我正在尝试使用ntdll.dll. 我正在使用NtApi和winapi板条箱。
当我尝试分配时,我收到下一个错误:
退出代码:0xc0000005,STATUS_ACCESS_VIOLATION
我如何需要将指针发送到NtAllocateVirtualMemory()?
为什么VirtualAllocEx()有效?
我明白当我打电话时VirtualAllocEx(),流程是kernel32.dll-> ntdll.dll,那么为什么当我将它发送到时这不起作用NtAllocateVirtualMemory()?
main.rs
use ntapi::ntmmapi::NtAllocateVirtualMemory;
use ntapi::ntpsapi::NtCurrentProcess;
use ntapi::winapi::um::winnt::{MEM_COMMIT, MEM_RESERVE, PAGE_READWRITE};
use winapi::shared::ntdef::{NT_SUCCESS};
use ntapi::_core::ptr::null_mut;
fn main() {
unsafe {
// let null_ptr=std::ptr::null();
// let null_base:*const winapi::ctypes::c_void=null_ptr as *const _;
let mut buffer=null_mut();
let status = NtAllocateVirtualMemory(
NtCurrentProcess,
*buffer,
0,
0x1000 as *mut _,
MEM_COMMIT | MEM_RESERVE,
PAGE_READWRITE,
);
if !NT_SUCCESS(status) {
// if status as usize == 0x0 {
println!("Allocation Fails");
} else {
println!("Allocation Success");
}
}
}
货运.toml
[package]
name = "allocate_null"
version = "0.1.0"
edition = "2018"
[dependencies]
winapi = {version="0.3.9", features=["ntdef","winnt","memoryapi"]}
ntapi = "0.3.6"