We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0x8000
when i review ur source code, in function get_module_base_addr(Utils.h)
get_module_base_addr
Utils.h
what does 0x8000 means?
if (ModuleBaseAddr == 0x8000) ModuleBaseAddr = 0;
The original function is
/** * @brief 在指定进程中搜索对应模块的基址 * * @param pid pid表示远程进程的ID 若为-1表示自身进程 * @param ModuleName ModuleName表示要搜索的模块的名称 * @return void* 返回0表示获取模块基址失败,返回非0为要搜索的模块基址 */ void *get_module_base_addr(pid_t pid, const char *ModuleName){ FILE *fp = NULL; long ModuleBaseAddr = 0; char szFileName[50] = {0}; char szMapFileLine[1024] = {0}; // 读取"/proc/pid/maps"可以获得该进程加载的模块 if (pid < 0){ // 枚举自身进程模块 snprintf(szFileName, sizeof(szFileName), "/proc/self/maps"); } else { snprintf(szFileName, sizeof(szFileName), "/proc/%d/maps", pid); } fp = fopen(szFileName, "r"); if (fp != NULL){ while (fgets(szMapFileLine, sizeof(szMapFileLine), fp)){ if (strstr(szMapFileLine, ModuleName)){ char *Addr = strtok(szMapFileLine, "-"); ModuleBaseAddr = strtoul(Addr, NULL, 16); if (ModuleBaseAddr == 0x8000) ModuleBaseAddr = 0; break; } } fclose(fp); } return (void *)ModuleBaseAddr; }
The text was updated successfully, but these errors were encountered:
No branches or pull requests
我不理解这个
0x8000的判断是啥意思when i review ur source code, in function
get_module_base_addr(Utils.h)what does 0x8000 means?
The original function is
The text was updated successfully, but these errors were encountered: