desired.  It can also be used for
other things.

Each entry in the header is a 2-byte, 16-bit word value.

EXE Header Signature -- exeSignature

This value is set to the two initials of an MS-DOS developer, 'MZ'.
This word value is 0x5A4D, since this is a little-endian machine.
This is just a "magic" value that is placed at the beginning of every
.EXE file.  If the file isn't identified with these two bytes, then it
probably isn't an .EXE file and DOS will not load it as such
(hopefully.)

Last Page Byte Count -- exeExtraBytes

Each disk block or "page" of the EXE file has a fixed size, considered
to be 512 bytes for legacy reasons.  EXE programs do not, however,
exactly begin and end precisely on such boundaries.  They might be 100
bytes or 10,000 bytes.  But rarely do they work out to occupy an exact
number of 512-byte disk "pages."   This value specifies how many bytes
in the last page are valid, if the value is other than zero.  If zero,
then the entire last page is considered valid.

Page Count of EXE -- exePages

This specifies how many blocks or pages are used by the entire EXE
program.  This value includes the size of the header, itself.  This
should be equal to: FLOOR( (exeFileSize+511) / 512 ).

Pointer Count in Relocation Table -- exeRelocItems

This is number of entries in the relocation table, provided elsewhere
in the EXE file.

Header Size -- exeHeaderSize

This value is the size, in paragraphs (16-byte "chunks"), of the EXE
header.  Though the fixed size part of the header is 28 bytes, this
value allows the EXE file to include other information after the
28-byte header, but before the beginning of the program, itself.  For
example, the relocation entries may be located directly after the
28-byte header.

Minimum Memory Allocation -- exeMinAlloc

This is the minimum number of memory paragraphs, beyond the amount
required to actually load the program.  Often, this value is 0. DOS
will not load the program if there isn't enough memory available for
both the actual program size plus this additional amount beyond that
actual value.

Maximum Memory Allocation -- exeMaxAlloc

This is the maximum number of memory paragraphs to allocate for the
program.  DOS will allocate this much, if available, falling back to
the minimum allocation, if less is available.  This value helps
accommodate stack and heap memory space desired by the program.

Initial SS Value -- exeInitSS

This is the initial value of the SS segment register.  The DOS loader
will adjust this value by the base segment value of the memory
allocated to run the program.

Initial SP Value -- exeInitSP

This is the initial value of the SP stack pointer.  This value isn't
changed by the DOS loader.

Checksum -- exeChecksum

This may have originally been intended to provide DOS with a further
check on the validity of a program, before trying to run it.  It
doesn't appear to be implemented, though.  I think any value may be
placed here, including zero.

Initial IP Value -- exeInitIP

This is the initial value of the IP register.  Basically, this sets
the starting point for an EXE program. This value isn't changed by the
DOS loader.

Initial CS Value -- exeInitCS

This is the initial value of the CS segment register.  The DOS loader
will adjust this value by the base segment value of the memory
allocated to run the program.

Relocation Table Offset -- exeRelocTable

This is the byte position, within the EXE file, of the relocation
table.  Set this to the address just at the end of the 28-byte header,
usually, even if the relocation table is empty.

Overlay Number -- exeOverlay

This is usually 0, for resident programs.  This value isn't always
included in descriptions of EXE header structures and isn't used by
the DOS program loader, I believe.

Jon



Mon, 26 Jan 2004 07:55:59 GMT  
 Can anybody can describe the header 16 bit dos program header (.exe)
On Wed, 8 Aug 2001 21:48:49 +0000 (UTC), "Nemo."

Quote:

>I am very curious tu know how is made the header of a 16 bit dos program
>(.exe). I found many tutorial on it over internet, but no one describe
>wxactely what each section mean. What is relacotion table, what is his
>utility, where start the data segment, etc.

I wrote this some time ago.  I believe it remains accurate, though I'd
more than welcome any and all criticism of it:

The .EXE file was introduced in DOS version 2 to acknowledge the fact
that programs were becoming larger.  A special header is included at
the beginning of the file to provide some additional information that
DOS can use, when loading the program into memory.  Providing this
extra information, instead of relying on a fixed set of assumptions,
allows programs to have program code much larger than 64k-byte, while
still allowing DOS to load the program into different parts of the
computer's RAM.  This is partly because some of the Intel instructions
require a segment value and the segment isn't known either at compile
or at link time.  It is only known when DOS loads the program, at run
time.

