本文实例讲述了C++内存查找的方法，分享给大家供大家参考。具体如下：

windows程序设计中的内存查找功能，主程序代码如下：

复制代码 代码如下:// MemRepair.cpp : 定义控制台应用程序的入口点。

//

#include "stdafx.h"

#include <Windows.h>

BOOL FindFirst(DWORD dwValue);

BOOL FindNext(DWORD dwValue);

HANDLE g_hProcess;

DWORD g_arList[1024];

DWORD g_nListCnt;

BOOL CompareAPage(DWORD dwBaseAddr, DWORD dwValue)

{

//读取一页内存

BYTE arBytes[4096];

BOOL bRead = ::ReadProcessMemory(g_hProcess, (LPVOID)dwBaseAddr, arBytes, 4096,NULL);

if (bRead == FALSE)

{

return FALSE;

}

DWORD *pdw;

for (int i=0;i<4096-4;i++)

{

pdw = (DWORD*)&arBytes[i];

if (pdw[0] == dwValue)

{

g_arList[g_nListCnt++] = dwBaseAddr+i;

}

/*出错，应该将地址先转换成DWORD*,即指向DWORD的地址，然后再取[0]

if ((DWORD)&arBytes[i] == dwValue)

{

g_arList[g_nListCnt++] = dwBaseAddr+i;

}

*/

}

if (g_nListCnt > 1024)

{

printf("the position is large than 1024..");

return FALSE;

}

return TRUE;

}

BOOL FindFirst(DWORD dwValue)

{

const DWORD dwOneGB = 1 * 1024 *1024 *1024; // 1GB

const DWORD dwOnePage = 4* 1024; // 4K

DWORD dwBase;

OSVERSIONINFO versionInfo={0};

versionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);

::GetVersionEx(&versionInfo);

if (versionInfo.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS ) //win98

{

dwBase = 4 * 1024 *1024; // 4MB

}

else

{

dwBase = 64 * 1024; // 64KB

}

//从开始地址到2GB的空间查找

for (;dwBase<2*dwOneGB;dwBase+=dwOnePage)

{

CompareAPage(dwBase,dwValue);

}

return TRUE;

}

BOOL FindNext(DWORD dwValue)

{

DWORD dwOriCnt = g_nListCnt;

DWORD dwReadValue;

BOOL bRet = FALSE;

g_nListCnt = 0;

for (int i=0;i<dwOriCnt;i++)

{

if (::ReadProcessMemory(g_hProcess,(LPVOID)g_arList[i],&dwReadValue,sizeof(DWORD),0))

{

if (dwReadValue == dwValue)

{

g_arList[g_nListCnt++] = g_arList[i];

bRet = TRUE;

}

}

}

return bRet;

}

void ShowList()

{

for (int i=0;i<g_nListCnt;i++)

{

printf("%08lXn", g_arList[i]);

}

}

BOOL WriteMemory(DWORD dwAddr, DWORD dwValue)

{

//出错的情况：写入的是&dwValue，而不是（LPVOID）dwValue

return WriteProcessMemory(g_hProcess,(LPVOID)dwAddr,&dwValue,sizeof(DWORD),NULL);

}

int _tmain(int argc, _TCHAR* argv[])

{

g_nListCnt = 0;

memset(g_arList,0,sizeof(g_arList));

char szCommandLine[]="c:testor.exe";

STARTUPINFO si={sizeof(STARTUPINFO)};

si.dwFlags = STARTF_USESHOWWINDOW;

si.wShowWindow = TRUE;

PROCESS_INFORMATION pi;

BOOL bRet = CreateProcess(NULL, szCommandLine,NULL,NULL,FALSE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&pi);

if (bRet == FALSE)

{

printf("createProcess failed...");

return -1;

}

::CloseHandle(pi.hThread);

g_hProcess = pi.hProcess;

//输入修改值

int iVal;

printf("Input iVal=");

scanf("%d", &iVal);

//进行第一次查找

FindFirst(iVal);

//打印结果

ShowList();

//再次查找

while (g_nListCnt > 1)

{

printf("input iVal:n");

scanf("%d",&iVal);

FindNext(iVal);

ShowList();

}

//修改值

printf("input new value:n");

scanf("%d",&iVal);

if (WriteMemory(g_arList[0],iVal))

{

printf("write suc...");

}

::CloseHandle(g_hProcess);

return 0;

}

测试用的程序代码如下：

复制代码 代码如下:#include "stdafx.h"

#include <stdio.h>

int g_nNum = 1003;

int _tmain(int argc, _TCHAR* argv[])

{

int i = 200;

while(1)

{

printf("i=%d,&i=%08lX...g_nNum=%d,&g_nNum=%08lXnn",i--,&i,--g_nNum,&g_nNum);

getchar();

}

return 0;

}

希望本文所述对大家的C++程序设计有所帮助。

【C++内存查找实例】相关文章：

★ C++可变参数的实现方法

★ C++ Explicit关键字详细解析

★ C语言中的内存泄露 怎样避免与检测

★ C语言实现逆波兰式实例

★ C++中关于Crt的内存泄漏检测的分析介绍

★ C++ 十进制转换为二进制的实例代码

★ C/C++可变参数的使用

★ C++利用容器查找重复列功能实现

★ C++ 字符串的反转五种方法实例

★ 关于C++内存中字节对齐问题的详细介绍