C ++:使用成员函数指针获取函数virtual'address' [英] C++ : Getting function virtual 'address' with member function pointer
问题描述
此问题类似于
虚拟成员函数的打印地址< a>
This question is similar to print address of virtual member function
我想使用成员函数指针来检索函数的内存位置(在运行时)。目标是记录它们,并进行事后分析,在WinDbg中使用'ln'来检索使用PDB符号的函数。
I would like to retrieve the memory location of a function (in runtime), using a member function pointer. The goal is to log them, and do a post-mortem analysis, using 'ln' in WinDbg to retrieve which function it was, using PDB symbols.
我可以' t使用堆栈走,因为我还没有进入我想要日志的功能。
(我不想修改数十亿的函数来返回我的地址...)。
I can't use stack walking since I am not yet into the function I want to log. (and I do not want to modify billions of functions to return me their address...).
简短示例:
class AClass
{
public :
virtual AFunction(){;}
};
typedef void (AClass::*FxPtr)( void );
[...]
AClass oAClass;
AClass* pSelf = &oAClass;
FxPtr pf = &AClass::AFunction;
DWORD nFctAddress = ???
任何人都知道如何检索地址?
Anyone has an idea how I can retrieve the address ?
&(pSelf->*pf)
给出错误C2298:'&':对指向成员函数表达式的指针的非法操作
gives 'error C2298: '&' : illegal operation on pointer to member function expression'
我知道成员函数指针是怪异结构,因为我知道'this',有没有办法从vtable中查找可能的虚函数?
I know that member function pointers are 'weird' structures, but since I know the 'this', is there a way to look-up the potentially virtual function from the vtable ?
注意,
参考:
- Member Function Pointers
- Pointers to member functions are very strange animals
推荐答案
#include <stdio.h>
struct Class {
virtual void AFunction( void ) { printf("1"); }
};
struct AClass : public Class {
virtual void AFunction( void ) { printf("2"); }
};
typedef void (AClass::*FxPtr)(void);
int main( void ) {
union {
FxPtr pf;
int rf[2];
};
pf = &AClass::AFunction;
printf( "sizeof(pf)=%i\n", sizeof(pf) );
printf( "%08X\n", pf );
printf( "%08X %08X\n", rf[0], rf[1] );
/*
error: ISO C++ forbids taking the address of a bound member function
to form a pointer to member function. Say '&AClass::AFunction'
AClass a;
FxPtr qf = &a.AFunction;
printf( "sizeof(qf)=%i\n", sizeof(qf) );
*/
};
它易于访问vtable,但不是那么简单,通过其地址来标识函数。
一些选项:
1)解析.map文件,加载并通过typeid(或通过VMT实例从map)查找类名,然后通过名称查找函数地址。 >
2)写一个静态函数为给定的对象调用给定的虚方法,看它如何
在asm中查找,并从它的代码中检索函数在vtable中的偏移,然后读取地址
Its easy to access vtable, but not so simple to identify the function by its address.
Some options:
1) Parse the .map file, load, and look up the class name by typeid (or by VMT instance from map), then function address by its name.
2) Write a static function calling a given virtual method for given object, see how it
looks in asm, and retrieve the function's offset in vtable from its code, then read the address
?adr_CFunction@Class@@SIXPAU1@@Z PROC ; Class::adr_CFunction, COMDAT
; _This$ = ecx
; 8 : static void adr_CFunction( Class* This ) { This->CFunction(); }
mov eax, DWORD PTR [ecx]
mov edx, DWORD PTR [eax+8]
jmp edx
?adr_CFunction@Class@@SIXPAU1@@Z ENDP ; Class::adr_CFunction
3)有一些漂亮的选项,如/ Gh enable _penter function call它允许检索所有函数的
地址,在调用之后,但在函数实际执行任何操作之前。然后.map可以用于通过跟踪来标识函数。
3) There're nifty options like "/Gh enable _penter function call", which allow to retrieve
addresses of all functions, after the call though, but before the function actually does anything. Then .map can be used to identify the function by the trace.
这篇关于C ++:使用成员函数指针获取函数virtual'address'的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
