C++中的过程管理

Question

我为安卓系统制作了一个快速而简单的WPM (WriteProcessMemory)。任何建议都是欢迎的。

bool bChangedProtect;
cout << search_results[cur_result].size() << " found.\n" << endl; 
for (int xy = 0; xy < search_results[cur_result].size(); xy++) 
{ 
   bChangedProtect = false;
   if (ReadProcessMemory(phandle,(void*)search_results[cur_result][xy],&sResult,8,nullptr) == 8) 
   {
      if (sResult==double_val) 
      {
     cout <<"item #" << xy << "\t";
         if (VirtualQueryEx(phandle, (void*)search_results[cur_result][xy], &mBI, sizeof(MEMORY_BASIC_INFORMATION)))
         {
             if ((mBI.Protect & PAGE_WRITECOPY) || (mBI.Protect & PAGE_EXECUTE_WRITECOPY))
             {
                 cout << hex << search_results[cur_result][xy] << " was WRITE_COPY or EXEC_WRITE_COPY ..skipping, just because." << endl;
                 continue;
             }
             else if ((mBI.Protect & PAGE_EXECUTE) || (mBI.Protect & PAGE_EXECUTE_READ))
             { 
                 if (VirtualProtectEx(phandle,(void*)search_results[cur_result][xy],8,PAGE_EXECUTE_READWRITE,&OLDPROTECT))
                 {
                     cout << hex << search_results[cur_result][xy] << " Was EXEC or EXEC_R --> VirtualProtectEx(EXEC_RW) SUCCESS" << endl;
                    bChangedProtect = true;
                 }
                 else
                 {
                     cout << hex << search_results[cur_result][xy] << " Was EXEC or EXEC_R --> VirtualProtectEx(EXEC_RW) FAIL. skipping write." << endl;
                     continue;
                 }
             }
             else if (mBI.Protect & PAGE_READONLY)
             {
                 if (VirtualProtectEx(phandle, (void*)search_results[cur_result][xy],8,PAGE_READWRITE,&OLDPROTECT))
                 { 
                 cout << hex << search_results[cur_result][xy] << " Was READ_ONLY --> VirtualProtectEx(READ_WRITE) SUCCESS" << endl;
                 bChangedProtect = true;
                 }
                 else
                 { 
                 cout << hex << search_results[cur_result][xy] << " Was READ_ONLY --> VirtualProtectEx(READ_WRITE) FAIL. skipping write." << endl;
                 continue;
                 }
             }
             //if we get here, apparently it's writable (and not copy-forward). 
                         if (!bChangedProtect)
                           cout << hex << search_results[cur_result][xy]; //will be first time we show the addr. todo: re-work logic because this feels awkward.

             if (WriteProcessMemory(phandle,(void*)search_results[cur_result][xy],&double_ans,8,nullptr))
             {
                 cout << " WriteProcessMemory() OK!" << endl;
             }
             else
             {
                 cout << " WriteProcessMemory() FAIL!" << endl;
                 if (VirtualQueryEx(phandle,(void*)search_results[cur_result][xy],&mBI,sizeof(MEMORY_BASIC_INFORMATION)))
                 {
                     cout <<"Current Protect: " << hex << mBI.Protect << endl;
                 }
                 else
                 {
                     cout <<"Current Protect: Unknown. VirtualQueryEx() Failed -- but why? -- does this happen?" << endl;
                 }   
             }
             if (bChangedProtect)
             {
                 DWORD idk = 0;
                 if (VirtualProtectEx(phandle,(void*)search_results[cur_result][xy],8,OLDPROTECT,&idk)) //not sure if you should use same var for old and new protect. will it set 'oldProtect' to the old protection before writing. is a temporary used? idk. try if you care.
                 {
                     cout << hex << search_results[cur_result][xy] << " VirtualProtectEx(ORIG) SUCCESS" << endl;
                 }
                 else
                 {
                     cout << hex << search_results[cur_result][xy] << " VirtualProtectEx(ORIG) FAIL -- does this happen?" << endl;
                 }
             }
         }
         else
         {
             cout <<"VirtualQueryEx FAILED for " << hex << search_results[cur_result][xy] << ". Skipping." << endl;
         }
      }
      else
      {
          cout << hex << search_results[cur_result][xy] << " sResult != double_val ... It was when we scanned, but not now. Skipped." << endl;
      }
   }
   else
   {
       cout << hex << search_results[cur_result][xy] << " ReadProcessMemory() fails" << endl;
   }

