-
-
[求助]关于bambam加壳源代码的疑问
-
发表于:
2008-6-10 18:05
4176
-
bambam源代码中有两点我不明白:
1, 在函数void CCompressDlg::PerformStubRelocations(LPVOID lpMapping, DWORD dwStubVA /*stub's VA*/)
中,有这么几行:
dwRelocation = dwRVAPage + wValue;
pAddress = (DWORD*)RVAToMappedOffset(dwRelocation, lpMapping);
DWORD dwTempAddress = (*pAddress) & 0x0000ffff;
dwSectionOffset = RVAToSectionRawDataSize(dwTempAddress, lpMapping);
dwVirtualAddress = RVAToSectionVirtualAddress(dwTempAddress, lpMapping);
dwDelta = dwSectionOffset + dwStubVA - pNtHdr->OptionalHeader.ImageBase - dwVirtualAddress; //?????????// 存在疑问
*pAddress = *pAddress + dwDelta;
这个dwDelta 的意义是什么?
2,int CCompressDlg::TranslateAddresses(BYTE* pBuffer, DWORD dwLength, DWORD dwSourceVA, DWORD dwDestinationVA, DWORD dwRVAPage)
这个函数到底是在转换什么地址?为什么需要转换?
请达人指点……先谢了……
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
