我目前正在尝试从外部进程获取基地址
在 Xcode 中使用 C++!
这是我到目前为止得到的:
if (task_info(this->_pmach_port, TASK_DYLD_INFO, (task_info_t)&dyld_info, &count) == KERN_SUCCESS)
{
this->Read(this->dyld_info.all_image_info_addr, sizeof(dyld_all_image_infos), &this->all_image_infos);
printf("Got Task info!\nall_image offset: 0x%llx\ninfo array count: %i",this->dyld_info.all_image_info_addr,this->all_image_infos.infoArrayCount);
printf("Version: %i\n",this->all_image_infos.version);
for(int i=0;i< this->all_image_infos.infoArrayCount;i++) {
printf("image: %s %d\n",
this->all_image_infos.infoArray[i].imageFilePath,
this->all_image_infos.infoArray[i].imageLoadAddress
);
}
}
没有问题,我的输出如下:
Process To open: hl2_osx
Got Task info!
all_image offset: 0x8feb052c
info array count: 303 Version: 14
我的主要问题是 Xcode 在我想输出模块信息的那一行停止 有理由:
EXC_BAD_ACCESS(code=EXC_I368_GPFLT)
我做错了什么?
由于我刚从在 windows 上使用 WINApi 函数切换到在 mac 上编写程序,
我希望有人能帮助我!
最佳答案
对于结构中的任何指针,您都不能直接访问指向的数据。您必须从其他进程读取它,就像您读取 all_image_infos 结构一样。 info_array 指针有这个问题。其中的 imageFilePath 也是如此。等等
struct dyld_image_info *infoArray;
size_t size = sizeof(*infoArray) * this->all_image_infos.infoArrayCount;
infoArray = malloc(size);
this->Read(this->all_image_infos.infoArray, size, infoArray);
for(int i=0;i< this->all_image_infos.infoArrayCount;i++) {
char path[PATH_MAX];
this->Read(infoArray[i].imageFilePath, sizeof(path), path);
path[sizeof(path) - 1] = 0;
// Alternatively, you could use memchr() to see if path is null-terminated. If not, print what you have and read more, in a loop.
printf("image: %s %d\n",
path,
infoArray[i].imageLoadAddress
);
}
关于c++ - all_image_infos 由 OS X c++ 上的 pid,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25555134/