我将以下四行代码编译成一个名为foo.exe的文件,希望全局变量“i”(即9)的值进入foo.exe的数据部分
int i = 9;
int main()
{
}
然后我使用下面的代码来确定它是否真的在foo.exe的.data部分,但是没有找到任何东西。有人能告诉我出了什么问题吗??
#include<iostream>
#include<Windows.h>
#include<stdio.h>
#include<WinNT.h>
int main()
{
HANDLE hFile;
HANDLE hFileMapping;
LPVOID lpFileBase;
PIMAGE_DOS_HEADER dosHeader;
hFile = CreateFile(TEXT("foo.exe"), GENERIC_READ, FILE_SHARE_READ, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
if ( hFile == INVALID_HANDLE_VALUE )
{
printf("Couldn't open file with CreateFile()\n");
return 0;
}
hFileMapping = CreateFileMapping(hFile, NULL, PAGE_READONLY, 0, 0, NULL);
if ( hFileMapping == 0 )
{
CloseHandle(hFile);
printf("Couldn't open file mapping with CreateFileMapping()\n");
return 0;
}
lpFileBase = MapViewOfFile(hFileMapping, FILE_MAP_READ, 0, 0, 0);
if ( lpFileBase == 0 )
{
CloseHandle(hFileMapping);
CloseHandle(hFile);
printf("Couldn't map view of file with MapViewOfFile()\n");
return 0;
}
PIMAGE_DOS_HEADER pimdh;
pimdh = (PIMAGE_DOS_HEADER)lpFileBase;
PIMAGE_NT_HEADERS pimnth;
pimnth = (PIMAGE_NT_HEADERS)((char *)lpFileBase + pimdh->e_lfanew);
PIMAGE_SECTION_HEADER pimsh;
pimsh = (PIMAGE_SECTION_HEADER)(pimnth + 1);
PIMAGE_IMPORT_DESCRIPTOR pimid;
long delta;
for(int i = 0; i<pimnth->FileHeader.NumberOfSections;i++)
{
if(!strcmp((char *)pimsh->Name,".data"))
{
DWORD base = (DWORD)lpFileBase;
for(DWORD start = pimsh ->PointerToRawData; start <= (pimsh->PointerToRawData + pimsh->SizeOfRawData); start++)
{
if(*((int *)(start + base)) == 9)
{
printf("found");
break;
}
}
}
pimsh++;
}
}
最佳答案
编译器(链接器)没有将您的变量放入图像文件中,因为该变量甚至没有在代码中使用!