|
What do you mean by "relationship?" Beginning with 32-bit Windows, when an EXE is loaded from disk into memory, very little, if any, is required of the Windows loader to create a process. It uses the memory-mapped file mechanism to map the appropriate pieces of the file into the virtual address space. The memory used by the module for code, data, resources, import tables, export tables, and other required data structures is in one contiguous block of memory. Unlike the 16-bit files where portions of the file were read in and completely different data structures were created to represent the module in memory. When the code or data segment needed to be loaded, the loader had to allocate a new segment from the global heap, find where the raw data is stored in the executable file, seek to that location, read in the raw data, and apply any applicable fixups.
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
Thank you very much.
I use the Memory-mapped file mechanism load the program file from disk (using the CreateFileMapping(),MapViewOfFile()), and I can analyizing the PE header, Option header, section tables and the section raw data. verything is ok.
so I run this program, and use Tool Help functions (CreateToolhelp32Snapshot(),Process32First(),Module32First() etc..) to obtain the process ID, then use the Toolhelp32ReadProcessMemory() function copy the process memory into a buffer. the useing the PE specific to analyze the buffer data. I can get the correct PE DOS-Header, the Option header, and the section table, but I can not get the correctly Section data like use the Memory-mapped file mechanism.
So I think the Memory-mapped file mechanism and the Windows Kernel load the file into memory and create the process are different. so I need know what is the different.
In the PE option header, there are the BaseOfCode and BaseOfData fields, and in the section header, there are the same section. so I read this section rawdata, and want to search these data in the process memory. but I can not find. then I use the same mechanism like Memory-mapped file to dump all of the process memory. I find that the PE header are same, but the section rawdata is differnt. so I don't know what's the different.
thank you very much.
|
|
|
|
|
Hi !
What is the best and the safest Encryption Algorithmus ???
|
|
|
|
|
That's like asking what the fastest sorting algorithm is. It cannot be answered with the lack of information you've provided.
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
Read "Applied cryptography". It is a little dated, but you won't understand any answer unless you know what that book contains.
|
|
|
|
|
hi,
i made a simple program with the MDC AppWizard...
the problem shows MDI window and child window inside it.
how can i remove the child window that he won't popup everytime i run the program?
(its the default situatoion when u use the appwizard...)
Avi
|
|
|
|
|
Check out MSDN article Q141725.
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
thanks, it helped alot and it worked...
|
|
|
|
|
Hi,
Does anyone know what the contents of the win32 api function closesocket(SOCKET s) are? As in, the exact code?
I need to use closesocket but I can't use the pre-written function because if I include winsock.h and such, the defines collide with too many of my other defines (I'm compiling and running the program under cygwin, but the problem is that the sockets are closed through windows, so I need closesocket to properly terminate them).
Thanks
Kelly Ryan
|
|
|
|
|
How are you opening the socket? Isn't the SOCKET parameter used by closesocket() the same one filled in by connect() ? In any case, SOCKET is just an unsigned int .
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|
|
use winsock2.h
and try WSACleanup() after to close everything
and also closesocket()
gabby
|
|
|
|
|
You can't replace closesocket(). The implementation is going to effect data stored in the TCP/IP stack that you don't have access to.
KellyR wrote:
if I include winsock.h and such, the defines collide with too many of my other defines
I believe you must solve that problem.
"No matter where you go, there your are." - Buckaroo Banzai
-pete
|
|
|
|
|
Hi,
i have a dialog based app with a PretranslateMessage and a OnKeyUp Function that looks like this
BOOL CMyDlg::PreTranslateMessage(MSG* pMsg)
{
if (pMsg->message == WM_KEYDOWN)
{
switch (pMsg->wParam)
{
case VK_ESCAPE:
break;
....
}
return CDialog::PreTranslateMessage(pMsg);
}
void CMyDlg::OnKeyUp(UINT nChar, UINT nRepCnt, UINT nFlags)
{
MessageBox ("Up");
CDialog::OnKeyUp(nChar, nRepCnt, nFlags);
}
But the Key up does not work ;
Exception : if i place it directly into the PretranslateMessage Function I can handle the event.
