91av视频/亚洲h视频/操亚洲美女/外国一级黄色毛片 - 国产三级三级三级三级

  • 大小: 6KB
    文件類型: .cpp
    金幣: 1
    下載: 0 次
    發(fā)布日期: 2021-06-12
  • 語言: C/C++
  • 標(biāo)簽: 判斷??PE??

資源簡(jiǎn)介

判斷一個(gè)文件是否是合法的PE文件 IsValidPEFile.cpp

資源截圖

代碼片段和文件信息 

#include?“stdafx.h“
#include?
#include?
#include?
/*
Code?From?Internet?Web.

This?file?IS?PROVIDED?by:?hustwing@qq.com
QQ:10196739
MSN:hustwing@hotmail.com
*/
BOOL?IsValidPEFile(LPTSTR?tszFullFileName)
{
????HANDLE?hFile?=?INVALID_HANDLE_VALUE;
????HANDLE?hMapping?=?INVALID_HANDLE_VALUE;
????LPVOID?pvMem?=?NULL;
????BOOL???bIsPE?=?FALSE;
????
????if?(!PathFileExists(tszFullFileName))
????{
????????return?bIsPE;
????}

????//?根據(jù)?PE?簽名判斷當(dāng)前文件是否是合法的?PE?文件
????hFile?=?CreateFile(?tszFullFileName?GENERIC_READ?FILE_SHARE_READ?
????????NULL?OPEN_EXISTING?FILE_ATTRIBUTE_NORMAL?NULL?);
????if?(?hFile?==?INVALID_HANDLE_VALUE?)?
????{
????????::_tprintf_s(_T(“CreateFile?failed.\r\n“));
????????goto?__cleanup;
????}

????hMapping?=?CreateFileMapping(?hFile?NULL?PAGE_READONLY?0?0?NULL?);
????if?(?hMapping?==?INVALID_HANDLE_VALUE?)?
????{
????????::_tprintf_s(_T(“CreateFileMapping?failed.\r\n“));
????????goto?__cleanup;
????}

????pvMem?=?MapViewOfFile(?hMapping?FILE_MAP_READ?0?0?0?);
????if?(NULL?==?pvMem)?
????{
????????::_tprintf_s(_T(“MapViewOfFile?failed.\r\n“));
????????goto?__cleanup;
????}

????//?是否包含有?DOS?簽名
????if?(?*(?USHORT*?)?pvMem?!=?IMAGE_DOS_SIGNATURE?)?
????{
????????::_tprintf_s(_T(“無DOS簽名.\r\n“));
????????goto?__cleanup;
????}

????//?是否包含有?NT?簽名
????if?(?*(?(?DWORD*?)?(?(?PBYTE?)?pvMem?+?(?(?PIMAGE_DOS_HEADER?)?pvMem?)->e_lfanew?)?)?!=?IMAGE_NT_SIGNATURE?)?
????{
????????::_tprintf_s(_T(“無NT簽名.\r\n“));
????????goto?__cleanup;
????}

????bIsPE?=?TRUE;
__cleanup:
????if?(pvMem?!=?NULL)
????{
????????UnmapViewOfFile(pvMem);
????}
????if?(hMapping?!=?INVALID_HANDLE_VALUE)
????{
????????CloseHandle(hMapping);
????}
????if?(hFile?!=?INVALID_HANDLE_VALUE)
????{
????????CloseHandle(hFile);
????}
????return?bIsPE;
}

BOOL?IsWindowsApp(LPTSTR?tszFullFileName)
{
????HANDLE?hFile?=?INVALID_HANDLE_VALUE;
????HANDLE?hMapping?=?INVALID_HANDLE_VALUE;
????LPVOID?pvMem?=?NULL;
????BOOL???bIsWinApp?=?FALSE;

????if?(!PathFileExists(tszFullFileName))
????{
????????return?bIsWinApp;
????}

????//?根據(jù)?PE?簽名判斷當(dāng)前文件是否是合法的?PE?文件
????hFile?=?CreateFile(?tszFullFileName?GENERIC_READ?FILE_SHARE_READ?
????????NULL?OPEN_EXISTING?FILE_ATTRIBUTE_NORMAL?NULL?);
????if?(?hFile?==?INVALID_HANDLE_VALUE?)?
????{
????????::_tprintf_s(_T(“CreateFile?failed.\r\n“));
????????goto?__cleanup;
????}

????hMapping?=?CreateFileMapping(?hFile?NULL?PAGE_READONLY?0?0?NULL?);
????if?(?hMapping?==?INVALID_HANDLE_VALUE?)?
????{
????????::_tprintf_s(_T(“CreateFileMapping?failed.\r\n“));
????????goto?__cleanup;
????}

????pvMem?=?MapViewOfFile(?hMapping?FILE_MAP_READ?0?0?0?);
????if?(NULL?==?pvMem)?
????{
????????::_tprintf_s(_T(“MapViewOfFile?failed.\r\n“));
????????goto?__cleanup;
????}

????//?是否包含有?DOS?簽名
????if?(?*(?USHORT*?)?pvMem?!=?IMAGE_DOS_SIGNATURE?)?
????{
????????::_tprintf_s(_T(“無DOS

評(píng)論

共有 條評(píng)論