|
and on this site is no source?
|
|
|
|
|
I don't know of any which of course does not mean they don't exist. Again, i can say, try searching with keywords like "file manager windows" or such around the forums and articles here. Many times google also has links to CodeProject with useful stuff. I hope you will find what you are looking for.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
There is plenty, but you have to find it yourself.
|
|
|
|
|
What have you tried? Search in google and code project yourself. No-one will do homework for you.
|
|
|
|
|
Hi guys(and girls ),
i want to copy the data of a function, with the whole data, i mean, the whole function and execute it on the target memory. How do i realize it?
Is there a possibility to determine when the function ends? Is it possible to copy the function into the heap and execute it there ? Or has it have to be the Stack ?
I tried to look into it with a Debugger and so on, but couldnt get any information regarding the matter.
thanks in advance for every answer =)
btw. i use C (gcc)
|
|
|
|
|
Are you working on windows?
[EDIT] If you had said yes then i would have suggested the same thing as barneyman did "below". [/EDIT]
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
modified on Friday, April 22, 2011 9:42 AM
|
|
|
|
|
have a look at the VirtualAlloc and VirtualProtect winAPI functions - you'll need to grant PAGE_EXEC rights (I assume you're doing this in Windows)
You'll know when the code finishes because the function will return back to you
|
|
|
|
|
thanks, but i am working under ubuntu.
And yes the function will return, but i have to copy it beforehand, before i execute it.
|
|
|
|
|
Try googling for linux equivalents of those methods. I hit mmap[^] for example, maybe that can do what you wish for VirtualAlloc, for VirtualProtect mprotect[^] might work.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
damn, me silly =)thanks
but how about to determine the end of the function. Also i want to copy it into the heap and execute it there, but the heap is read not the same way the stack does. Would that cause any problems?
|
|
|
|
|
as long as the function executes a RET (or whatever is appropriate for the chipset you're using) you know when it finishes, because code execution will come back to you
Both the heap and the stack are still physical memory areas, it's largely down to what the OS will let you do with each
|
|
|
|
|
Ok i was analyzing the asm code in a debugger and found a solution. I used code from here: <a href="clickme">http://www.devmaster.net/codespotlight/show.php?id=25</a>
and modified it slightly to check on 0xC3(RETN), the return changed to func(in the end) - func(when you call the function). And vuala you have the length of the function in bytes
Now it is possible to just get the length without doing any marker whatsoever, btw i considered the markerthing, but that wouldnt be possible, not so easy anyways, because every opcode can differentiate between op length and so on.
|
|
|
|
|
The ret may not be at the end (address-wise) and in fact frequently isn't (well, depending on what compiler you use)
|
|
|
|
|
I'm not sure what you mean by the heap and stack read difference thing.
Finding out where your function ends (basicly, finding out its size) seems to be trickier than it sounds. I guess what you can do is simply query how big a page is and then guess how many pages your function uses up, or maybe have some special value somehow embedded into the code, like 0xDEADBEEF and look for it during runtime...have no better idea yet.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
i understand the 'function end' reference now
You have a number of options, either hard-code the length of the function-copy as a result of manually analysing the map file, (or using the GCC equivalent of #pragma code-seg, put the function(s) in their own code segment) or insert (as code-o-mat says) a magic number at the end and emit a JMP opcode to get passed it
If you're doing some runtime code decryption, i'd go with the code-seg option
|
|
|
|
|
I wonder if this could work and how reliable it would be:
#include "stdafx.h"
#include "windows.h"
#include "conio.h"
long ThisIsAFunction(unsigned long *pSize, int other_parameters)
{
if (pSize != NULL) goto ThisIsTheEnd;
return other_parameters + 1;
ThisIsTheEnd:
unsigned long EndAddress;
__asm {
push eax
mov eax, ThisIsTheEnd
mov EndAddress, eax
pop eax
}
*pSize = (EndAddress - (unsigned long)(unsigned long long)ThisIsAFunction);
return 0;
}
int _tmain(int argc, _TCHAR* argv[])
{
unsigned long Size;
ThisIsAFunction(&Size, 0);
printf("Start of function: %p\nLength: %d bytes\n", ThisIsAFunction, Size);
getch();
return 0;
} Also, i wonder if compile-time optimization(s) could ruin it, if it works at all.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Yeah Compiler optimizations could ruin that especially inlining. Look at my approach, i posted it about 4h ago in reply to the post of barneyman.
|
|
|
|
|
Interesting. What about if you have more returns in the code, like:
...
switch (x)
{
case 1: return A;
case 2: return B;
case 3: return C;
...