The first 28 bytes of every EXE-formated program is the header.  The
size of the header is stored in the header as the number of 16-byte
paragraphs, so the logical size must at least be 32 bytes.  I believe
that the extra 4 bytes (at minimum) reserved to the header can be used
as part of the relocation table, if desired.  It can also be used for
other things.

Each entry in the header is a 2-byte, 16-bit word value.

EXE Header Signature -- exeSignature

This value is set to the two initials of an MS-DOS developer, 'MZ'.
This word value is 0x5A4D, since this is a little-endian machine.
This is just a "magic" value that is placed at the beginning of every
.EXE file.  If the file isn't identified with these two bytes, then it
probably isn't an .EXE file and DOS will not load it as such
(hopefully.)

Last Page Byte Count -- exeExtraBytes

Each disk block or "page" of the EXE file has a fixed size, considered
to be 512 bytes for legacy reasons.  EXE programs do not, however,
exactly begin and end precisely on such boundaries.  They might be 100
bytes or 10,000 bytes.  But rarely do they work out to occupy an exact
number of 512-byte disk "pages."   This value specifies how many bytes
in the last page are valid, if the value is other than zero.  If zero,
then the entire last page is considered valid.

Page Count of EXE -- exePages

This specifies how many blocks or pages are used by the entire EXE
program.  This value includes the size of the header, itself.  This
should be equal to: FLOOR( (exeFileSize+511) / 512 ).

Pointer Count in Relocation Table -- exeRelocItems

This is number of entries in the relocation table, provided elsewhere
in the EXE file.

Header Size -- exeHeaderSize

This value is the size, in paragraphs (16-byte "chunks"), of the EXE
header.  Though the fixed size part of the header is 28 bytes, this
value allows the EXE file to include other information after the
28-byte header, but before the beginning of the program, itself.  For
example, the relocation entries may be located directly after the
28-byte header.

Minimum Memory Allocation -- exeMinAlloc

This is the minimum number of memory paragraphs, beyond the amount
required to actually load the program.  Often, this value is 0. DOS
will not load the program if there isn't enough memory available for
both the actual program size plus this additional amount beyond that
actual value.

Maximum Memory Allocation -- exeMaxAlloc

This is the maximum number of memory paragraphs to allocate for the
program.  DOS will allocate this much, if available, falling back to
the minimum allocation, if less is available.  This value helps
accommodate stack and heap memory space desired by the program.

Initial SS Value -- exeInitSS

This is the initial value of the SS segment register.  The DOS loader
will adjust this value by the base segment value of the memory
allocated to run the program.

Initial SP Value -- exeInitSP

This is the initial value of the SP stack pointer.  This value isn't
changed by the DOS loader.

Checksum -- exeChecksum

This may have originally been intended to provide DOS with a further
check on the validity of a program, before trying to run it.  It
doesn't appear to be implemented, though.  I think any value may be
placed here, including zero.

Initial IP Value -- exeInitIP

This is the initial value of the IP register.  Basically, this sets
the starting point for an EXE program. This value isn't changed by the
DOS loader.

Initial CS Value -- exeInitCS

This is the initial value of the CS segment register.  The DOS loader
will adjust this value by the base segment value of the memory
allocated to run the program.

Relocation Table Offset -- exeRelocTable

This is the byte position, within the EXE file, of the relocation
table.  Set this to the address just at the end of the 28-byte header,
usually, even if the relocation table is empty.

Overlay Number -- exeOverlay

This is usually 0, for resident programs.  This value isn't always
included in descriptions of EXE header structures and isn't used by
the DOS program loader, I believe.

Jon



Mon, 26 Jan 2004 07:56:08 GMT  
 Can anybody can describe the header 16 bit dos program header (.exe)
It's been a while; I'll give it a try :-]


Quote:
> Hi!!!

> I am very curious tu know how is made the header of a 16 bit dos program
> (.exe). I found many tutorial on it over internet, but no one describe
> wxactely what each section mean. What is relacotion table, what is his
> utility, where start the data segment, etc.

> Here is a short description, can anybody explain me and to the others what
> each section mean exactely??
> (sorry for my bad english...;) )

>           .EXE - DOS EXE File Structure

>       Offset Size      Description

>         00   word  "MZ" - Link file .EXE signature (Mark Zbikowski?)

