将struct参数传递给CreateThread（）而不接收char *变量

Question

I'm reflectively injecting a dll into another processes's memory, and I need to call CreateThread() obviously. I'm passing certain parameters to the dll that I'm injecting using my loader_data struct. I have certain variables I need to pass such as sizes of a chunk of memory, etc. These all get delivered to my injected dll successfully, however when passing a char* into my struct it ends up as empty to my injected dll in the reserved parameter of DllMain.

loader_data_t *parameter = new loader_data_t();
... initialize variables.

lpRemoteLibraryBuffer3 = VirtualAllocEx(proc, NULL, sizeof(loader_data_t), MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);

WriteProcessMemory(proc, lpRemoteLibraryBuffer3, parameter, sizeof(loader_data_t), NULL);

That's how I'm allocating space for the parameter.

typedef struct loader_data_t {
    char *chunk;
    int chunk_size;
    ULONG_PTR reloc_address;
};

And that is the struct that I'm passing. I'm definitely initializing it correctly, I've checked to make sure that everything is getting set correctly. However, when it gets passed to the reserved parameter in DllMain, all other variables are correct except the char* chunk variable. I'm really confused, excuse the possibly vague title.

Answer 1

Assuming you set 'chunk' in the initialize data code then the pointer in the remote address space will be referencing the address in the local process.

The easy way to get around this would be to make chunk an array (probably the last member of the struct) and allocate a block large enough to hold chunk's data.

More complicated would be to allocate a second block in the remote process for chunk's data, copy the data to that block write that address to the local instance's chunk member and only then write the local struct to the remote process.