我目前正在尝试从外部进程获取基地址 在Xcode中使用C ++! 这是我到目前为止所得到的:
if (task_info(this->_pmach_port, TASK_DYLD_INFO, (task_info_t)&dyld_info, &count) == KERN_SUCCESS)
{
this->Read(this->dyld_info.all_image_info_addr, sizeof(dyld_all_image_infos), &this->all_image_infos);
printf("Got Task info!\nall_image offset: 0x%llx\ninfo array count: %i",this->dyld_info.all_image_info_addr,this->all_image_infos.infoArrayCount);
printf("Version: %i\n",this->all_image_infos.version);
for(int i=0;i< this->all_image_infos.infoArrayCount;i++) {
printf("image: %s %d\n",
this->all_image_infos.infoArray[i].imageFilePath,
this->all_image_infos.infoArray[i].imageLoadAddress
);
}
}
没有问题,我的输出如下:
Process To open: hl2_osx
Got Task info!
all_image offset: 0x8feb052c
info array count: 303 Version: 14
我的主要问题是Xcode停在我要输出模块信息的行 原因:
EXC_BAD_ACCESS(代码= EXC_I368_GPFLT)
我做错了什么?
由于我刚从使用Windows上的WINApi函数切换到在Mac上编写程序,
我希望有人可以帮助我!
答案 0 :(得分:1)
对于结构中的任何指针,您无法直接访问指向的数据。您必须从其他进程中读取它,就像您阅读all_image_infos结构一样。 info_array指针有这个问题。其中的imageFilePath也是如此。等
struct dyld_image_info *infoArray;
size_t size = sizeof(*infoArray) * this->all_image_infos.infoArrayCount;
infoArray = malloc(size);
this->Read(this->all_image_infos.infoArray, size, infoArray);
for(int i=0;i< this->all_image_infos.infoArrayCount;i++) {
char path[PATH_MAX];
this->Read(infoArray[i].imageFilePath, sizeof(path), path);
path[sizeof(path) - 1] = 0;
// Alternatively, you could use memchr() to see if path is null-terminated. If not, print what you have and read more, in a loop.
printf("image: %s %d\n",
path,
infoArray[i].imageLoadAddress
);
}