Linear Executable

The Linear Executable (LE) format is a file format for executables, object code, and DLLs designed for 32-bit protected mode operating systems. Originally used by the OS/2 operating system and adopted by various DOS extenders, it also served as the file format for Virtual Device Drivers (VxD) in early versions of Windows, including Windows 3.x and the Windows 9x series.^[1] The malleability of LE files attracted interest in using them for steganography.^[2]

History

The LE format was first introduced in the early 1990s during a period of transition from 16-bit to 32-bit computing. It was developed as an extension of the older New Executable (NE) format, which was used for 16-bit applications. Limitations in memory management and addressing led to the development of LE as a 32-bit replacement. LE expanded on NE's functionality by allowing the system to operate in protected mode.

An extended version of the format, called LX, was developed specifically for OS/2 Warp and supported further extensions over the LE format.

Structure

Files in the LE format begin with an MZ header (the standard DOS executable header) for backward compatibility with DOS systems. Within the MZ header, at offset 0x3C, there is a 32-bit value referred to as the e_lfanewfield, which contains a pointer to the extended header (the LE header). The LE header starts with the ASCII characters LE (or LX in OS/2 Warp). In Linear Executables, file offsets and structures are typically defined relative to the start of the LE header or as absolute offsets within the file.^[3]

Usage

OS/2: IBM's OS/2 operating system used the LE format for its executables and DLLs in its 32-bit variants.
DOS Extenders: The format was popular among DOS extenders, such as DOS/4GW, which allowed DOS applications to operate in protected mode, bypassing the limitations of real-mode memory constraints.
Windows VxD Drivers: Windows 3.x and the Windows 9x series used the LE format for Virtual Device Drivers (VxD).

References

^ Sklyarov, Dmitry (2004). Hidden Keys to Software Break-Ins and Unauthorized. A-LIST. p. 125. ISBN 9781931769303.
^ Zaidan et al. 2009.
^ "IBM OS/2 Warp 4 Toolkit Documents 2". IBM.

Sources

Davis, P.; Wallace, M. (1997). "LE File Format". Windows Undocumented File Formats. File Secrets Revealed. Taylor & Francis. pp. 251–274. ISBN 978-0-87930-437-9. Retrieved 2024-12-17.
Zaidan, A.A.; Othman, Fazidah; Zaidan, B.B.; Raji, R.Z.; Hasan, Ahmed.K.; Naji, A.W. (2009). "Securing Cover-File Without Limitation of Hidden Data Size Using Computation Between Cryptography and Steganography" (PDF). Proceedings of the World Congress on Engineering. Vol. 1. London, U.K. ISBN 978-988-17012-5-1.{{cite book}}: CS1 maint: location missing publisher (link)

This software article is a stub. You can help Wikipedia by expanding it.

[1] Sklyarov, Dmitry (2004). Hidden Keys to Software Break-Ins and Unauthorized. A-LIST. p. 125. ISBN 9781931769303.

[FOOTNOTEZaidanOthmanZaidanRaji2009-2] Zaidan et al. 2009.

[3] "IBM OS/2 Warp 4 Toolkit Documents 2". IBM.

[1]

[2]

[3]