当前位置: 首页>>代码示例>>C++>>正文


C++ FlushInstructionCache函数代码示例

本文整理汇总了C++中FlushInstructionCache函数的典型用法代码示例。如果您正苦于以下问题:C++ FlushInstructionCache函数的具体用法?C++ FlushInstructionCache怎么用?C++ FlushInstructionCache使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了FlushInstructionCache函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: VirtualAlloc

PVOID JMPHook::hook(PVOID tgt, PVOID rep){
	this->target = tgt;
	this->replacer = rep;
	PVOID orig_fn = tgt;
	PVOID dest_fn = rep;
	
	
	newregion = (byte*) VirtualAlloc(0, size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
	memcpy(newregion, orig_fn, size);
	int p = memcmp(newregion, orig_fn, size);
	//printf("%d\n", p);

	
	unsigned long oldprotect = 0;
	VirtualProtect(orig_fn, size, PAGE_EXECUTE_READWRITE, &oldprotect);
	__asm{
		mov eax, dword ptr [orig_fn];	//	eax = orig_fn address
		mov ecx, 0xe9;	// ecx = jmp relative
		mov [eax], ecx; // *orig_fn = jmp relative
		mov ecx, dword ptr [dest_fn];	// ecx = dest_fn address
		sub ecx, dword ptr [orig_fn];	// ecx = address(dest_fn) - address(orig_fn)
		sub ecx, 5;
		inc eax;	// eax = orig_fn address + 1
		mov dword ptr [eax], ecx;	// *orig_fn = jmp relative to [dest_fn]
	}
	VirtualProtect(orig_fn, size, oldprotect, &oldprotect);
	VirtualProtect(newregion, size, PAGE_EXECUTE_READ, 0);
	
	FlushInstructionCache(0, orig_fn, size);
	FlushInstructionCache(0, newregion, size);
	
	return (PVOID) newregion;	// address of the copied function

}
开发者ID:jmfti,项目名称:Function-hooks-in-cplusplus,代码行数:34,代码来源:CHook.cpp

示例2: ThreadWaitUntil

int ThreadWaitUntil(HANDLE hProcess, HANDLE hThread, void *addr)
{
	CONTEXT context = {0};
	BYTE entry_asm_orig[2];
	const BYTE entry_asm_delay[2] = {0xEB, 0xFE}; // JMP SHORT YADA YADA
	MEMORY_BASIC_INFORMATION mbi;
	DWORD byte_ret;
	DWORD old_prot;

	if(!VirtualQueryEx(hProcess, addr, &mbi, sizeof(mbi))) {
		return 1;
	}
	VirtualProtectEx(hProcess, mbi.BaseAddress, mbi.RegionSize, PAGE_EXECUTE_READWRITE, &old_prot);
	ReadProcessMemory(hProcess, addr, entry_asm_orig, sizeof(entry_asm_orig), &byte_ret);
	WriteProcessMemory(hProcess, addr, entry_asm_delay, sizeof(entry_asm_delay), &byte_ret);
	FlushInstructionCache(hProcess, addr, sizeof(entry_asm_delay));
	VirtualProtectEx(hProcess, mbi.BaseAddress, mbi.RegionSize, old_prot, &old_prot);

	context.ContextFlags = CONTEXT_CONTROL;
	while(context.Eip != (DWORD)addr) {
		ResumeThread(hThread);
		Sleep(10);
		SuspendThread(hThread);
		GetThreadContext(hThread, &context);
	}

	// Write back the original code
	WriteProcessMemory(hProcess, addr, entry_asm_orig, sizeof(entry_asm_orig), &byte_ret);
	FlushInstructionCache(hProcess, addr, sizeof(entry_asm_orig));
	return 0;
}
开发者ID:GovanifY,项目名称:thcrap,代码行数:31,代码来源:inject.c