Signifies to DOS that this is an EXE (a structured executable, as opposed to a
COM)

Quote:
>         02   word  length of image mod 512

If you took the file size and did a MOD 512 on it (in asm, a SHR by 9, or in
Java, n>>>9), the result is stored here.
Examples: 1029 byte file, 5 is stored here. 100 byte file, 100 is stored here.

Quote:
>         04   word  size of file in 512 byte pages

Equivalent to diving the file size by 512, and rouding up. This gives you the
number of 512 byte blocks needed to store the file. E.g., 1029 would result in 3
being stored here.

Quote:
>         06   word  number of relocation items following header

How many "relocations" stored in the relocation table (explained later)

Quote:
>         08   word  size of header in 16 byte paragraphs, used to locate
>               the beginning of the load module
>         0A   word  min # of paragraphs needed to run program

Minimum number of 16 byte blocks needed to run this program
Quote:
>         0C   word  max # of paragraphs the program would like
>         0E   word  offset in load module of stack segment (in paras)

SS is initialized to the segment the EXE is loaded in to (this follows the
header), and this value is added to it (it is more like the offset in paragraphs
into the image, similar to the data below at offset 0x16 used for CS).
Quote:
>         10   word  initial SP value to be loaded
>         12   word  negative checksum of pgm used while by EXEC loads pgm
>         14   word  program entry point, (initial IP value)
>         16   word  offset in load module of the code segment (in paras)
>         18   word  offset in .EXE file of first relocation item

Where the relocation table is in the header (usually in the header anyway... I
guess it could be outside the header too)
Quote:
>         1A   word  overlay number (0 for root program)

> Thanks, Nemo :)

Because an executable can be loaded into an unknown segment in memory, the OS
provides a way for the EXE to specify all the locations that the segment number
needs to be patched in. The relocation table is just a series of far ptrs
(segment:offset) to places in the executable that the OS _adds_ the value of the
base segment to. For example, supposed you have a segment called 'myseg' which,
relative to the start of your EXE, starts at offset 0x50 (segment 0x05). Then
later, you have some code that reads

mov ax, seg my_seg

The assembler would write B8 05 00 to the executable. If the code was located at
001A:0100 in your program, the relocation table would have a far pointer to
001A:0101 (to line up with the '05 00' part of the instruction). If the base
segment your program was loaded into happened to be 207C, the patched code after
the relocation table had been applied would be 'B8 81 20', which is 'mov AX,
2081h', which is the location of myseg.



Mon, 26 Jan 2004 08:00:21 GMT  
 Can anybody can describe the header 16 bit dos program header (.exe)

thus:

Quote:
>>         02   word  length of image mod 512
>If you took the file size and did a MOD 512 on it (in asm, a SHR by 9, or in
>Java, n>>>9), the result is stored here.

If the length of the image is X bytes, X SHR 9 gives the number of whole pages
used by the image (discarding the value that is stored in this field). X AND
512 gives the mod value that is in this field.

Quote:
>Examples: 1029 byte file, 5 is stored here. 100 byte file, 100 is stored here.

debs



Tue, 27 Jan 2004 02:56:20 GMT  
 Can anybody can describe the header 16 bit dos program header (.exe)
Oops, sorry about that. You're right, it's AND not SHR.
However, it's AND 0x1FF (511)


Quote:

> thus:

> >>         02   word  length of image mod 512
> >If you took the file size and did a MOD 512 on it (in asm, a SHR by 9, or in
> >Java, n>>>9), the result is stored here.

> If the length of the image is X bytes, X SHR 9 gives the number of whole pages
> used by the image (discarding the value that is stored in this field). X AND
> 512 gives the mod value that is in this field.

> >Examples: 1029 byte file, 5 is stored here. 100 byte file, 100 is stored
here.

> debs




Tue, 27 Jan 2004 20:56:02 GMT  
 
 [ 6 post ] 

 Relevant Pages 

1. MS-DOS Exe headers

2. Is TOPSCAN.EXE a 16 bit program?

3. Make 16 /32 Exe , calling TS 16-BIT DLL

4. Can I use 16 bit DLL and 32-bit exe together

5. EXE 32 bit and DLLs 16 bit ?

6. CA Cans VO ?

7. It's not bad canned meat...

8. It's not bad canned meat...

9. It's not bad canned meat...

10. Using CGI module with 'canned queries'

11. It's not bad canned meat...

12. Dynamically change report header and column header based on glo variable

 

 
Powered by phpBB® Forum Software