我想知道这些代码行背后的数学知识。处理指针。有人可以通过+运算符和& if语句中的按位运算符?我只是不太了解它。
// check signatures -- must be a PE
pDosHeader = (PIMAGE_DOS_HEADER)hMap;
if(pDosHeader->e_magic != IMAGE_DOS_SIGNATURE) goto cleanup;
pNtHeaders = (PIMAGE_NT_HEADERS)((DWORD)hMap + pDosHeader->e_lfanew);
if(pNtHeaders->Signature != IMAGE_NT_SIGNATURE) goto cleanup;
// Not dll
if (pNtHeaders->FileHeader.Characteristics & IMAGE_FILE_DLL
&& pNtHeaders->FileHeader.Characteristics & IMAGE_FILE_EXECUTABLE_IMAGE) goto cleanup;
// get last section's header...
pSectionHeader = (PIMAGE_SECTION_HEADER)((DWORD)hMap + pDosHeader->e_lfanew + sizeof(IMAGE_NT_HEADERS));
pSection = pSectionHeader;
pSection += (pNtHeaders->FileHeader.NumberOfSections - 1);
答案 0 :(得分:1)
+运算符只是算术加。当与指针一起使用时,现在更清楚的是为什么键入C和C ++中的指针 - 它不仅仅是向地址添加字节,而是添加它指向的任何类型的大小。
所以,例如,如果我们有:
struct stuff x;
struct stuff *p = &x; /* p now points at x */
p = p + 1;
/* the address at p has been incremented by the sizeof(struct stuff),
and is pointing at the next struct stuff in memeory */
&用作二元运算符的是按位AND,它携带在两个操作数中设置的位。例如:
unsigned int b = 99; /* 99 is binary 01100011 */
unsigned int w = b & 6; /* 6 is binary 00000110 */
/* w is now 2 2 is binary 00000010 */
在您的示例代码中,它用于测试是否在结构成员中设置了位掩码IMAGE_FILE_DLL和IMAGE_FILE_EXECUTABLE_IMAGE。