问题描述
我需要使用VirtualAlloc / VirtualAllocEx?
For what do I need to use VirtualAlloc/VirtualAllocEx?
例如,我发现一个案例 - 如果我分配了4 GB的虚拟内存,不使用所有这些,那么我不使用物理内存,如果我调整数组大小,我不需要做新的分配和复制旧数据到新数组。
An example, one case that I found - if I allocated 4 GB of virtual memory, then if I do not use all of them, then I do not spend physical memory, and if I resize my array, I do not need to do new allocating and copying old data to new array.
struct T_custom_allocator; // which using VirtualAllocEx()
std::vector<int, T_custom_allocator> vec;
vec.reserve(4*1024*1024*1024); // allocated virtual memory (physical memory is not used)
vec.resize(16384); // allocated 16KB of physical memory
// ...
vec.resize(32768); // allocated 32KB of physical memory
// (no need to copy of first 16 KB of data)
$ b b
如果我使用标准分配器,我在调整大小时需要复制数据:
std::vector<int> vec;
vec.resize(16384); // allocated 16KB of physical memory
// ...
vec.resize(32768); // allocated 32KB of physical memory
// and need to copy of first 16 KB of data
或使用standatd分配器,我必须花费4GB 的物理内存:
Or with standatd allocator, I must spend 4GB of physical memory:
std::vector<int> vec;
vec.reserve(4*1024*1024*1024); // allocated 4GB of physical memory
vec.resize(16384); // no need to do, except changing a local variable of size
// ...
vec.resize(32768); // no need to do, except changing a local variable of size
但是,为什么这比realloc()?
But, why this is better than realloc()?http://www.cplusplus.com/reference/cstdlib/realloc/
有没有其他情况下使用VirtualAlloc [Ex]并带来好处?
And are there any else cases to use VirtualAlloc[Ex] with benefits?
推荐答案
尚未提及的 VirtualAllocEx
的另一个用途是在另一进程的地址空间中分配内存。注意,第一个参数是进程的句柄 - 该函数在该进程的虚拟地址空间内分配内存。
Another use for VirtualAllocEx
which hasn't been mentioned yet, is to allocate memory in another process' address space. Note that the first parameter is the handle to a process - the function allocates the memory within the virtual address space of that process.
我在注入代码时使用过通过在目标进程中强制执行 LoadLibrary
调用,进入另一个进程。基本步骤如下:
I've used this before when injecting code into another process, by forcing a LoadLibrary
call in the target process. The basic steps are as follows:
- 获取目标进程的进程ID(例如使用
GetWindowThreadProcessId
)。 - 使用
OpenProcess
获取具有相应权限的进程的句柄。 b $ b - 在
VirtualAllocEx
中分配一些内存。 - 将DLL的名称复制到
WriteProcessMemory
。 - 使用<$ c $获取
LoadLibrary
c> GetProcAddress 。 - 调用
CreateRemoteThread
启动LoadLibrary
在目标进程中调用,线程参数是您分配给VirtualAllocEx
(包含DLL的名称)的内存。
- Get the process id of the target process (e.g. with something like
GetWindowThreadProcessId
). - Get a handle to the process with the appropriate permissions using
OpenProcess
. - Allocate some memory in that process with
VirtualAllocEx
. - Copy the name of your DLL into that memory with
WriteProcessMemory
. - Get the address of the
LoadLibrary
function usingGetProcAddress
. - Call
CreateRemoteThread
to start theLoadLibrary
call in the target process, with the thread parameter being the memory you've allocated withVirtualAllocEx
(containing the name of the DLL).
不是你需要知道这一切,但我认为这是一个有趣的用例。
Not that you needed to know all of that, but I though it was an interesting use case.
这篇关于我需要使用VirtualAlloc / VirtualAllocEx?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!