C#将IntPtr转换为int
我正在动态调用Windows API。我在网上找到了一些可以做到这一点的代码,我对此非常感兴趣。至少可以说,这个想法本身是非常棒的。然而,我似乎无法让它为我的代码工作。动态调用的参数类型为C#将IntPtr转换为int,c#,dynamic,int,C#,Dynamic,Int,我正在动态调用Windows API。我在网上找到了一些可以做到这一点的代码,我对此非常感兴趣。至少可以说,这个想法本身是非常棒的。然而,我似乎无法让它为我的代码工作。动态调用的参数类型为string,stringint[],我想使用APIGetThreadContext,参数为pInfo.hThred和ref-ctx(如下所示) API调用 GetThreadContext(pInfo.hThread, ref ctx); 上面的代码将调用GetThreadContext API(假设它是在
stringstringint[]GetThreadContextpInfo.hThredref-ctxGetThreadContext(pInfo.hThread, ref ctx);
ctx = new CONTEXT {ContextFlags = 0x10007};
PROCESS_INFORMATION pInfo;
CInvokeAPI.Invoke("kernel32","GetThreadContext",pInfo.hThread, ctx);
[StructLayout(LayoutKind.Sequential)]
struct CONTEXT
{
public uint ContextFlags;
unsafe fixed byte unused[160];
public uint Ebx;
public uint Edx;
public uint Ecx;
public uint Eax;
unsafe fixed byte unused2[24];
}
[StructLayout(LayoutKind.Sequential)]
struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
using System;
using System.Runtime.InteropServices;
using System.Text;
/*
* Title: CInvokeAPI.cs
* Description: Call API by name implementation in purely managed C# (no 'unsafe' mess here).
*
* Developed by: affixiate
* Comments: If you use this code, I require you to give me credits.
*/
public static class CInvokeAPI
{
/// <summary>
/// Generates a new, non-garbage collectable string in memory. Use this with Unicode "W" API.
/// </summary>
/// <param name="theString">A Unicode string.</param>
/// <returns>Address of newly allocated string in memory. Remember to free it after use.</returns>
public static int StringToPtrW(string theString)
{
return StringToPtr(Encoding.Unicode.GetBytes(theString));
}
/// <summary>
/// Generates a new, non-garbage collectable string in memory. Use this with ANSI "A" API.
/// </summary>
/// <param name="theString">An ANSII string.</param>
/// <returns>Address of newly allocated string in memory. Remember to free it after use.</returns>
public static int StringToPtrA(string theString)
{
return StringToPtr(Encoding.ASCII.GetBytes(theString));
}
/// <summary>
/// Internal method used to allocate memory.
/// </summary>
/// <param name="buf">A byte buffer.</param>
/// <returns>Address of newly allocated memory. Remember to free it after use.</returns>
private static int StringToPtr(byte[] buf)
{
return (int)GCHandle.Alloc(buf, GCHandleType.Pinned).AddrOfPinnedObject();
}
/// <summary>
/// Invokes the specified Windows API.
/// </summary>
/// <param name="libraryName">Name of the library.</param>
/// <param name="functionName">Name of the function.</param>
/// <param name="args">The arguments.</param>
/// <returns>True if function succeeds, otherwise false.</returns>
public static bool Invoke(string libraryName, string functionName, params int[] args)
{
/* Sanity checks. */
IntPtr hLoadLibrary = LoadLibrary(libraryName);
if (hLoadLibrary == IntPtr.Zero) return false;
IntPtr hGetProcAddress = GetProcAddress(hLoadLibrary, functionName);
if (hGetProcAddress == IntPtr.Zero) return false;
// Allocates more than enough memory for an stdcall and the parameters of a WinAPI function
IntPtr hMemory = VirtualAlloc(IntPtr.Zero, 1024 * 1024, MEM_COMMIT | MEM_RESERVE, MEM_EXECUTE_READWRITE);
if (hMemory == IntPtr.Zero)
return false;
IntPtr hMemoryItr = hMemory;
// Prepends the stdcall header signature
Marshal.Copy(new byte[] {0x55, 0x89, 0xE5}, 0, hMemoryItr, 0x3);
hMemoryItr = (IntPtr)((int)hMemoryItr + 0x3);
// Loop through the passed in arguments and place them on the stack in reverse order
for (int i = (args.Length - 1); i >= 0; i--)
{
Marshal.Copy(new byte[] {0x68}, 0, hMemoryItr, 0x1);
hMemoryItr = (IntPtr)((int)hMemoryItr + 0x1);
Marshal.Copy(BitConverter.GetBytes(args[i]), 0, hMemoryItr, 0x4);
hMemoryItr = (IntPtr)((int)hMemoryItr + 0x4);
}
Marshal.Copy(new byte[] {0xE8}, 0, hMemoryItr, 0x1);
hMemoryItr = (IntPtr)((int)hMemoryItr + 0x1);
Marshal.Copy(BitConverter.GetBytes((int)hGetProcAddress - (int)hMemoryItr - 0x4), 0, hMemoryItr, 0x4);
