PELib understanding problem. Visitor classes.

Posted on 2007-04-03
Last Modified: 2008-02-01

im trying to use "PELib" ( in one of my C++ projects but have a problem with understanding some parts of the code. I was working with the FileDump3 example and it includes the following lines of code:

      DumpPeHeaderVisitor v1;

What is this visitor used for, why do i need it? Can someone explain that to me? I think there is a visitor base class that is extended in DumpPeHeaderVisitor but i dont understand what the whole purpose of this visitor is.

Question by:b3n_
  • 3
  • 3
LVL 53

Expert Comment

ID: 18848807
Check out the FileDump example on their site :

What the program does is dump the contents of a PeFile.

A PeFile has the visit() method which has to be passed a PeFileVisitor object :

This class has 2 virtual callback methods (one for 32bit and one for 64bit). So, you have to derive a class from PeFileVisitor, and implement those callback methods. In this example, they derived DumpPeHeaderVisitor like this :

        class DumpPeHeaderVisitor : public PeLib::PeFileVisitor
            virtual void callback(PeLib::PeFile32 &file) {dumpPeHeader<32>(file);}
            virtual void callback(PeLib::PeFile64 &file) {dumpPeHeader<64>(file);}

with :

        template<int bits>
        void dumpPeHeader(PeLib::PeFile& pef)
            // <SNIP>

So, the implementation of the callback methods dump the contents of the header in the PeFile.

So : the visitor is needed to specify what and how you want to use the PeFile.

Does that explain it for you ?

Author Comment

ID: 18849267
Thanks for your explanation, its getting clearer now. But what exactly does a(this) callback do and why are templates used for those methods? Is there a difference between the 32 and 64 bit file?
LVL 53

Expert Comment

ID: 18849403
>> But what exactly does a(this) callback do

In this case, you tell what you want to do in the callback() function, then you pass that function to the PeFile object, which will execute that callback function on the file. So, you're not directly working on the file, but you're providing the code to do what you want with the file. That's why they named it a callback, because it indirectly does what you want to do.
Compare it to someone that wants something done, but he can't do it himself. So, he describes what he wants to do on a piece of paper, and passes that piece of paper to another person. This other person will then do whatever is on that paper.

>> and why are templates used for those methods?

The dumpPeHeader() function uses a template to avoid having to write the same code for the 32bit and 64bit versions. This way, the same function is used for both the 32bit and 64bit versions, and the choice is made by choosing the correct templated value.

>> Is there a difference between the 32 and 64 bit file?

I assume so, otherwise they wouldn't have made the distinction in their PeFile class ...
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.


Author Comment

ID: 18849465
That makes sense, so by looking at the code:
      DumpPeHeaderVisitor v1;
      DumpImpDirVisitor v2;
      DumpTlsDirVisitor v3;

The methods that use a visitor have a different output depending on the filetype (either 32 or 64 bit) and the ones without a visitor callback have the same output on both kind of files? Thats how i understand the code now...
LVL 53

Accepted Solution

Infinity08 earned 125 total points
ID: 18849649
>> The methods that use a visitor have a different output depending on the filetype (either 32 or 64 bit)

Yes. But they also have different output depending on how you implemented those callback methods.

Notice that in the example code, three different visitor classes are used :

    DumpPeHeaderVisitor : to dump the header
    DumpImpDirVisitor : to dump the import directory
    DumpTlsDirVisitor : to dump the TLS directory

Depending on which of these three is passed to the visit() method, the output will be different.
On top of that : for each of these three visitor classes, two separate callback methods are defined - one that will be used if the file is 32bits, and the other if the file is 64bits.

>> and the ones without a visitor callback have the same output on both kind of files?

I assume you mean function calls like this :


These functions operate directly on the file without passing through the visit() method. So, indeed, no distinction is made for 32bit or 64bit files, unless the function does so explicitly.

Author Comment

ID: 18850172
thank you very much for the explanation.

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
Many modern programming languages support the concept of a property -- a class member that combines characteristics of both a data member and a method.  These are sometimes called "smart fields" because you can add logic that is applied automaticall…
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question