|
Try googling for linux equivalents of those methods. I hit mmap[^] for example, maybe that can do what you wish for VirtualAlloc, for VirtualProtect mprotect[^] might work.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
damn, me silly =)thanks
but how about to determine the end of the function. Also i want to copy it into the heap and execute it there, but the heap is read not the same way the stack does. Would that cause any problems?
|
|
|
|
|
as long as the function executes a RET (or whatever is appropriate for the chipset you're using) you know when it finishes, because code execution will come back to you
Both the heap and the stack are still physical memory areas, it's largely down to what the OS will let you do with each
|
|
|
|
|
Ok i was analyzing the asm code in a debugger and found a solution. I used code from here: <a href="clickme">http://www.devmaster.net/codespotlight/show.php?id=25</a>
and modified it slightly to check on 0xC3(RETN), the return changed to func(in the end) - func(when you call the function). And vuala you have the length of the function in bytes
Now it is possible to just get the length without doing any marker whatsoever, btw i considered the markerthing, but that wouldnt be possible, not so easy anyways, because every opcode can differentiate between op length and so on.
|
|
|
|
|
The ret may not be at the end (address-wise) and in fact frequently isn't (well, depending on what compiler you use)
|
|
|
|
|
I'm not sure what you mean by the heap and stack read difference thing.
Finding out where your function ends (basicly, finding out its size) seems to be trickier than it sounds. I guess what you can do is simply query how big a page is and then guess how many pages your function uses up, or maybe have some special value somehow embedded into the code, like 0xDEADBEEF and look for it during runtime...have no better idea yet.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
i understand the 'function end' reference now
You have a number of options, either hard-code the length of the function-copy as a result of manually analysing the map file, (or using the GCC equivalent of #pragma code-seg, put the function(s) in their own code segment) or insert (as code-o-mat says) a magic number at the end and emit a JMP opcode to get passed it
If you're doing some runtime code decryption, i'd go with the code-seg option
|
|
|
|
|
I wonder if this could work and how reliable it would be:
#include "stdafx.h"
#include "windows.h"
#include "conio.h"
long ThisIsAFunction(unsigned long *pSize, int other_parameters)
{
if (pSize != NULL) goto ThisIsTheEnd;
return other_parameters + 1;
ThisIsTheEnd:
unsigned long EndAddress;
__asm {
push eax
mov eax, ThisIsTheEnd
mov EndAddress, eax
pop eax
}
*pSize = (EndAddress - (unsigned long)(unsigned long long)ThisIsAFunction);
return 0;
}
int _tmain(int argc, _TCHAR* argv[])
{
unsigned long Size;
ThisIsAFunction(&Size, 0);
printf("Start of function: %p\nLength: %d bytes\n", ThisIsAFunction, Size);
getch();
return 0;
} Also, i wonder if compile-time optimization(s) could ruin it, if it works at all.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Yeah Compiler optimizations could ruin that especially inlining. Look at my approach, i posted it about 4h ago in reply to the post of barneyman.
|
|
|
|
|
Interesting. What about if you have more returns in the code, like:
...
switch (x)
{
case 1: return A;
case 2: return B;
case 3: return C;
...
}
... Wouldn't that produce more RETN? Of course, if you know that the function contains only one then i guess it's Ok. Am just asking "theoretically".
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Crap, ill check it out, thx. But i have another Problem, After copying the function into my (with virtualalloc) allocated memory every callfunction in the method doesn't work. The ret works however. I am trying to figure out a solution.
|
|
|
|
|
My assembler memories are very very faint, been ages since i tried to do anything in assembler. Maybe the "call" command takes a relative address and since you relocated the method it jumpts to wrong memory addresses?
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> //TODO: Implement signature here<
|
|
|
|
|
Hi,
In my application im loading DialogBar in mainfrmae,the dialogbar contains buttons and one ComboBox, i using that ComboBox in another class.Below is the code:
In MainFrm.h:
CSysWindow m_SysWnd;
For that combobox i added one class as CAlarmGlobal
In SysWindow.h:
CAlarmCombo oAlrmCombo;
In MainFrm.cpp,in OnCreate() i add that dialogbar to mainframe
if (!m_SysWnd.Create(this, IDD_SYS,
CBRS_TOP|CBRS_FLYBY|CBRS_TOOLTIPS, IDD_SYS))
{
return -1;
}
In another class im reffering this ComboBox by using this code
CAlarmCombo *pSysBox = (CAlarmCombo *)((CMainFrame *)AfxGetMainWnd())->m_SysWnd.GetDlgItem(IDC_SYSALARM);
if(pSysBox){}
Like the sameway i want to give the dialogbar in childframe and i want to use tht in differnt class.
