堆栈内存溢出
  简体   繁体   English

地址的奇怪错误

[英]Weird bug with addresses

 原文  2020-07-05 20:47:43       c++/ c/ windows

问题描述

I have a couple problems to solve, please help!我有几个问题要解决,请帮忙!

My first problem was expression must be a pointer to a complete object type but I have solved that by adding & before variable, do I did it right?我的第一个问题是表达式必须是指向完整 object 类型的指针,但我已经通过在变量之前添加&解决了这个问题,我做对了吗?

Fragment of a code below.下面的代码片段。


    LPVOID dll;
    PIMAGE_DOS_HEADER dos;
    dll = LoadLibraryA(a[1]);
    dos = (PIMAGE_DOS_HEADER)dll;
    nt = (PIMAGE_NT_HEADERS)(&dll+dos->e_lfanew);

Next problem is that my program is outputting always different, why?下一个问题是我的程序输出总是不同的,为什么? My program should show me all addresses and name of functions, code below.我的程序应该向我显示所有地址和函数名称,代码如下。

#include<stdio.h>
#include<windows.h>
#include<winternl.h>


int main(int i, char* a[]) {
    LPVOID dll, faddr;
    PIMAGE_DOS_HEADER dos;
    PIMAGE_NT_HEADERS nt;
    PIMAGE_EXPORT_DIRECTORY exp;

    PWORD f_addr_list, f_name_list;
    PWORD f_ord_list;
    DWORD rva;
    LPSTR fname;


    if (i != 2) {
        printf("error");
        return 0;
    }

    dll = LoadLibraryA(a[1]);
    if (dll == NULL) {
        printf("failed to load");
        return 0;
    }

    dos = (PIMAGE_DOS_HEADER)dll;
    nt = (PIMAGE_NT_HEADERS)(dll+dos->e_lfanew);
    exp = (PIMAGE_EXPORT_DIRECTORY)(&dll + nt->OptionalHeader.DataDirectory[0].VirtualAddress);

    f_addr_list = (PDWORD)(&dll + exp->AddressOfFunctions);
    f_name_list = (PDWORD)(&dll + exp->AddressOfNames);
    f_ord_list = (PWORD)(&dll + exp->AddressOfNameOrdinals);
    
    printf("Total function names: %ld\nTotal Function: %ld\n", exp->NumberOfNames, exp->NumberOfFunctions);
    printf("Address\t\t\t\t\Function Name\n");
    printf("-------\t\t\t\t\t----------\n");

    for (i = 0; i < exp->NumberOfNames; i++)
    {
        fname = (LPSTR)dll + f_name_list[i];
        rva = f_ord_list[i];
        faddr = &dll + f_addr_list[rva];
        printf("%p\t\t\t\t%s\n", faddr, fname);


    }

    FreeLibrary(dll);
    return 0;

}

Example outputs:示例输出:

C:\Users\user\Project2\Debug>Project2.exe user32.dll
Total function names: 2
Total Function: 11914128
Address                         Function Name
-------                                 ----------

C:\Users\user\Project2\Debug>Project2.exe user32.dll
Total function names: 2
Total Function: 11914128
Address                         Function Name
-------                                 ----------

C:\Users\user\Project2\Debug>Project2.exe user32.dll
Total function names: 22826784
Total Function: 2
Address                         Function Name
-------                                 ----------

What's wrong in there?里面有什么问题?

1 个解决方案

解决方案1
 2  2020-07-05 22:14:42

Under WIN OS the module handle is the base address of library as loaded in memory.在 WIN OS 下,模块句柄是 memory 中加载的库的基地址

Adding the & before the address don't solve the problem , but creates a bigger one adding an indirection that leads to memory violation (now you're using the address of the variable dll as module base address).在地址之前添加&并不能解决问题,但会创建一个更大的地址,添加一个间接导致 memory 违规(现在您使用变量dll的地址作为模块基地址)。

You can't do math on void pointers, because a void haven't a size preventing the correct displacement calculation.您不能对 void 指针进行数学运算,因为void没有阻止正确位移计算的大小。 Make your base pointer a BYTE pointer instead giving a base size of 1.使您的基指针成为BYTE指针,而不是将基大小设为 1。

The working code for what you were trying to do is:您尝试做的工作代码是:

#include<stdio.h>
#include<windows.h>
#include<winternl.h>

int main(int i, char *a[])
{
    LPVOID faddr;
    BYTE *dll;
    PIMAGE_DOS_HEADER dos;
    PIMAGE_NT_HEADERS nt;
    PIMAGE_EXPORT_DIRECTORY exp;

    PDWORD f_addr_list, f_name_list;
    PWORD f_ord_list;
    DWORD rva;
    LPSTR fname;

    if (i != 2)
    {
        printf("error\n");
        return 0;
    }

    dll = (BYTE *)LoadLibraryA(a[1]);
    if (dll == NULL)
    {
        printf("failed to load\n");
        return 0;
    }

    dos = (PIMAGE_DOS_HEADER)dll;
    nt  = (PIMAGE_NT_HEADERS) (dll + dos->e_lfanew);
    exp = (PIMAGE_EXPORT_DIRECTORY) (dll + nt->OptionalHeader.DataDirectory[0].VirtualAddress);

    f_addr_list = (PDWORD) (dll + exp->AddressOfFunctions);
    f_name_list = (PDWORD) (dll + exp->AddressOfNames);
    f_ord_list  = (PWORD) (dll + exp->AddressOfNameOrdinals);

    printf("Total function names: %ld\nTotal Function: %ld\n", exp->NumberOfNames, exp->NumberOfFunctions);
    printf("Address\t\t\t\tFunction Name\n");
    printf("-------\t\t\t\t\t----------\n");

    for (i = 0; i < exp->NumberOfNames; i++)
    {
        fname = (LPSTR)(dll + f_name_list[i]);
        rva   = f_ord_list[i];
        faddr = dll + f_addr_list[rva];
        printf("%p\t\t\t\t%s\n", faddr, fname);
    }

    FreeLibrary((LPVOID)dll);
    return 0;

}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 openGL怪异的bug? - openGL weird bug? Qt应用程序中的奇怪错误 - Weird bug in Qt application mergesort中的奇怪错误 - Weird bug in mergesort SFML奇怪的射击错误 - SFML weird shooting bug C ++地址,奇怪的地址? - C++ Addresses, weird Address? Visual Studio 2012中的奇怪错误 - weird bug in visual studio 2012 奇怪的C ++浮动bug - Weird C++ float bug 制作邻接表,奇怪的错误? - Making adjacency list, weird bug? if语句中有浮点的怪异bug - Weird bug with floats in if-statement gcc 7.4.0 的奇怪 std::atof 错误 - Weird std::atof bug with gcc 7.4.0
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM