閱讀IMAGE_EXPORT_DIRECTORY找到導出函數的名稱會導致訪問衝突

我讀IMAGE_EXPORT_DIRECTORY如下閱讀IMAGE_EXPORT_DIRECTORY找到導出函數的名稱會導致訪問衝突

PIMAGE_EXPORT_DIRECTORY ExportDirectory = (PIMAGE_EXPORT_DIRECTORY)((DWORD)dosHeader + ConvertRVA(PEImageOptionalHeader->DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress, 
     FirstSectionHeader,PEFileImageHeader));

這works.Then我想訪問AddressOfNames。

PDWORD* ExportedFunctions; 
ExportedFunctions = (PDWORD *)((DWORD)dosHeader + ConvertRVA(ExportDirectory->AddressOfNames,FirstSectionHeader,PEFileImageHeader));

現在我怎麼找到導出的函數的名稱？ ConvertRVA()被定義爲

DWORD ConvertRVA(DWORD rva,PIMAGE_SECTION_HEADER FirstSectionHeader,PIMAGE_FILE_HEADER PEFileImageHeader) 
{ 
    int j=0; 
    auto i =FirstSectionHeader; 
    for(;j<PEFileImageHeader->NumberOfSections ;i++,j++) 
    { 
     if(rva>=i->VirtualAddress && rva<i->VirtualAddress + i->Misc.VirtualSize) 
      break; 
    } 
    return rva+i->PointerToRawData-i->VirtualAddress; 
}

來源

2017-07-20 user3819404

我找到了一種方法來做到這一點。

PDWORD ExportedFunctions; 
    ExportedFunctions = (PDWORD)((DWORD)dosHeader + ConvertRVA(ExportDirectory->AddressOfNames,FirstSectionHeaderBest,PEFileImageHeader)); 



    for(int i=0;i<ExportDirectory->NumberOfNames;i++) 
    { 
     LPSTR aaaa=(PCHAR)((DWORD)dosHeader + ConvertRVA((DWORD)ExportedFunctions[0],FirstSectionHeaderBest,PEFileImageHeader)); 
     std::cout<<aaaa<<std::endl; 
    }

來源

2017-07-20 09:45:59 user3819404

閱讀IMAGE_EXPORT_DIRECTORY找到導出函數的名稱會導致訪問衝突

回答

相關問題