There is WINAPI调用定义:
DWORD MapFileAndCheckSum(
_In_ PTSTR Filename,
_Out_ PDWORD HeaderSum,
_Out_ PDWORD CheckSum
);
如何通过PTSTR参数进行通话?
答案 0 :(得分:0)
只是:
filename = ctypes.c_char_p('something')
filename = ctypes.c_wchar_p('something') # for unicode
编辑:答案基于this page和ctypes docs上PWSTR,PSTR和PTSTR的定义。
正如评论中所建议的那样,你应该使用restype / argtypes,特别是如果你想要明确的话,比如:
# define func
dll = ctypes.WinDLL(imagehlp)
mapfileandchecksuma = dll.MapFileAndCheckSumA
mapfileandchecksuma.restype = ctypes.wintypes.DWORD
mapfileandchecksuma.argtypes = [c_char_p,
POINTER(ctypes.wintypes.DWORD),
POINTER(ctypes.wintypes.DWORD)]
# call func
filename = 'ntkr128g.exe'
headersum = ctypes.wintypes.DWORD()
checksum = ctypes.wintypes.DWORD()
if mapfileandchecksuma(filename,
byref(headersum),
byref(checksum)) == 0:
print headersum.value, checksum.value
答案 1 :(得分:0)
仅供参考,获得PE二进制校验和的整个调用就是这样:
filename = "ntkr128g.exe"
PTSTR = ctypes.c_char_p
headersum = ctypes.wintypes.DWORD()
checksum = ctypes.wintypes.DWORD()
ctypes.windll.imagehlp.MapFileAndCheckSumA(
PTSTR(filename), ctypes.byref(headersum), ctypes.byref(checksum))
print('head: 0x%08X, real: 0x%08X' % (headersum.value, checksum.value))