WIN32核心编程 - 内存管理 内存页面

• 公开视频 -> 链接点击跳转公开课程
• 博客首页 -> 链接点击跳转博客主页

目录

VirtualAlloc - VirtualFree

VirtualAllocEx - VirtualFreeEx

VirtualLock(Ex) - VirtualUnlock(Ex)

VirtualQuery(Ex)

Process Memory Information

VirtualProtect(Ex)

Heap - GetProcessHeap - HeapCreate - HeapAlloc - HeapReAlloc - HeapFree - HeapDestroy

Heap - HeapSize - GetProcessHeaps

Heap - Heap32ListFirst - Heap32First

---

VirtualAlloc - VirtualFree

#include 
#include 
 
int main() 
{
    //C
    int* p1 = (int*)malloc(sizeof(int));
    if (p1 != NULL)
    {
        std::cout << *p1 << std::endl;
        memset(p1, 0, sizeof(int));
        std::cout << *p1 << std::endl;
        *p1 = 0x12345678;
        std::cout << *p1 << std::endl;
        free(p1);
        p1 = nullptr;
    }
 
    //CPP
    int* p2 = new int(0xCC);
    if (p2 != NULL)
    {
        std::cout << *p2 << std::endl;
        memset(p2, 0, sizeof(int));
        std::cout << *p2 << std::endl;
        *p2 = 0x12345678;
        std::cout << *p2 << std::endl;
        delete p2;
        p1 = nullptr;
    }
 
    //WIN32
    LPVOID lpBuffer = VirtualAlloc(/*(LPVOID)0x800000*/NULL, 0xFF, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    if (lpBuffer != NULL)
    {
        memset(lpBuffer, 0xCC, 0xFF);
        BOOL bRet = VirtualFree(lpBuffer, 0, MEM_RELEASE);
    }
 
    //跨进程内存管理
    VirtualAllocEx;
    VirtualFreeEx;
 
    return 0;
}

VirtualAllocEx - VirtualFreeEx

#include 
#include 
 
int main()
{
	DWORD dwPid = 65772;
	HANDLE hProcess = 0;
	LPVOID lpBase = 0;
	DWORD dwWriteData = 0;
	DWORD dwWriteLeng = 0;
	DWORD dwReadData = 0;
	DWORD dwReadLeng = 0;
 
	//打开进程
	hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
	if (NULL == hProcess) return 0;
 
	//申请内存
	lpBase = VirtualAllocEx(hProcess, NULL, 0xFF, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
	if (lpBase == NULL) return 0;
 
	//操作内存
	for (size_t i = 0; i < 0xFF; i++)
	{
		CHAR szBuffer = i;
		WriteProcessMemory(hProcess, (PUCHAR)lpBase + i, &szBuffer, sizeof(CHAR), &dwWriteLeng);
	}
 
	ReadProcessMemory(hProcess, (LPVOID)0x400000, &dwReadData, sizeof(DWORD), &dwReadLeng);
 
	//释放资源
	VirtualFreeEx(hProcess, lpBase, 0, MEM_RELEASE);
	CloseHandle(hProcess);
	
	return 0;
}

VirtualLock(Ex) - VirtualUnlock(Ex)

#include 
#include 
 
int main()
{
	//申请内存
	LPVOID lpBuffer = VirtualAlloc(NULL, 0xFF,MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
	if (lpBuffer == NULL) return 0;
	
	//锁定页面
	VirtualLock(lpBuffer, 0xFF);
 
	//快速交互
 
	//解锁页面
	VirtualUnlock(lpBuffer, 0xFF);
 
	//释放内存
	VirtualFree(lpBuffer, 0, MEM_RELEASE);
	
	return 0;
}

VirtualQuery(Ex)

#include 
#include 
 
int main()
{
	LPVOID lpBuffer = VirtualAlloc(NULL, 4097, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
	if (lpBuffer != NULL)
	{
		MEMORY_BASIC_INFORMATION mbi = { 0 };
		if (VirtualQuery((LPVOID)0x400000, &mbi, sizeof(MEMORY_BASIC_INFORMATION)) != 0)
		{
			return 0;
		}
		VirtualFree(lpBuffer, 0, MEM_RELEASE);
	}
 
	return 0;
}

Process Memory Information

#include 
#include 
#include 
 
std::string StateToStr(DWORD State)
{
	switch (State){
		case MEM_COMMIT	: return "MEM_COMMIT";
		case MEM_FREE	: return "MEM_FREE";
		case MEM_RESERVE: return "MEM_RESERVE";
		default			: return "UNKONW_STATE";
	}
}
 
std::string ProtectToStr(DWORD Protect)
{
	switch (Protect) {
	case PAGE_READONLY				: return "PAGE_READONLY";
	case PAGE_READWRITE				: return "PAGE_READWRITE";
	case PAGE_EXECUTE				: return "PAGE_EXECUTE";
	case PAGE_EXECUTE_READ			: return "PAGE_EXECUTE_READ";
	case PAGE_EXECUTE_READWRITE		: return "PAGE_EXECUTE_READWRITE";
	case PAGE_NOACCESS				: return "PAGE_NOACCESS";
	default							: return "UNKNOWN_PROTECT";
	}
}
 
std::string TypeToStr(DWORD Type)
{
	switch (Type) {
	case MEM_IMAGE		: return "MEM_IMAGE";
	case MEM_MAPPED		: return "MEM_MAPPED";
	case MEM_PRIVATE	: return "MEM_PRIVATE";
	default				: return "UNKNOWN_TYPE";
	}
}
 
int main()
{
	// 进程标识
	DWORD dwPid = 0;
	std::cout << "please input processid ";
	std::cin >> dwPid;
 
	// 打开进程
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwPid);
	if (hProcess == NULL)
	{
		std::cout << "OpenProcess Failed" << std::endl;
		return 0;
	}
 
	// 内存信息
	LPVOID lpBaseAddr = 0;
	MEMORY_BASIC_INFORMATION mbi;
	RtlZeroMemory(&mbi, sizeof(MEMORY_BASIC_INFORMATION));
 
	while (VirtualQueryEx(hProcess, lpBaseAddr, &mbi, sizeof(MEMORY_BASIC_INFORMATION)))
	{
		printf("==============================\r\n");
		printf("BaseAddress				0x%08x\r\n", mbi.BaseAddress);
		printf("AllocationBase				0x%08x\r\n", mbi.AllocationBase);
		printf("AllocationProtect			%s\r\n", ProtectToStr(mbi.AllocationProtect).c_str());
		printf("RegionSize				0x%08x\r\n", mbi.RegionSize);
		printf("State					%s\r\n", StateToStr(mbi.State).c_str());
		printf("Protect					%s\r\n", ProtectToStr(mbi.Protect).c_str());
		printf("Type					%s\r\n", TypeToStr(mbi.Type).c_str());
		lpBaseAddr = (PUCHAR)mbi.BaseAddress + mbi.RegionSize;
	}
	
	return 0;
}

VirtualProtect(Ex)

#include 
#include 
 
int main()
{
	// 页面大小
	SYSTEM_INFO si = { 0 };
	GetSystemInfo(&si);
 
	// 申请内存
	LPVOID lpBuffer = VirtualAlloc(NULL, si.dwPageSize, MEM_COMMIT, PAGE_READONLY);
	if (lpBuffer == NULL) return 1;
 
	// 修改属性
	DWORD dwOldProtect = 0;
	if (VirtualProtect(lpBuffer, si.dwPageSize, PAGE_READWRITE, &dwOldProtect) == NULL) return 1;
 
	// 数据写入
	memset(lpBuffer, 0xCC, si.dwPageSize);
 
	// 内存查询
	MEMORY_BASIC_INFORMATION mbi = { 0 };
	VirtualQuery(lpBuffer, &mbi, sizeof(MEMORY_BASIC_INFORMATION));
 
	// 属性恢复
	if (VirtualProtect(lpBuffer, si.dwPageSize, dwOldProtect, &dwOldProtect) == NULL) return 1;
	
	// 释放资源
	VirtualFree(lpBuffer, 0, MEM_RELEASE);
 
	return 0;
}

Heap - GetProcessHeap - HeapCreate - HeapAlloc - HeapReAlloc - HeapFree - HeapDestroy

