尝试在tlhelp32上写入字符串值时,有人知道这个问题吗?
引发异常类 EInvalidPointer 并带有消息“无效指针操作”
阅读代码:
function TPMemory.GetValues(ProcessID, Address: dword; VarType: integer; const Bits: Byte = 20;
const Unicode: boolean = false): string;
var
count: dword;
bytes: byte;
words: word;
dwords: dword;
floats: single;
doubles: double;
int64s: Int64;
texts: pchar;
unicodes: pwidechar;
arrayOfBits: array of byte;
j, PidHandle: integer;
temp: string;
check: boolean;
begin
Result:= '????????';
PidHandle:= OpenProcess(PROCESS_ALL_ACCESS,False,ProcessID);
try
case VarType of
1 : begin // byte
check:= readprocessmemory(PidHandle,pointer(Address),addr(bytes),1,count);
if (not check) or (count=0) then result:='??' else
Result:= inttostr(bytes);
end;
2 : begin // 2 bytes
check:= readprocessmemory(PidHandle,pointer(Address),addr(words),2,count);
if (not check) or (count=0) then result:='??' else
Result:= inttostr(words);
end;
3 : begin // 3 bytes
check:= readprocessmemory(PidHandle,pointer(Address),addr(dwords),3,count);
if (not check) or (count=0) then result:='??' else
Result:= inttostr(dwords);
end;
4,8 : begin // 4 bytes
check:= readprocessmemory(PidHandle,pointer(Address),addr(dwords),4,count);
if (not check) or (count=0) then result:='??' else
Result:= inttostr(dwords);
end;
5 : begin // float
check:= readprocessmemory(PidHandle,pointer(Address),addr(floats),4,count);
if (not check) or (count=0) then result:='??' else
Result:= floattostr(floats);
end;
6 : begin // double
check:= readprocessmemory(PidHandle,pointer(Address),addr(doubles),8,count);
if (not check) or (count=0) then result:='??' else
Result:= floattostr(doubles);
end;
11 : begin // text
if Unicode then
begin
getmem(unicodes,Bits*2+2);
check:=readprocessmemory(PidHandle,pointer(Address),unicodes,Bits*2,count);
if (not check) or (count<Bits) then result:='??' else
begin
unicodes[Bits]:=chr(0);
result:= unicodes;
end;
freemem(unicodes);
end else
begin
getmem(texts,Bits+1);
check:=readprocessmemory(PidHandle,pointer(Address),texts,Bits,count);
if (not check) or (count<Bits) then result:='??' else
begin
texts[Bits]:=chr(0);
result:= texts;
end;
freemem(texts);
end;
end;
12 : begin //array of byte
setlength(arrayOfBits,Bits);
check:=readprocessmemory(PidHandle,pointer(Address),arrayOfBits,Bits,count);
if (not check) or (count<Bits) then result:='??' else
begin
temp:='';
for j:=0 to Bits-1 do
temp:=temp+IntToHex(arrayOfBits[j],2);//+' ';
result:=temp;
end;
setlength(arrayOfBits,0);
end;
13 : begin //Int64
check:=readprocessmemory(PidHandle,pointer(Address),addr(int64s),8,count);
if (not check) or (count=0) then result:='??' else
begin
//if memrec[rec].ShowAsHex then
// result:='0x'+IntToHex(int64s,16)
//else
result:=IntToStr(int64s);
end;
end;
end;
finally
CloseHandle(PidHandle);
end;
end;
编写代码:
procedure TPMemory.setValues(ProcessID,Address: dword; VarType: integer; Value: string;
const unicode: boolean = false);
var
bytes: byte;
words: word;
dwords: dword;
singles: Single;
doubles: Double;
newValue, tempVal: string;
newvalueSt: widestring;
newValue6: int64;
text: pchar;
Written : dword;
err: integer;
PidHandle: integer;
original: dword;
resourcestring
strNotValid = 'Value not valid!';
begin
newValue:= Value;
case VarType of
1,2,3,4: begin
val(newValue, newValue6, err);
if err=0 then
begin
bytes := byte(newValue6);
words := word(newValue6);
dwords := dword(newValue6);
end;
end;
5,6: begin
val(newvalue,doubles,err);
if err<>0 then
begin
if newvalue[err]=',' then newvalue[err]:='.'
else
if newvalue[err]='.' then newvalue[err]:=',';
err:=0;
val(newvalue,doubles,err);
end;
singles:= doubles;
end;
11: err:= 0;
end;
if err>0 then raise Exception.Create(strNotValid);
PidHandle:= OpenProcess(PROCESS_ALL_ACCESS,False,ProcessID);
try
VirtualProtectEx(pidhandle, pointer(Address),SizeOf(newValue),PAGE_EXECUTE_READWRITE,original);
case VarType of
1: WriteProcessMemory(PidHandle, Pointer(Address), @bytes, 1, written);
2: WriteProcessMemory(PidHandle, Pointer(Address), @words, 2, written);
3: WriteProcessMemory(PidHandle, Pointer(Address), @dwords, 3, written);
4: WriteProcessMemory(PidHandle, Pointer(Address), @dwords, 4, written);
5: writeprocessmemory(PidHandle, Pointer(Address), addr(singles),4,written);
6: writeprocessmemory(PidHandle, Pointer(Address), addr(doubles),8,written);
11: begin
Bytes:=0;
Words:=0;
if unicode then
begin
newvalueSt:=newvalue;
writeprocessmemory(PidHandle,pointer(address),@newvalueSt[1],length(newvalueSt)*2,written);
writeprocessmemory(PidHandle,pointer(address+length(newvalue)*2),addr(Words),2,written);
end else
begin
getmem(text,length(newvalue));
StrCopy(text, PChar(newvalue));
writeprocessmemory(PidHandle,pointer(Address),text,length(newvalue),written);
writeprocessmemory(PidHandle,pointer(address+length(newvalue)),addr(Bytes),1,written);
freemem(text);
end;
end;
end;
VirtualProtectEx(pidhandle, pointer(Address),SizeOf(newValue),original,written);
finally
CloseHandle(PidHandle);
end;
end;
来电:
Type
TAppData = record
Address: dword;
Bit: integer;
NewValue: string;
end;
Var AppData: array [0..15] of TAppData;
Procedure TPMemory.WriteThis;
var
getVal: string;
i: integer;
begin
for i:= 0 to length(appData)-1 do
begin
getVal:= getValue(AppProcessID,appData[i].address,appData[i].bit);
if not(getVal='') AND not(getVal[1]='?') then
setValue(AppProcessID,appData[i].address,appData[i].bit,address,appData[i].newValue);
end;
end;
当尝试写入新值时,旧值的长度不同,例如:
旧值是“有人知道吗”,然后新值是“是否让我知道”
和
旧值是“有人知道吗”然后新值是“”(空值)
给我“无效的指针操作”错误信息
谢谢