}
... Wouldn't that produce more RETN? Of course, if you know that the function contains only one then i guess it's Ok. Am just asking "theoretically".
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Crap, ill check it out, thx. But i have another Problem, After copying the function into my (with virtualalloc) allocated memory every callfunction in the method doesn't work. The ret works however. I am trying to figure out a solution.
|
|
|
|
|
My assembler memories are very very faint, been ages since i tried to do anything in assembler. Maybe the "call" command takes a relative address and since you relocated the method it jumpts to wrong memory addresses?
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Hi,
In my application im loading DialogBar in mainfrmae,the dialogbar contains buttons and one ComboBox, i using that ComboBox in another class.Below is the code:
In MainFrm.h:
CSysWindow m_SysWnd;
For that combobox i added one class as CAlarmGlobal
In SysWindow.h:
CAlarmCombo oAlrmCombo;
In MainFrm.cpp,in OnCreate() i add that dialogbar to mainframe
if (!m_SysWnd.Create(this, IDD_SYS,
CBRS_TOP|CBRS_FLYBY|CBRS_TOOLTIPS, IDD_SYS))
{
return -1;
}
In another class im reffering this ComboBox by using this code
CAlarmCombo *pSysBox = (CAlarmCombo *)((CMainFrame *)AfxGetMainWnd())->m_SysWnd.GetDlgItem(IDC_SYSALARM);
if(pSysBox){}
Like the sameway i want to give the dialogbar in childframe and i want to use tht in differnt class.
So i want to know how can i get the DialogBar class(CSyswindow) object in someother class.
Now im doing the same for ChildFrame
In ChildFrm.h:
CSysWindow m_Recent;
In ChildFrame.cpp,OnCreate()
if( !m_Recent.Create(this, IDD_RECENTALARMS, CBRS_BOTTOM |CBRS_FLYBY|CBRS_SIZE_DYNAMIC, IDD_RECENTALARMS ))
{
return -1;
}
I want tot know,Is there anyway to refer the childframe like this
((CMainFrame *)AfxGetMainWnd())->m_SysWnd.GetDlgItem(IDC_SYSALARM);
Pls help me.
Anu
|
|
|
|
|
in WM_KEYDOWN and WM_KEYUP messages the lparam flag 24 says the key is extended key or not.
What are extended keys ? i need complete list of extended keys.. please help..
Thanks & Regards
|
|
|
|
|
From MSDN: The extended-key flag indicates whether the keystroke message originated from one of the additional keys on the enhanced keyboard. The extended keys consist of the ALT and CTRL keys on the right-hand side of the keyboard; the INS, DEL, HOME, END, PAGE UP, PAGE DOWN, and arrow keys in the clusters to the left of the numeric keypad; the NUM LOCK key; the BREAK (CTRL+PAUSE) key; the PRINT SCRN key; and the divide (/) and ENTER keys in the numeric keypad. The extended-key flag is set if the key is an extended key.
|
|
|
|
|
thanks....
|
|
|
|
|
I have a struture with a number of member array variables
eg:
struct DB
{
float IV [300];
char FAIL [300];
char FD [600];
float NCP [600];
float NLH [600];
float NENTH [600];
float NKVAL [30][600];
.
.
.
};
I have declared pointer object for this structure. This object is shared by other application using shared memory and the other application manipulates the values directly using the member variables eg: Es->IV[35] = 5.369;
Is it possible to raise an event when any of the member variable changes?
Anybody please help.
|
|
|
|