示例3: ResetSoftwareBreakpoint

void ResetSoftwareBreakpoint(HANDLE hProcess, DWORD dwAddr, BYTE original)
{
	DWORD dwRead;

	WriteProcessMemory(hProcess, (LPVOID)dwAddr, &original, 1, &dwRead);
	FlushInstructionCache(hProcess, (LPVOID)dwAddr, 1);
}
开发者ID:weimingtom,项目名称:AokanaCGExtractor,代码行数:7,代码来源:Main.cpp

示例4: __declspec

extern "C" int __declspec(dllexport) FixBP(DWORD dwAddress,BYTE bInstruction,DWORD dwFinalClean)
{
	BOOL bret;
	DWORD dw;
	HANDLE hThread;
	CONTEXT context;

	if (dwFinalClean)
	{
		bret = WriteProcessMemory(hProcess,(LPVOID)dwAddress,&bInstruction,1,&dw);
		return 0;
	}

	
	hThread = OpenThread(THREAD_ALL_ACCESS,0,dbg_event.dwThreadId);

	memset(&context,0,sizeof(CONTEXT));
	context.ContextFlags = CONTEXT_ALL;
	bret = GetThreadContext(hThread,&context);
	if (bret == 0) return 0;   
	bret = WriteProcessMemory(hProcess,(LPVOID)dwAddress,&bInstruction,1,&dw);
	FlushInstructionCache(hProcess,(LPVOID)dwAddress, 1);
	
	if (bret == 0) return 0;	


	context.Eip = context.Eip - 1;	
	context.EFlags |= 0x100;	
	bret = SetThreadContext(hThread,&context);
	
	if (bret == 0)
		return 0;
	Log("hThread:%x EIP:%x bret:%d gle:%d",hThread,context.Eip,bret,GetLastError());							
	return 1;
}
开发者ID:kroudo,项目名称:win32_debugger,代码行数:35,代码来源:debugger.cpp

示例5: VirtualProtect

/**
 * @brief Injects redirection code into the target function.
 *
 * Replaces the first 6 Bytes of the function indicated by baseptr
 * with the replacement code previously generated (usually a jump
 * to mumble code). If a trampoline is available this injection is not needed
 * as control flow was already permanently redirected by HardHook::setup .
 *
 * @param force Perform injection even when trampoline is available.
 */
void HardHook::inject(bool force) {
	if (! baseptr)
		return;
	if (! force && bTrampoline)
		return;

	DWORD origProtect;
	if (VirtualProtect(baseptr, CODEREPLACESIZE, PAGE_EXECUTE_READWRITE, &origProtect)) {
		for (int i = 0; i < CODEREPLACESIZE; ++i) {
			baseptr[i] = replace[i]; // Replace with jump to new code
		}

		DWORD tempProtect;
		VirtualProtect(baseptr, CODEREPLACESIZE, origProtect, &tempProtect);

		FlushInstructionCache(GetCurrentProcess(), baseptr, CODEREPLACESIZE);
	}

	// Verify that the injection was successful
	for (int i = 0; i < CODEREPLACESIZE; ++i) {
		if (baseptr[i] != replace[i]) {
			fods("HardHook: Injection failure noticed at byte %d", i);
		}
	}
}
开发者ID:Darcade,项目名称:mumble,代码行数:35,代码来源:HardHook.cpp

示例6: exit

CompiledProgram::CompiledProgram(Program in_program)
{
	mProgSize=0;

	for (Program::iterator i=in_program.begin(); i!=in_program.end(); i++)
	{
		mProgSize+=i->size();
	}

	mpProg=VirtualAlloc(
		NULL,
		mProgSize,
		MEM_COMMIT | MEM_RESERVE,
		PAGE_READWRITE
		);

	if (mpProg == NULL )
		exit(0);

	size_t progPos=0;

	for (Program::iterator i=in_program.begin(); i!=in_program.end(); i++)
	{
		memcpy((unsigned char*) mpProg+progPos, &(*i)[0], i->size());
		progPos+=i->size();
	}

	DWORD flOldProtect;

	if (!VirtualProtect(mpProg, size(), PAGE_EXECUTE, &flOldProtect))
		exit(0);

	if (!FlushInstructionCache(GetCurrentProcess(), mpProg, size()))
		exit(0);
}
开发者ID:dreamsxin,项目名称:101_browser,代码行数:35,代码来源:X86Assembly.cpp

示例7: InjectData

LPVOID InjectData(HANDLE hProcess,LPVOID lpData,ULONG ulFuncLen)
{
	LPVOID lpAddress=NULL;
	DWORD dwOldProtect;
	DWORD BytesWritten=0;
	
	// Allocate memory for lpData int the remote process
	lpAddress=VirtualAllocEx(hProcess,NULL,ulFuncLen,MEM_COMMIT|MEM_TOP_DOWN,PAGE_EXECUTE_READWRITE);
	if (lpAddress)
	{
		// Change the protection for the allocated memory
		if (VirtualProtectEx(hProcess,lpAddress,ulFuncLen,PAGE_EXECUTE_READWRITE,&dwOldProtect))
		{
			// ...
			FlushInstructionCache(hProcess,lpAddress,ulFuncLen);
			// Write lpData into the remote process
			if (WriteProcessMemory(hProcess,lpAddress,lpData,ulFuncLen,&BytesWritten))
			{
				// Restore old protection :)
				VirtualProtectEx(hProcess,lpAddress,ulFuncLen,dwOldProtect,NULL);
				// Return remote address for lpData
				return lpAddress;
			}
			// Restore old protection :)
			VirtualProtectEx(hProcess,lpAddress,ulFuncLen,dwOldProtect,NULL);
		}
	}
	return 0;
}
开发者ID:Artorios,项目名称:rootkit.com,代码行数:29,代码来源:injector.c

示例8: child_xfer_memory

/* Transfer memory from/to the debugged process.  */
static int
child_xfer_memory (CORE_ADDR memaddr, char *our, int len,
		   int write, struct target_ops *target)
{
  BOOL success;
  SIZE_T done = 0;
  DWORD lasterror = 0;
  uintptr_t addr = (uintptr_t) memaddr;

  if (write)
    {
      success = WriteProcessMemory (current_process_handle, (LPVOID) addr,
				    (LPCVOID) our, len, &done);
      if (!success)
	lasterror = GetLastError ();
      FlushInstructionCache (current_process_handle, (LPCVOID) addr, len);
    }
  else
    {
      success = ReadProcessMemory (current_process_handle, (LPCVOID) addr,
				   (LPVOID) our, len, &done);
      if (!success)
	lasterror = GetLastError ();
    }
  if (!success && lasterror == ERROR_PARTIAL_COPY && done > 0)
    return done;
  else
    return success ? done : -1;
}
开发者ID:phausler,项目名称:binutils,代码行数:30,代码来源:win32-low.c

示例9: VirtualProtect

// !TODO: Add auto alloc for missing stub
void	*HookSub(void *oldProc, void *newProc)
{
	void *jmpAddr = (void *)((char *)newProc - (char *)oldProc - 5);

	// patch
	DWORD	oldProtect = NULL;
	VirtualProtect(oldProc, 5, PAGE_EXECUTE_WRITECOPY, &oldProtect);
	__asm
	{
		push eax
		push ebx

		mov eax, oldProc
		mov ebx, jmpAddr

		mov byte  ptr [eax], 0xE9	// long jmp
		mov dword ptr [eax + 1], ebx

		pop ebx
		pop eax
	}
	VirtualProtect(oldProc, 5, oldProtect, &oldProtect);

	FlushInstructionCache(GetCurrentProcess(), oldProc, 5);

	return ((void *)((char *)oldProc + 5));
}
开发者ID:steeve,项目名称:dwmaxx,代码行数:28,代码来源:patch.cpp

示例10: GetDetourLenAuto

bool CDetour::Remove ( BYTE *orig, BYTE *jmp, int iPatchType, int len )
{
	int		iMinLen = 0;
	DWORD	dwBack = 0;

	if ( !(iMinLen = GetDetourLen(iPatchType)) )
		return false;

	if ( len != 0 && len < iMinLen )
		return false;

	// Try and find the end of the instruction automatically
	if ( len == 0 )
	{
		len = GetDetourLenAuto( jmp, iMinLen );
		if ( len == 0 )
			len = GetDetourLen( iPatchType );
		if ( len == 0 || iMinLen == 0 )
			return false;
		if ( len < iMinLen )
			return false;
	}

	// Write the bytes @ the jmp back to the orig
	MEMORY_BASIC_INFORMATION	mbi;
	VirtualQuery( (void *)orig, &mbi, sizeof(mbi) );
	VirtualProtect( mbi.BaseAddress, mbi.RegionSize, PAGE_EXECUTE_READWRITE, &mbi.Protect );
	memcpy( orig, jmp, len );
	VirtualProtect( mbi.BaseAddress, mbi.RegionSize, mbi.Protect, &mbi.Protect );
	FlushInstructionCache( GetCurrentProcess(), (void *)orig, len );

	return true;
}
开发者ID:Aephout14,项目名称:m0d-s0beit-sa,代码行数:33,代码来源:CDetour.cpp

示例11: HEStopHook

BOOL HEStopHook(PHOOKINFO HookInfo)
{
	BOOL CallRet;
	DWORD dwTmp;
	DWORD OldProtect;

	LPVOID FuncAddr = HookInfo->FuncAddr;
	DWORD CodeLength = HookInfo->CodeLength;

	CallRet = VirtualProtect(FuncAddr, CodeLength, PAGE_EXECUTE_READWRITE, &OldProtect);
	if (!CallRet)
	{
		return 1;
	}

	CallRet = WriteProcessMemory(GetCurrentProcess(), FuncAddr, HookInfo->Stub, CodeLength, &dwTmp);
	if (!CallRet || dwTmp != CodeLength)
	{
		return 2;
	}

	FlushInstructionCache(GetCurrentProcess(), FuncAddr, CodeLength);

	VirtualProtect(FuncAddr, CodeLength, OldProtect, &dwTmp);	

	free(HookInfo->Stub);
	return 0;
}
开发者ID:Stofftierchen13,项目名称:np-activex,代码行数:28,代码来源:Hook.cpp

示例12: UnhookFunction

BOOL UnhookFunction(LPTSTR ModuleName, LPCSTR FunctionName, PVOID proxyFunction)
{
	PVOID oldFunction = NULL;
	DWORD oldProtect = 0;
	TCHAR tzTemp[MAX_PATH] = {0};

	oldFunction = GetProcAddress(GetModuleHandle(ModuleName), FunctionName);
	if (!oldFunction)
	{
		wsprintf(tzTemp, TEXT("Failed to find the function: %hs\n"), FunctionName);
		OutputDebugText(tzTemp);
		return FALSE;
	}

	// Recover the function
	VirtualProtect(oldFunction, JumpCodeSize, PAGE_EXECUTE_READWRITE, &oldProtect);
	RtlCopyMemory(oldFunction, proxyFunction, JumpCodeSize);
	VirtualProtect(oldFunction, JumpCodeSize, oldProtect, &oldProtect);
	FlushInstructionCache(GetModuleHandle(NULL), oldFunction, JumpCodeSize);

	if (!VirtualFree(proxyFunction, 0, MEM_RELEASE))
	{
		wsprintf(tzTemp, TEXT("Failed to free memory for the function: %hs\n"), FunctionName);
		OutputDebugText(tzTemp);
	}

	return TRUE;
}
开发者ID:sywymj,项目名称:HookQQ,代码行数:28,代码来源:HookLib.cpp

示例13: DoTest

void DoTest(void *Buffer, int Size, int Expected)
{
    int ret;
    
    SetLastError(0);
    ret = FlushInstructionCache(GetCurrentProcess(), Buffer, Size);
    if (!ret && Expected)
    {
        Fail("Expected FlushInstructionCache to return non-zero, got zero!\n"
            "region: %p, size: %d, GetLastError: %d\n", Buffer, Size, 
            GetLastError());
    }
    else if (ret && !Expected)
    {
        Fail("Expected FlushInstructionCache to return zero, got non-zero!\n"
            "region: %p, size: %d, GetLastError: %d\n", Buffer, Size, 
            GetLastError());
    }

    if (!Expected && ERROR_NOACCESS != GetLastError())
    {
        Fail("FlushInstructionCache failed to set the last error to "
            "ERROR_NOACCESS!\n");
    }

}
开发者ID:smartmaster,项目名称:sscli,代码行数:26,代码来源:test1.c

示例14: FixupInlineGetters

void FixupInlineGetters(DWORD tlsSlot, const LPVOID * pLocations, int nLocations)
{
    BYTE* pInlineGetter;
    DWORD dwOldProtect;
    for (int i=0; i<nLocations; i++)
    {
        pInlineGetter = (BYTE*)GetEEFuncEntryPoint((BYTE*)pLocations[i]);

        static const DWORD cbPatch = 9;
        if (!ClrVirtualProtect(pInlineGetter, cbPatch, PAGE_EXECUTE_READWRITE, &dwOldProtect))
        {
            ThrowLastError();
        }

        DWORD offset = (tlsSlot * sizeof(LPVOID) + offsetof(TEB, TlsSlots));

#if defined(_TARGET_AMD64_)
        // mov  r??, gs:[TLS offset]
        _ASSERTE_ALL_BUILDS("clr/src/VM/JITinterfaceGen.cpp",
                            pInlineGetter[0] == 0x65 &&
                            pInlineGetter[2] == 0x8B &&
                            pInlineGetter[4] == 0x25 &&
                            "Initialization failure while stomping instructions for the TLS slot offset: the instruction at the given offset did not match what we expect");

        *((DWORD*)(pInlineGetter + 5)) = offset;
#else // _TARGET_AMD64_
        PORTABILITY_ASSERT("FixupInlineGetters");
#endif //_TARGET_AMD64_

        FlushInstructionCache(GetCurrentProcess(), pInlineGetter, cbPatch);
        ClrVirtualProtect(pInlineGetter, cbPatch, dwOldProtect, &dwOldProtect);
    }
}
开发者ID:0-wiz-0,项目名称:coreclr,代码行数:33,代码来源:jitinterfacegen.cpp

示例15: hook_jmp

//------------------------------------------------------------------------------
void* hook_jmp(const char* dll, const char* func_name, void* hook)
{
    void* func_addr;
    void* trampoline;

    // Get the address of the function we're going to hook.
    func_addr = get_proc_addr(dll, func_name);
    if (func_addr == NULL)
    {
        LOG_INFO("Failed to find function '%s' in '%s'", dll, func_name);
        return NULL;
    }

    LOG_INFO("Attemping jump hook.");
    LOG_INFO("Target is %s, %s @ %p", dll, func_name, func_addr);

    // Install the hook.
    trampoline = hook_jmp_impl(func_addr, hook);
    if (trampoline == NULL)
    {
        LOG_INFO("Jump hook failed.");
        return NULL;
    }

    LOG_INFO("Success!");
    FlushInstructionCache(current_proc(), 0, 0);
    return trampoline;
}
开发者ID:NextGenIntelligence,项目名称:clink,代码行数:29,代码来源:hook.c


注:本文中的FlushInstructionCache函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。