C++内存查找实例

本文实例讲述了C++内存查找的方法，分享给大家供大家参考。具体如下：

windows程序设计中的内存查找功能，主程序代码如下：

// MemRepair.cpp : 定义控制台应用程序的入口点。  

//  

  

#include "stdafx.h"  

#include <Windows.h>  

  

BOOL FindFirst(DWORD dwValue);  

BOOL FindNext(DWORD dwValue);  

HANDLE g_hProcess;  

DWORD g_arList[1024];  

DWORD g_nListCnt;  

  

BOOL CompareAPage(DWORD dwBaseAddr, DWORD dwValue)  

{  

    //读取一页内存  

    BYTE arBytes[4096];  

    BOOL bRead = ::ReadProcessMemory(g_hProcess, (LPVOID)dwBaseAddr, arBytes, 4096,NULL);  

    if (bRead == FALSE)  

    {  

        return FALSE;  

    }  

    DWORD *pdw;  

    for (int i=0;i<4096-4;i++)  

    {  

          

        pdw = (DWORD*)&arBytes[i];   

        if (pdw[0] == dwValue)  

        {  

            g_arList[g_nListCnt++] = dwBaseAddr+i;  

        }  

        /*出错，应该将地址先转换成DWORD*,即指向DWORD的地址，然后再取[0] 

        if ((DWORD)&arBytes[i] == dwValue) 

        { 

            g_arList[g_nListCnt++] = dwBaseAddr+i; 

        } 

        */  

    }  

    if (g_nListCnt > 1024)  

    {  

        printf("the position is large than 1024..");  

        return FALSE;  

    }  

    return TRUE;  

}  

  

BOOL FindFirst(DWORD dwValue)  

{  

    const DWORD dwOneGB = 1 * 1024 *1024 *1024; // 1GB  

    const DWORD dwOnePage = 4* 1024; // 4K  

    DWORD dwBase;  

    OSVERSIONINFO versionInfo={0};  

    versionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);  

  

    ::GetVersionEx(&versionInfo);  

    if (versionInfo.dwPlatformId ==  VER_PLATFORM_WIN32_WINDOWS ) //win98  

    {  

        dwBase = 4 * 1024 *1024; // 4MB  

    }  

    else  

    {  

        dwBase = 64 * 1024; // 64KB  

    }  

    //从开始地址到2GB的空间查找  

    for (;dwBase<2*dwOneGB;dwBase+=dwOnePage)  

    {  

        CompareAPage(dwBase,dwValue);  

    }  

    return TRUE;  

}  

  

BOOL FindNext(DWORD dwValue)  

{  

    DWORD dwOriCnt = g_nListCnt;  

    DWORD dwReadValue;  

    BOOL bRet = FALSE;  

  

    g_nListCnt = 0;  

    for (int i=0;i<dwOriCnt;i++)  

    {  

        if (::ReadProcessMemory(g_hProcess,(LPVOID)g_arList[i],&dwReadValue,sizeof(DWORD),0))  

        {  

            if (dwReadValue == dwValue)  

            {  

                g_arList[g_nListCnt++] = g_arList[i];  

                bRet = TRUE;              

            }  

        }  

    }  

    return bRet;  

}  

  

void ShowList()  

{  

    for (int i=0;i<g_nListCnt;i++)  

    {  

        printf("%08lX\n", g_arList[i]);  

    }  

}  

BOOL WriteMemory(DWORD dwAddr, DWORD dwValue)  

{  

    //出错的情况：写入的是&dwValue，而不是（LPVOID）dwValue  

    return WriteProcessMemory(g_hProcess,(LPVOID)dwAddr,&dwValue,sizeof(DWORD),NULL);  

}  

int _tmain(int argc, _TCHAR* argv[])  

{  

    g_nListCnt = 0;  

    memset(g_arList,0,sizeof(g_arList));  

  

    char szCommandLine[]="c:\\testor.exe";  

    STARTUPINFO si={sizeof(STARTUPINFO)};  

    si.dwFlags = STARTF_USESHOWWINDOW;  

    si.wShowWindow = TRUE;  

  

    PROCESS_INFORMATION pi;  

    BOOL bRet = CreateProcess(NULL, szCommandLine,NULL,NULL,FALSE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&pi);  

    if (bRet == FALSE)  

    {  

        printf("createProcess failed...");  

        return -1;  

    }  

    ::CloseHandle(pi.hThread);  

    g_hProcess = pi.hProcess;  

    //输入修改值  

    int iVal;  

    printf("Input iVal=");  

    scanf("%d", &iVal);  

    //进行第一次查找  

    FindFirst(iVal);  

    //打印结果  

    ShowList();  

  

    //再次查找  

    while (g_nListCnt > 1)  

    {  

        printf("input iVal:\n");  

        scanf("%d",&iVal);  

        FindNext(iVal);  

        ShowList();  

    }  

  

    //修改值  

    printf("input new value:\n");  

    scanf("%d",&iVal);  

    if (WriteMemory(g_arList[0],iVal))  

    {  

        printf("write suc...");  

    }  

      

    ::CloseHandle(g_hProcess);  

    return 0;  

}

测试用的程序代码如下：

#include "stdafx.h"  

#include <stdio.h>  

  

int g_nNum = 1003;  

int _tmain(int argc, _TCHAR* argv[])  

{  

    int i = 200;  

    while(1)  

    {  

        printf("i=%d,&i=%08lX...g_nNum=%d,&g_nNum=%08lX\n\n",i--,&i,--g_nNum,&g_nNum);  

        getchar();  

    }  

      

    return 0;  

}

希望本文所述对大家的C++程序设计有所帮助。

基础教程