这段代码有什么作用?找到& = pattern [j] == *(char *)(base + i + j)

时间:2018-04-17 15:23:01

标签: c

我遇到了一些令人困惑的代码,我不知道它代表什么:

if (pattern[j] == *(char*)(base + i + j))
{
  found = found & pattern[j];
}

我尝试重写它,这是我迄今为止所做的:

DWORD FindPattern(char *module, char *pattern)
{
  MODULEINFO mInfo = GetModuleInfo(module);

  /*typedef struct _MODULEINFO {
    LPVOID lpBaseOfDll;
    DWORD  SizeOfImage;
    LPVOID EntryPoint;
  } MODULEINFO, *LPMODULEINFO;*/

  DWORD base = (DWORD)mInfo.lpBaseOfDll;
  DWORD size = (DWORD)mInfo.SizeOfImage;
  DWORD EntryPoint = (DWORD)mInfo.EntryPoint;
  HANDLE han = GetStdHandle(STD_OUTPUT_HANDLE);

  DWORD patternLength = (DWORD)strlen(pattern);

  AllocConsole();
  FILE* fp;
  freopen_s(&fp, "CONOUT$", "w", stdout);
  printf("로드주소: %p\n", base);//0x400000
  printf("사이즈: %08X\n", size);//0x13F000
  printf("엔트리포인트: %p\n",EntryPoint);//0x4B8F6B
  printf("옵코드 주소: %p\n", *pattern);
  printf("옵코드 길이: %08x\n", patternLength);//0x11

  //프로세스에서 옵코드를 뺀 만큼 반복
  for (DWORD i = 0; i < size - patternLength; i++)//0x13F000-0x11 = 13EFEF
  {
    bool found = true;
    for (DWORD j = 0; j < patternLength; j++)
    {
      found &= pattern[j] == *(char*)(base + i + j);
      /*if (pattern[j] == *(char*)(base + i + j))
      {
        found = found & pattern[j];
      }*/
    }

    if (found)
      return base + i;
  }
  return 0xDEADBEEF;
}

对于上下文,完整代码段:

z

2 个答案:

答案 0 :(得分:3)

  

是否与下面的代码相同?

不,它不相同,该代码在逻辑上等于:

if( pattern[j] == *(char *)(base + i + j) ) found = found & 1;
else found = 0; // or found = found & 0; which has the same effect

答案 1 :(得分:1)

为了使声明更清晰,实际上这段代码

bool found = true;
for (DWORD j = 0; j < patternLength; j++)
{
    found &= pattern[j] == *(char*)(base + i + j);
    /*if (pattern[j] == *(char*)(base + i + j))
    {
        found = found & pattern[j];
    }*/
}

if (found)
    return base + i;

可以通过以下方式重写

bool found = true;
for (DWORD j = 0; found && j < patternLength; j++)
{
    if ( pattern[j] != *(char*)(base + i + j) )
    {
        found = false;
    }
}

if (found)
    return base + i;

或者喜欢

bool found = true;
for (DWORD j = 0; found && j < patternLength; j++)
{
    found = pattern[j] == *(char*)(base + i + j) )
}

if (found)
    return base + i;

所以当pattern[j] != *(char*)(base + i + j)时它表示表达式

pattern[j] == *(char*)(base + i + j)

收益0和found &= 0结果found设置为0

我已经了解了循环的条件,如

found && j < patternLength

因为当已经知道存在不相等的字符时继续循环是没有意义的。

相关问题
最新问题