So i want to know how can i get the DialogBar class(CSyswindow) object in someother class.
Now im doing the same for ChildFrame
In ChildFrm.h:
CSysWindow m_Recent;
In ChildFrame.cpp,OnCreate()
if( !m_Recent.Create(this, IDD_RECENTALARMS, CBRS_BOTTOM |CBRS_FLYBY|CBRS_SIZE_DYNAMIC, IDD_RECENTALARMS ))
{
return -1;
}
I want tot know,Is there anyway to refer the childframe like this
((CMainFrame *)AfxGetMainWnd())->m_SysWnd.GetDlgItem(IDC_SYSALARM);
Pls help me.
Anu
|
|
|
|
|
in WM_KEYDOWN and WM_KEYUP messages the lparam flag 24 says the key is extended key or not.
What are extended keys ? i need complete list of extended keys.. please help..
Thanks & Regards
|
|
|
|
|
From MSDN: The extended-key flag indicates whether the keystroke message originated from one of the additional keys on the enhanced keyboard. The extended keys consist of the ALT and CTRL keys on the right-hand side of the keyboard; the INS, DEL, HOME, END, PAGE UP, PAGE DOWN, and arrow keys in the clusters to the left of the numeric keypad; the NUM LOCK key; the BREAK (CTRL+PAUSE) key; the PRINT SCRN key; and the divide (/) and ENTER keys in the numeric keypad. The extended-key flag is set if the key is an extended key.
|
|
|
|
|
thanks....
|
|
|
|
|
I have a struture with a number of member array variables
eg:
struct DB
{
float IV [300];
char FAIL [300];
char FD [600];
float NCP [600];
float NLH [600];
float NENTH [600];
float NKVAL [30][600];
.
.
.
};
I have declared pointer object for this structure. This object is shared by other application using shared memory and the other application manipulates the values directly using the member variables eg: Es->IV[35] = 5.369;
Is it possible to raise an event when any of the member variable changes?
Anybody please help.
|
|
|
|
|
Get the other application to send you a message, or use event notifiers as Superman suggested to you earlier.
The best things in life are not things.
|
|
|
|
|
You have posted this twice now.
The technique suggested by Superman is the only way.
|
|
|
|
|
multiple applications sharing the same memory space directly is dangerous in a lot of circumstances, be sure to code as to prevent simultaneous data access
|
|
|
|
|
BOOL CSimpleFinderView::Findx(CString str)
{
return FindText(str,FALSE,FALSE,FALSE);
}
I have wrote above function in view class derived from CRicheditview. I will call this function from mainfrm class.
Consider following example text present view.
"function is not working, so remove the the function"
To find the word "function", I traps characters at mainfrm pretranslate message and calling above function for every key pressing.
Keypressed | Result
--------------------
f | function is not working, so remove the the function
fu | function is not working, so remove the the function
Findtext() selecting the second occurrence of the word function. But it suppose to be first one.
I feel this CRichEditView::FindText() will not help
Can u suggest any other solution?
|
|
|
|
|
|
I have a structure like this
struct ex
{
float pv[1500];
char sp[2000];
float ap[2000];
.
.
.
.
//some 100 arrays of float, char and short
}
ex *Pro;
I have declared an object for this struture and this is going to act as data source for my application. I have created shared memory for this data with another application and hence data is manipulated in the other application. Since the structure is shared whenever a value is changed in the other application, the changed value is reflected in this application.
Eg: whenever "Pro->pv[35]" is changed to 2.5556 in the other application, the same value is seen in this application.
But What I need is an event or a function that should be called whenever any of the variable is changed. If "Pro->pv[35] " is changed the function should be called which should in turn tell me the variable changed and the value.
|
|
|
|
|
Create a class instead of the structure.
Make all you variables as private members.
Write public functions that will modify the variables.
This way the public functions can call other functions or fire events to notify other observers.
You can otherwise go for a full fledged observer pattern where all observers can register events or callbacks to be called as a result of a data modification.
|
|
|
|
|
Thanks for your suggestion.
But I cannot create class as you said. because the structure object is shared by other application using shared memory (createfilemapping() and Openfilemapping()) In the other application the member variables of the struture object are directly accessed without using any function.
Kindly suggest some other ideas if I could trap the change of the struture object's member variable.
Thanks in advance
|
|
|
|