def findaddr(process_handle, basic, one, two):
data1 = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), basic, ctypes.byref(data1), 4, None)
data2 = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), data1.value + one, ctypes.byref(data2), 4, None)
return data2.value + two
def findaddrplus(process_handle, basic, one, two, three):
data1 = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), basic, ctypes.byref(data1), 4, None)
data2 = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), data1.value + one, ctypes.byref(data2), 4, None)
data3 = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), data2.value + two, ctypes.byref(data3), 4, None)
return data3.value + three
这是我的屎山代码,所以我要改进它,但它失效了.
def findaddr(process_handle, basic, *offsets):
data = ctypes.c_long()
kernel32.ReadProcessMemory(int(process_handle), basic, ctypes.byref(data), 4, None)
for i in range(len(offsets) - 1):
kernel32.ReadProcessMemory(int(process_handle), data.value + offsets[i - 1], ctypes.byref(data), 4, None)
return data.value + offsets[-1]
这个代码的问题可能出在这一行:
kernel32.ReadProcessMemory(int(process_handle), data.value + offsets[i - 1], ctypes.byref(data), 4, None)
在第一次迭代时,当 i = 0 时,offsets[i - 1] 会访问列表 offsets 的最后一个元素。这可能导致访问越界的问题。
您可以将该行代码更改为:
kernel32.ReadProcessMemory(int(process_handle), data.value + offsets[i], ctypes.byref(data), 4, None)
这样就会使用正确的偏移量进行读取。