accessmemory.cpp

此为破解装载器一书中的源代码,在看雪论坛下载的,

/* accessmemory.h ***************************************** UPDATED: 2005-24-01 14:19 TT
 *
 * Description : Header files of the CAccessMemory class
 * Author      : Shub-Nigurrath
 * Description : This class grants to its derived classes full controlled access to the
 *               memory through ReadProcessMemory and WriteProcessMemory.
 *
 * Currently compiles under :
 * Turbo C 2.0, Turbo C++ 1.0, Turbo C++ 3.0, Zortech C++ 3.0,
 * Watcom C 386 8.0, Ultrix ANSI C, Microsoft 6.0, GCC
 *
 * Version 1.0 - Initial release
 */
//////////////////////////////////////////////////////////////////////

#include "AccessMemory.h"

//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////

CAccessMemory::CAccessMemory()
{

}

CAccessMemory::~CAccessMemory()
{

}

//A wrapper for the ::ReadProcessMemory which set also the memory 
//access right properly
BOOL CAccessMemory::ReadProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer,
		DWORD nSize, LPDWORD lpNumberOfBytesRead) {
	
	ACCESS_PROCESS_MEMORY_FCN fcn;
	
	//There's a little difference between the two function pointers or 
	//::ReadProcessMemory and ::WriteProcessMemory, because the two prototypes are different
	//This trick cast the pointer of the function pointer of ::ReadProcessMemory to a 
	//void* then cast it back to an ACCESS_PROCESS_MEMORY_FCN function pointer. 
	//The differences between these two prototypes are not important and 
	//everything works excellently.
	fcn=(ACCESS_PROCESS_MEMORY_FCN)((void*)&(::ReadProcessMemory));
	
	return _accessProcessMemory(fcn, hProcess, lpBaseAddress, lpBuffer,
		nSize, lpNumberOfBytesRead);
}

//A wrapper for the ::WriteProcessMemory which set also the memory 
//access right properly
BOOL CAccessMemory::WriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer,
		DWORD nSize, LPDWORD lpNumberOfBytesWritten)
{
	ACCESS_PROCESS_MEMORY_FCN fcn;

	//Assign the function pointer, this time there are no problems, 
	//because ACCESS_PROCESS_MEMORY_FCN is the prototype of ::WriteProcessMemory
	fcn=::WriteProcessMemory; 
	
	return _accessProcessMemory(fcn, hProcess, lpBaseAddress, lpBuffer,
		nSize, lpNumberOfBytesWritten);
}

//It is used by the WriteProcessMemory and ReadProcessMemory methods. 
//It worry to grant access to memory.
BOOL CAccessMemory::_accessProcessMemory(
		ACCESS_PROCESS_MEMORY_FCN fcn, 
		HANDLE hProcess, 
		LPVOID lpBaseAddress, LPVOID lpBuffer,
		DWORD nSize, LPDWORD lpNumberOfBytes)
{
	DWORD OldProtection=0;
	//It is not really used because the VirtualProtectEx function always requires a valid
	//variable to hold the old page protection values, otherwise fails. When restoring the 
	//protection values of the page, on the existing of this program, the old values are not
	//important of course.
	DWORD dummyProtection=0;

	BOOL bVal=FALSE;

	int tries=0;
	
	//Do 3 tries loop, so as not the block forever..
	while(tries<3) {
		__try {
			tries++;
			bVal=fcn(hProcess, lpBaseAddress, lpBuffer,nSize, lpNumberOfBytes);
			if(!bVal) 
				//The RaiseException function raises an exception in the calling thread.
				RaiseException(1, // exception code 
                0,                // continuable exception (non death exception)
                0, NULL);         // no arguments 
		}
		__except(TRUE) {
			if(IsBadReadPtr(lpBaseAddress, nSize) || IsBadWritePtr(lpBaseAddress, nSize))
				VirtualProtectEx(hProcess, lpBaseAddress, nSize, 
					PAGE_EXECUTE_READWRITE, &OldProtection);
			continue;
		}
		break;
	}
	
	//Restore the previous protections of the patched address.
	//OlProtection is !=0 if the previous VirtualProtectEx has been done.
	if(OldProtection!=0)
		VirtualProtectEx(hProcess, lpBaseAddress, nSize, 
			OldProtection, &dummyProtection);

	return bVal;

}