hMemoryItr = (IntPtr)((int)hMemoryItr + 0x4);
// Cleaning up the stack
Marshal.Copy(new byte[] {0x5D, 0xC2, 0x4, 0x0 /* <= I made a LOL. */}, 0, hMemoryItr, 0x4);
// Don't forget to increment if you are adding more ASM code here: hMemoryItr = (IntPtr)((int)hMemoryItr + 0x4);
try
{
var executeAsm = (RunAsm) Marshal.GetDelegateForFunctionPointer(hMemory, typeof (RunAsm));
executeAsm();
}
catch { return false; }
// Clean up the memory we allocated to do the dirty work
VirtualFree(hMemory, 0, MEM_RELEASE);
return true;
}
// ReSharper disable InconsistentNaming
private const uint MEM_RELEASE = 0x8000;
private const uint MEM_COMMIT = 0x1000;
private const uint MEM_RESERVE = 0x2000;
private const uint MEM_EXECUTE_READWRITE = 0x40;
// ReSharper restore InconsistentNaming
// My own sexy delegate:
[UnmanagedFunctionPointer(CallingConvention.StdCall, SetLastError = true)]
private delegate void RunAsm();
// WinAPI used:
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool VirtualFree(IntPtr lpAddress, UInt32 dwSize, uint dwFreeType);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern IntPtr VirtualAlloc(IntPtr lpAddress, UInt32 dwSize, uint flAllocationType, uint flProtect);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern IntPtr LoadLibrary(string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Ansi)]
private static extern IntPtr GetProcAddress(IntPtr hModule, string lpProcName);
}
使用系统;
使用System.Runtime.InteropServices;
使用系统文本;
/*
*标题:CInvokeAPI.cs
*描述:在纯托管C#中按名称调用API实现(这里没有“不安全”的混乱)。
*
*开发人:affixiate
*注释:如果你使用这个代码,我要求你给我学分。
*/
公共静态类CInvokeAPI
{
///
///在内存中生成新的非垃圾回收字符串。将其与Unicode“W”API一起使用。
///
///Unicode字符串。
///内存中新分配字符串的地址。请记住在使用后释放它。
公共静态int-StringToPtrW(字符串字符串)
{
返回StringToPtr(Encoding.Unicode.GetBytes(theString));
}
///
///在内存中生成新的非垃圾回收字符串。将其与ANSI“a”API一起使用。
///
///ANSII弦。
///内存中新分配字符串的地址。请记住在使用后释放它。
公共静态int-StringToPtrA(字符串字符串)
{
返回StringToPtr(Encoding.ASCII.GetBytes(字符串));
}
///
///用于分配内存的内部方法。
///
///字节缓冲区。
///新分配内存的地址。请记住在使用后释放它。
私有静态int-StringToPtr(字节[]buf)
{
return(int)GCHandle.Alloc(buf,GCHandleType.pinted).AddrOfPinnedObject();
}
///
///调用指定的Windows API。
///
///图书馆的名称。
///函数的名称。
///争论。
///如果函数成功,则为True,否则为false。
公共静态bool调用(字符串库名、字符串函数名、参数int[]args)
{
/*精神检查*/
IntPtr hLoadLibrary=LoadLibrary(libraryName);
if(hLoadLibrary==IntPtr.Zero)返回false;
IntPtr hGetProcAddress=GetProcAddress(hLoadLibrary,functionName);
if(hGetProcAddress==IntPtr.Zero)返回false;
//为stdcall和WinAPI函数的参数分配足够的内存
IntPtr hMemory=VirtualAlloc(IntPtr.Zero,1024*1024,MEM_COMMIT,MEM_RESERVE,MEM_EXECUTE,MEM_READWRITE);
if(hMemory==IntPtr.Zero)
返回false;
IntPtr hmemorytr=hMemory;
//在stdcall头签名前加上前缀
复制(新字节[]{0x55,0x89,0xE5},0,hMemoryItr,0x3);
hMemoryItr=(IntPtr)((int)hMemoryItr+0x3);
//循环遍历传入的参数,并将它们按相反顺序放在堆栈上
对于(inti=(args.Length-1);i>=0;i--)
{
Copy(新字节[]{0x68},0,HMEMORYTR,0x1);
hMemoryItr=(IntPtr)((int)hMemoryItr+0x1);
Marshal.Copy(BitConverter.GetBytes(args[i]),0,hMemoryItr,0x4);
hMemoryItr=(IntPtr)((int)hMemoryItr+0x4);
}
Copy(新字节[]{0xE8},0,hMemoryItr,0x1);
hMemoryItr=(IntPtr)((int)hMemoryItr+0x1);
Marshal.Copy(BitConverter.GetBytes((int)hGetProcAddress-(int)hMemoryItr-0x4),0,hMemoryItr,0x4);
hMemoryItr=(IntPtr)((int)hMemoryItr+0x4);
//清理烟囱
Marshal.Copy(新字节[]{0x5D,0xC2,0x4,0x0/*您可以使用该方法吗?该方法应适用于第一个参数。但不确定结构转换
也许可以看看如何将结构转换成整数
更新:
在C#中没有直接的C#等价物VarPtr,但我确实找到了一本参考手册(以及它所做的解释……听起来与中的VarPtr解释类似)。这是代码的摘录。它可能对您有用:
public static int VarPtr(object e)
{
GCHandle GC = GCHandle.Alloc(e, GCHandleType.Pinned);
int gc = GC.AddrOfPinnedObject().ToInt32();
GC.Free();
return gc;
}
注意:如本文所述,此函数存在一些潜在缺陷。可能用于传递的第一个对象,但它不适用于上下文对象。@Evan:我添加了一个指向一篇文章的链接,该链接可能会让您朝着正确的方向开始(用于结构转换)@Evan:也许我早上还能帮上点忙……非常累。@Evan:不幸的是,C#中没有直接替代VarPtr的工具。我已经用一个函数更新了我的答案,该函数可能足够接近您的需要,并提供了一些链接来进一步解释问题。我在第一个参数上使用了Convert.ToInt32(),在第二个参数上使用了VarPtr(Ctx)但还是不走运。不过你可能已经了解了一些事情。你能提供myVoid在非托管端所期望的真实参数吗?它真的是一个句柄和一个上下文*?如果是,你需要为它分配一些非托管内存一个副本一个上下文实例,看看你是否需要一个句柄而不是一个进程信息*你需要o对这个参数也做同样的操作。使用32位机器。谢谢。