#include 
#include 
 
int main()
{
	// 进程默认堆
	HANDLE hHeap1 = GetProcessHeap();
	LPVOID lpBuffer1 = HeapAlloc(hHeap1, HEAP_ZERO_MEMORY, 4);
	if(lpBuffer1 == NULL) return 1;
 
	// 创建进程堆
	HANDLE hHeap2 = HeapCreate(0, 0x1000, 0x10000);
	if (hHeap2 == NULL) return 1;
 
	// 申请堆内存
	LPVOID lpBuffer2 = HeapAlloc(hHeap2, HEAP_ZERO_MEMORY, 16);
	if (lpBuffer2 == NULL)
	{
		HeapDestroy(hHeap2);
		return 1;
	}
	memset(lpBuffer2, 0xCC, 16);
 
	// 扩大堆内存
	LPVOID lpBuffer3 = HeapReAlloc(hHeap2, 0, lpBuffer2, 32);
	if (lpBuffer3 == NULL)
	{
		HeapFree(hHeap2, 0, lpBuffer2);
		HeapDestroy(hHeap2);
		return 1;
	}
	memset(lpBuffer3, 0xCC, 32);
 
	// 释放堆内存
	HeapFree(hHeap2, 0, lpBuffer2);
 
	// 释放堆句柄
	HeapDestroy(hHeap2);
 
	return 0;
}

Heap - HeapSize - GetProcessHeaps

 
#include 
#include 
#include 
 
int main()
{
	// 进程默认堆
	HANDLE hHeap = GetProcessHeap();
	if (hHeap == NULL) return 1;
 
	// 申请堆内存
	LPVOID lpBuffer1 = HeapAlloc(hHeap, 0, 16);
	LPVOID lpBuffer2 = HeapAlloc(hHeap, 0, 32);
 
	// 内存块大小
	std::cout << HeapSize(hHeap, 0, lpBuffer1) << std::endl;
	std::cout << HeapSize(hHeap, 0, lpBuffer2) << std::endl;
 
	// 释放堆资源
	HeapFree(hHeap, 0, lpBuffer1);
	HeapFree(hHeap, 0, lpBuffer2);
 
	// 创建进程堆
	HeapCreate(0, 0x1000, 0x10000);
 
	// 进程堆数量
	DWORD dwHeapCount = GetProcessHeaps(0, NULL);
	if (dwHeapCount == NULL) return 1;
 
	PHANDLE pHeaps = new HANDLE[dwHeapCount];
	dwHeapCount = GetProcessHeaps(dwHeapCount, pHeaps);
	if (dwHeapCount == NULL) return 1;
 
	// 输出堆信息
	for (size_t i = 0; i < dwHeapCount; i++)
	{
		std::cout << pHeaps[i] << std::endl;
	}
 
	delete[] pHeaps;
 
	CreateToolhelp32Snapshot;
	HEAPENTRY32;
	Heap32First;
	Heap32Next;
 
	return 0;
}

Heap - Heap32ListFirst - Heap32First

#include 
#include 
#include 
 
int main()
{
	// 创建堆的数据
	HANDLE hHeap = HeapCreate(0, 0x1000, 0x10000);
 
	// 获取进程标识
	DWORD dwPid = GetCurrentProcessId();
 
	// 创建内存快照
	HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPHEAPLIST, dwPid);
	if (hSnap == INVALID_HANDLE_VALUE) return EXIT_FAILURE;
 
	// 结构描述信息
	HEAPLIST32 hl = { 0 };
	hl.dwSize = sizeof(HEAPLIST32);
 
	HEAPENTRY32 he = { 0 };
	he.dwSize = sizeof(HEAPENTRY32);
 
	// 遍历堆的列表
	if (Heap32ListFirst(hSnap, &hl))
	{
		do
		{
			printf("========\r\n");
 
			//遍历块的数据
			if (Heap32First(&he, dwPid, hl.th32HeapID))
			{
				do
				{
					std::cout << he.dwAddress << "\t" << he.dwBlockSize << std::endl;
 
				} while (Heap32Next(&he));
			}
 
		} while (Heap32ListNext(hSnap, &hl));
 
	}
 
	
	return EXIT_SUCCESS;
}