如何执行嵌入资源的可执行文件 [英] How to execute an executable embedded as resource

问题描述

是否有可能执行包含在该项目作为一个资源的exe文件？我可以读取该文件作为一个字节数组，并在内存中执行它？

Is it possible to execute an exe file that is included in the project as a resource? Can I fetch the file as a byte array and execute it in memory?

我不希望将文件写入到一个临时位置，并执行它。我在寻找一个解决方案，我可以在内存中执行它。 （这不是一个.NET程序集。）

I don't want to write the file to a temporary location and execute it there. I'm searching for a solution where I can execute it in memory. (It's not a .NET assembly.)

推荐答案

这是相当可能的 - 我已经做到了自己 - 但它的繁琐，更因此从管理code。有没有为它.NET API，也不是因为它，你可以的PInvoke本机API。所以，你必须fenagle负载的手，这将需要PE的一些知识用于模块如DLL和EXE文件（可移植可执行）文件格式 - 的 http://msdn.microsoft.com/en-us/magazine/cc301805.aspx 。未来将有很多的指针操作的（强制使用不安全{}块）和的PInvoke。

It's quite possible - I've done it myself - but it's fiddly and more so from managed code. There's no .NET API for it, nor is there a native API for it which you can PInvoke. So you'll have to fenagle the load by hand, which will require some knowledge of the PE (Portable Executable) file format used for modules such as DLLs and EXEs - http://msdn.microsoft.com/en-us/magazine/cc301805.aspx. There'll be a lot of pointer manipulation (mandating use of unsafe {} blocks) and PInvoke.

第一次加载PE文件到内存中（或使用MapViewOfFile）。 PE格式文件是在内部由包含code，数据或资源的不同部分了。文件中的每个部分的偏移量并不总是匹配意在内存偏移，因此一些小的调整是必需的。

First load the PE file into memory (or use MapViewOfFile). A PE file is internally made up of different sections containing code, data or resources. The offsets of each section in the file don't always match intended in-memory offsets, so some minor adjustments are required.

每个PE文件假定它会在虚拟内存在一定的基址被加载。除非你能确保这一点，你需要走PE文件中的重定位表进行相应的调整指针。

Every PE file assumes it'll be loaded at a certain base address in virtual memory. Unless you can ensure this you'll need to walk the PE file's relocation table to adjust pointers accordingly.

每个PE文件也有一个导入表上市要调用哪些其他DLL的职能。你需要走这表并调用LoadLibrary（）/ GetProcAddress的（）来填充每个导入。

Each PE file also has an import table listing which other DLLs' functions it wants to call. You'll need to walk this table and call LoadLibrary() / GetProcAddress() to fill in each import.

接着，存储器保护需要被正确地设定各部分。每个部分的标题指出它想要的保护，所以它的调用VirtualProtect的（），每个部分用正确的标志只是一个问题。至少，你需要用VirtualProtect的在PAGE_EXECUTE_READWRITE加载模块，或者你是不太可能能够执行任何code。

Next, memory protection needs to be set correctly for each section. Each section's header notes the protection it wants, so it's just a matter of calling VirtualProtect() for each section with the correct flags. At a minimum you'll need to VirtualProtect the loaded module with PAGE_EXECUTE_READWRITE or you're unlikely to be able to execute any code.

最后，你需要调用它的入口点，其地址可以在PE头中发现了一个DLL;那么你就可以自由地调用导出函数。

Lastly for a DLL you need to call its entry point, whose address can be found in the PE header; you can then freely call exported functions.

由于要运行的EXE，你有一些额外的麻烦。你可以只旋转了一个新的线程，并从中调用EXE的入口点，但很多EXE的可能不高兴，因为这个过程是为你设置，而不是EXE。它也可能杀死你的过程，当它试图退出。您可能要因此生成一个新的进程 - 你的主要EXE也许另一份特殊的参数告诉它它会运行一些不同的code - 在这种情况下，你不得不fenagle的EXE到它的内存空间。你可能想要做最上面的工作，在新的过程，而不是旧的。你既可以创建一个命名管道和整个从一个EXE将数据发送到对方，或分配与MapViewOfFile一个名为共享内存区。当然，EXE仍然可以生气，因为这个过程中它仍运行是不是自己的。

Since you want to run an EXE, you've got some additional headaches. You can just spin up a new thread and call the EXE's entry point from it, but many EXE's may get upset since the process is set up for you, not the EXE. It also may well kill your process when it tries to exit. You might want to spawn a new process therefore - perhaps another copy of your main EXE with special arguments to tell it it's going to run some different code - in which case you'd have to fenagle the EXE into its memory space. You'd probably want to do most of the above work in the new process, not the old. You could either create a named pipe and send the data across from one EXE to the other, or allocate a named shared memory area with MapViewOfFile. Of course the EXE may still get upset since the process its running in still isn't its own.

所有的一切更容易只写一个临时文件，然后使用的Process.Start（）。

All in all its far easier just to write to a temporary file and then use Process.Start().

如果你仍然想这样做硬盘的方式，来看看这个例子在非托管code：的 http://www.joachim-bauch.de/tutorials/loading-a-dll-from-memory/ 。这不包括可执行文件，只是DLL文件，但如果code在其中不吓唬你，你会没事的延长过程中覆盖的可执行文件。

If you still want to do it the hard way, take a look at this example in unmanaged code: http://www.joachim-bauch.de/tutorials/loading-a-dll-from-memory/. This doesn't cover executables, just DLLs, but if the code therein doesn't scare you you'd be fine extending the process to cover executables.

这篇关于如何执行嵌入资源的可执行文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！