}

Answer 1

1. 更倾向于在最内部的范围内定义变量。非平凡类类型是一个常见的例外，在那里避免破坏和重新创建可能会更好。
2. 您的缩进并不完全一致，请考虑使用您选择的自动格式化程序。
3. 你似乎严重崇拜牙套。不过，你不是在一个地方用的。为什么？
4. 您知道std::hex在应用到流直到显式反任务后才会继续存在吗？
5. 在开始时添加对search_results[cur_result]的引用，除了可能具有更高的性能外，还会大大减少代码。在每个循环开始时，thatexpression[xy]也是如此。实际上，如果您由于某种原因不需要xy，那么使用范围换循环就更好了。
6. using namespace std;是个坏主意，避免它：为什么“使用命名空间性病；”被认为是不好的做法？
7. 考虑首先处理错误案例，并将其排除，以减少嵌套。
8. 您应该学习如何简化基本的按位操作: if((mBI.Protect & PAGE_WRITECOPY) x (mBI.Protect & PAGE_EXECUTE_WRITECOPY))与: if(mBI.Protect & (PAGE_WRITECOPY \ PAGE_EXECUTE_WRITECOPY))相同
9. 避免使用类型作为sizeof的参数，而是使用适当的表达式。 (sizeof mBI而不是sizeof(MEMORY_BASIC_INFORMATION))
10. 如果您不知道什么是按值传递和通过引用传递的意思，以及在C++中每一个都有，那么您应该重新编写一个基本教程。是的，OLDPROTECT (为什么是大写的？)这不是宏！)在那里使用是安全的。
11. 在每个换行符上显式地刷新输出流有什么特定的原因吗?还是只想把自己的性能冲进排水沟呢？
12. 为什么对void*使用所有C风格的转换？我非常怀疑类型转换，因为我不知道search_results[cur_result][xy]的类型，我不知道强制转换是否只是多余的和糟糕的形式，是由于错误的类型选择而必需的，还是编译器不礼貌地抱怨一个彻底的错误。
13. 我们不知道如何/如果您处理并发问题。

在应用了所有我可以确定的工作之后(也不是第12条，而是在第11条上赌博)：

auto&& srcr = search_results[cur_result];
using std::cout;
cout << std::hex << srcr.size() << " found.\n\n"; 
for (int xy = 0; xy < srcr.size(); xy++) {
    auto&& current = srcr[xy];
    if (ReadProcessMemory(phandle,(void*)current,&sResult,8,nullptr) != 8) {
        cout << current << " ReadProcessMemory() fails\n";
        continue;
    }
    if (sResult!=double_val) {
        cout << current << " sResult != double_val ... It was when we scanned, but not now. Skipped.\n";
        continue;
    }
    cout <<"item #" << xy << "\t";
    if (!VirtualQueryEx(phandle, (void*)current, &mBI, sizeof mBI)) {
        cout <<"VirtualQueryEx FAILED for " << current << ". Skipping.\n";
        continue;
    }
    if (mBI.Protect & (PAGE_WRITECOPY | PAGE_EXECUTE_WRITECOPY)) {
        cout << current << " was WRITE_COPY or EXEC_WRITE_COPY ..skipping, just because.\n";
        continue;
    }
    bool bChangedProtect = false;
    if (mBI.Protect & (PAGE_EXECUTE | PAGE_EXECUTE_READ)) {
        if (!VirtualProtectEx(phandle,(void*)current,8,PAGE_EXECUTE_READWRITE,&OLDPROTECT)) {
            cout << current << " Was EXEC or EXEC_R --> VirtualProtectEx(EXEC_RW) FAIL. skipping write.\n";
            continue;
        }
        cout << current << " Was EXEC or EXEC_R --> VirtualProtectEx(EXEC_RW) SUCCESS\n";
        bChangedProtect = true;
    } else if (mBI.Protect & PAGE_READONLY) {
        if (!VirtualProtectEx(phandle, (void*)current,8,PAGE_READWRITE,&OLDPROTECT)) {
            cout << current << " Was READ_ONLY --> VirtualProtectEx(READ_WRITE) FAIL. skipping write.\n";
            continue;
        }
        cout << current << " Was READ_ONLY --> VirtualProtectEx(READ_WRITE) SUCCESS\n";
        bChangedProtect = true;
    }
    //if we get here, apparently it's writable (and not copy-forward).
    if (!bChangedProtect)
        cout << current; //will be first time we show the addr. todo: re-work logic because this feels awkward.
    if (WriteProcessMemory(phandle,(void*)current,&double_ans,8,nullptr)) {
        cout << " WriteProcessMemory() OK!\n";
    } else {
        cout << " WriteProcessMemory() FAIL!\n";
        if (VirtualQueryEx(phandle,(void*)current,&mBI,sizeof mBI))
            cout <<"Current Protect: " << mBI.Protect << '\n';
        else
            cout <<"Current Protect: Unknown. VirtualQueryEx() Failed -- but why? -- does this happen?\n";
    }
    if (bChangedProtect) {
        if (VirtualProtectEx(phandle,(void*)current,8,OLDPROTECT,&OLDPROTECT))
            cout << current << " VirtualProtectEx(ORIG) SUCCESS\n";
        else
            cout << current << " VirtualProtectEx(ORIG) FAIL -- does this happen?\n";
    }
}