What is the problem ?
thanks
ch
|
|
|
|
|
So here is the problem ... i've been searching for days in the interet but found nothing that could help me. If someone knows the solution of my problem ...
So I wrote a multilanguage application with nice resource only dll's for the dialog boxes, menus ... It works fine libraries and resources are loaded, but there's a problem for two of them.
My application is made of 2 CFormview. It seems that the application loads once the resources for thoses two formviews during the CMainFrame::OnCreateClientfunction, and then nevermore.
Is there a possibility for a view to reload it's dialog resource at runtime ? I've been trying updateview, updatedate, invalidate ... Im'not sure that it is possible .
Tank you for your answer !
Djizzio
|
|
|
|
|
Hello,
It seems that in the app. where I'm working on, the default behaviour of OnKeyDown doesn't seem to catch the return key.
Can you modify this?
Can you modify this for 1 class and not for the entire app.?
tnx!
"If I don't see you in this world, I'll see you in the next one... and don't be late." ~ Jimi Hendrix
|
|
|
|
|
Hi ,
you need to overide the virtualfunction OnGetDlgCode, and then write the following line of code . Your Class must be derived from CWnd.
return CYourClass::OnGetDlgCode() | DLGC_WANTALLKEYS;
Djizzio
|
|
|
|
|
Hey,
tnx for your reply.
I did this:
<br />
UINT CtrlFlexArray::OnGetDlgCode(){<br />
return CWnd::OnGetDlgCode() | DLGC_WANTALLKEYS;<br />
}
but the OnKeyDown still doesn't catch the return key.
Did I forgot something or did I do something wrong?
(NOTE: CtrlFlexArray is derived from CvsFlexArray and CvsFlexArray from CWnd, but I don't think this is the problem)
tnx!
"If I don't see you in this world, I'll see you in the next one... and don't be late." ~ Jimi Hendrix
|
|
|
|
|
Don't forget to add
ON_WM_GETDLGCODE()
to the message map of your class.
|
|
|
|
|
|
I found my error;
Forgot to add a WM message;
but hey, now it works
"If I don't see you in this world, I'll see you in the next one... and don't be late." ~ Jimi Hendrix
|
|
|
|
|
I want to install three hooks in a dll,one is WH_GETMESSAGE, two is WH_CBT,the other is WH_SHELL,the first hook is installed successfully but the second failed,codes as below:
BOOL __declspec(dllexport)__stdcall installhookCBT(HWND hCallProc)
{
AFX_MANAGE_STATE(AfxGetStaticModuleState());
hCallHook=hCallProc;
hkbCBT=SetWindowsHookEx(WH_CBT,(HOOKPROC)CBTProc,hins,0);
if(NULL == hkbCBT)
{
DWORD d=GetLastError();
CString str;
str.Format("%d",d);
CFile file;
file.Open("D:\\1.txt",CFile::modeCreate|CFile::modeWrite);
file.Write(str,str.GetLength());
file.Close();
return FALSE;
}
return TRUE;
}
value d is 0,why?
this error is happened today,but all three hooks are installed successfully yesterday.
|
|
|
|
|
Hi,
I want to get the process path name..The scenario is like this..
I have same two .exe's in two different folder, which calls a single dll file in which i need to know which ever process is currently using the dll, I need to know it's path name...I get a wrong path when i use GetModuleFileName()API..
Give me some tips..
Shiva P
|
|
|
|
|
Maybe GetCurrentProcess, followed by OpenProcess, followed by GetModuleHandle with the process handle could do it. I haven't tried it, just guessing.
I hope this helps
"It was when I found out I could make mistakes that I knew I was on to something."
-Ornette Coleman
"Philosophy is a study that lets us be unhappy more intelligently."
-Anon.
|
|
|
|
|
Maybe GetCurrentProcess, followed by OpenProcess, followed by GetModuleHandle with the process handle could do it. I haven't tried it, just guessing.
I hope this helps
"It was when I found out I could make mistakes that I knew I was on to something."
-Ornette Coleman
"Philosophy is a study that lets us be unhappy more intelligently."
-Anon.
|
|
|
|
|
GetModuleFileName(NULL, ...) is what you want to call from within the EXE.
"When I was born I was so surprised that I didn't talk for a year and a half." - Gracie Allen
|
|
|
|