disme.cpp

应用程序调试技术（DebuggingApplication）源代码

// A quick test app for the i386DisASM dll.  This test application just
// disassembles itself starting at main.
#include <windows.h>
#include <stdio.h>
#include <imagehlp.h>
#include "i386DisASM.h"
#include "BugslayerUtil.h"


void main ( void )
{
    DEBUGPACKET dp ;
    dp.hProcess = OpenProcess ( PROCESS_ALL_ACCESS      ,
                                FALSE                   ,
                                GetCurrentProcessId ( )  ) ;
    dp.context.ContextFlags = CONTEXT_FULL ;
    GetThreadContext ( GetCurrentThread ( ) , &dp.context ) ;

    UCHAR szBuff[ 1024 ] ;
    PUCHAR pChar = (PUCHAR)&szBuff ;

    DWORD dwOffSet = (DWORD)main ;

    SymInitialize ( dp.hProcess , NULL , FALSE ) ;

    SymLoadModule ( dp.hProcess , NULL , "DisMe.exe" , NULL , 0 , 0 ) ;

    for ( int i = 0 ; i < 50 ; i++ )
    {
        pChar = (PUCHAR)&szBuff ;
        if ( FALSE == disasm ( &dp , &dwOffSet , pChar , FALSE ) )
        {
            printf ( "disasm failed!\n" ) ;
            break ;
        }
        else
        {
            printf ( "%s\n" , szBuff ) ;
        }
    }
}