如何从FUNC PTR获取模块句柄在Win32中? [英] How to get Module HANDLE from func ptr in Win32?
问题描述
我工作的本地调用绑定一个虚拟机,以及的功能之一是能够通过名称在运行时查找标准libc函数。在Windows上变得有点麻烦,因为我需要的句柄的当前加载的过程中MSVCRT模块。通常,这是MSVCRT.DLL,但也可能是其他的变种,以及(msvcr100.dll等),如果使用一个不同名称的变体的GetModuleHandle(MSVCRT)的调用可能会失败。
我想是能够做的是反向查找,采取从libc中的函数指针(这是我在丰度),并得到一个句柄,提供它的模块。基本上,像这样:
HANDLE hlibc = ReverseGetModuleHandle(fprintf中); //从libc中的任何FUNC应该做的伎俩
无效* vfunc = GetProcAddress的(hlibc);
有Win32 API中这样的事情,不降入进程处理和符号表的手动散步吗?相反,如果我过思考这个问题,有没有名字在Win32来查找libc的功能更简单的方法?
MEMORY_BASIC_INFORMATION MBI;
HMODULE MOD;
如果(VirtualQuery来(vfunc,&安培; MBI,sizeof的(MBI)))
{
MOD =(HMODULE)mbi.AllocationBase;
}
I'm working on native call bindings for a virtual machine, and one of the features is to be able to look up standard libc functions by name at runtime. On windows this becomes a bit of a hassle because I need to get a handle to the msvcrt module that's currently loaded in the process. Normally this is msvcrt.dll, but it could be other variants as well (msvcr100.dll, etc) and a call to GetModuleHandle("msvcrt") could fail if a variant with a different name is used.
What I would like to be able to do is a reverse lookup, take a function pointer from libc (which I have in abundance) and get a handle to the module that provides it. Basically, something like this:
HANDLE hlibc = ReverseGetModuleHandle(fprintf); // Any func from libc should do the trick
void *vfunc = GetProcAddress(hlibc);
Is there such a thing in the win32 API, without descending into a manual walk of process handles and symbol tables? Conversely, if I am over-thinking the problem, is there an easier way to look up a libc function by name on win32?
MEMORY_BASIC_INFORMATION mbi;
HMODULE mod;
if (VirtualQuery( vfunc, &mbi, sizeof(mbi) ))
{
mod = (HMODULE)mbi.AllocationBase;
}
这篇关于如何从FUNC PTR获取模块句柄在Win32中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
