rc文件中增加控件,菜单,子菜单
2024-04-15 06:09:17
来自windows核心编程教程
一直以来,都是拖控件,或者用delphi的控件动态创建,
在看核心编程时,发现例子中根本没dfm窗体文件,而且编译出的exe大小十几k。
上代码吧
项目同名的 .RC文件
// 语言
LANGUAGE LANG_CHINESE, SUBLANG_CHINESE_SIMPLIFIED// Define
#define IDD_PROCESSINFO 101
#define IDR_PROCESSINFO 102
#define IDI_PROCESSINFO 103
#define IDC_PROCESSMODULELIST 1000
#define IDC_RESULTS 1011
#define IDC_MODULEHELP 1014
#define ID_PROCESSES 40001
#define ID_MODULES 40002
#define ID_VMMAP 40006
#define ID_MHELP 40007
#define ID_MWINDOWS 40008// Dialog
IDD_PROCESSINFO DIALOGEX 0, 0, 400, 317STYLE DS_3DLOOK | DS_NOFAILCREATE | DS_CENTER | WS_MINIMIZEBOX | WS_MAXIMIZEBOX | WS_VISIBLE | WS_CAPTION | WS_SYSMENU | WS_THICKFRAMEEXSTYLE WS_EX_NOPARENTNOTIFY | WS_EX_CLIENTEDGECAPTION "Process Information"MENU IDR_PROCESSINFOFONT 8, "MS Sans Serif"
BEGINCOMBOBOX IDC_PROCESSMODULELIST, 4, 4, 392, 156, CBS_DROPDOWNLIST | CBS_AUTOHSCROLL | CBS_SORT | WS_VSCROLL | WS_TABSTOPLISTBOX IDC_MODULEHELP, 0, 0, 48, 40, NOT LBS_NOTIFY | LBS_SORT | LBS_NOINTEGRALHEIGHT | NOT WS_VISIBLE | NOT WS_BORDER | WS_TABSTOPEDITTEXT IDC_RESULTS, 4, 24, 392, 284, ES_MULTILINE | ES_AUTOVSCROLL | ES_AUTOHSCROLL | ES_READONLY | WS_VSCROLL | WS_HSCROLL
END// Menu
IDR_PROCESSINFO MENU DISCARDABLE
BEGINMENUITEM "&Processes!", ID_PROCESSESMENUITEM "&Modules!", ID_MODULESMENUITEM "&VMMap!", ID_VMMAP//弹出菜单POPUP "&Help!"BEGIN//子菜单MENUITEM "&Windows!", ID_MWINDOWSEND
END// Icon
IDI_PROCESSINFO ICON DISCARDABLE "ProcessInfo.ico"项目同名的.pas文件
program ProcessInfo;{$R 'ProcessInfo.res' 'ProcessInfo.rc'}usesWindows,Messages,TlHelp32,Toolhelp in 'Toolhelp.pas';const// 资源IDIDD_PROCESSINFO = 101;IDI_PROCESSINFO = 103;// 控件IDIDC_PROCESSMODULELIST = 1000;IDC_RESULTS = 1011;IDC_MODULEHELP = 1014;// 菜单IDID_PROCESSES = 40001;ID_MODULES = 40002;ID_VMMAP = 40006;ID_MWINDOWS = 40008;// 定位字符串中指定字符
function SearchChar(const S: PChar; C: Char; Back: BOOL): PChar;
beginif (Back = TRUE) thenbegin // 从前向后搜索Result := S;while (Result^ <> #0) and (Result^ <> C) doInc(Result);endelsebegin // 从后向前搜索Result := SearchChar(S, #0, TRUE);if (Result <> S) thenrepeatDec(Result)until (Result = S) or (Result^ = C);end;if (Result^ <> C) thenResult := nil;
end;// 简单包装格式输出API
function wvsprintf(Output: PChar; Format: PChar; Arg_List: array of Integer): Integer;
beginResult := Windows.wvsprintf(Output, Format, @Arg_List[Low(Arg_List)]);
end;// 向Edit控件添加字符串
procedure AddText(hWnd: hWnd; pszFormat: PChar; Arg_List: array of Integer);
varsz: array[0..20 * 1024] of Char;
beginGetWindowText(hWnd, sz, SizeOf(sz));wvsprintf(SearchChar(sz, #0, TRUE), pszFormat, Arg_List);SetWindowText(hWnd, sz);
end;// 刷新进程列表至ComboBox
procedure Dlg_PopulateProcessList(hWnd: hWnd);
varhWndList: LongWord; // ComboBox句柄thProcesses: TToolhelp; // 进程枚举对象pe: TProcessEntry32; // 进程枚举结构fOk: BOOL;pszExeFile: PChar;sz: array[0..1024] of Char;n: Integer;
beginpe.dwSize := SizeOf(TProcessEntry32);hWndList := GetDlgItem(hWnd, IDC_PROCESSMODULELIST);SendMessage(hWndList, WM_SETREDRAW, 0, 0);SendMessage(hWndList, CB_RESETCONTENT, 0, 0);// 枚举进程thProcesses := TToolhelp.Create(TH32CS_SNAPPROCESS);fOk := thProcesses.ProcessFirst(@pe);while fOk dobeginpszExeFile := SearchChar(pe.szExeFile, '\', FALSE);if (pszExeFile = nil) thenpszExeFile := pe.szExeFileelseInc(pszExeFile);// 添加进程名(不含路径)及IDwvsprintf(sz, '%s (0x%08X)', [Integer(pszExeFile), pe.th32ProcessID]);n := SendMessage(hWndList, CB_ADDSTRING, 0, Integer(@sz[0]));// 保存进程ID至ComboBox子项SendMessage(hWndList, CB_SETITEMDATA, n, pe.th32ProcessID);// 下一进程fOk := thProcesses.ProcessNext(@pe);end;thProcesses.Free;// ComboBox选项'改变为'第一项SendMessage(hWndList, CB_SETCURSEL, 0, 0);SendMessage(hWnd, WM_COMMAND, MakeWParam(IDC_PROCESSMODULELIST, CBN_SELCHANGE), hWndList);SendMessage(hWndList, WM_SETREDRAW, 1, 0);InvalidateRect(hWndList, nil, FALSE);
end;// 刷新模块列表至ComboBox
procedure Dlg_PopulateModuleList(hWnd: hWnd);
varhWndModuleHelp, hWndList: LongWord; // HWNDthProcesses, thModules: TToolhelp;pe: TProcessEntry32;me: TModuleEntry32;fpOk, fmOk: BOOL;n, j, nNumModules, nIndex: Integer;sz: array[0..1024] of Char;
beginpe.dwSize := SizeOf(TProcessEntry32);me.dwSize := SizeOf(TModuleEntry32);// 利用ListBox管理模块列表hWndModuleHelp := GetDlgItem(hWnd, IDC_MODULEHELP);SendMessage(hWndModuleHelp, LB_RESETCONTENT, 0, 0);// 枚举进程thProcesses := TToolhelp.Create(TH32CS_SNAPPROCESS);fpOk := thProcesses.ProcessFirst(@pe);while fpOk dobegin// 枚举模块thModules := TToolhelp.Create(TH32CS_SNAPMODULE, pe.th32ProcessID);fmOk := thModules.ModuleFirst(@me);while fmOk dobegin// 该模块是否已存在于ListBox, 不存在则添加n := SendMessage(hWndModuleHelp, LB_FINDSTRINGEXACT, -1, Integer(@me.szExePath[0]));if (n = LB_ERR) thenbeginSendMessage(hWndModuleHelp, LB_ADDSTRING, 0, Integer(@me.szExePath[0]));end;// 下一模块fmOk := thModules.ModuleNext(@me);end;thModules.Free;// 下一进程fpOk := thProcesses.ProcessNext(@pe);end;thProcesses.Free;// ListBox -> ComboBoxhWndList := GetDlgItem(hWnd, IDC_PROCESSMODULELIST);SendMessage(hWndList, WM_SETREDRAW, 0, 0);SendMessage(hWndList, CB_RESETCONTENT, 0, 0);nNumModules := SendMessage(hWndModuleHelp, LB_GETCOUNT, 0, 0);for j := 0 to nNumModules - 1 dobegin// ListBox第j项(完整路径)SendMessage(hWndModuleHelp, LB_GETTEXT, j, Integer(@sz[0]));// 添加模块名称(不含路径)nIndex := SendMessage(hWndList, CB_ADDSTRING, 0, Integer(SearchChar(sz, '\', FALSE)) + 1);// 保存模块的ListBox编号SendMessage(hWndList, CB_SETITEMDATA, nIndex, j);end;// ComboBox选项'改变为'第一项SendMessage(hWndList, CB_SETCURSEL, 0, 0);SendMessage(hWnd, WM_COMMAND, MakeWParam(IDC_PROCESSMODULELIST, CBN_SELCHANGE), hWndList);SendMessage(hWndList, WM_SETREDRAW, 1, 0);InvalidateRect(hWndList, nil, FALSE);
end;// 取得模块默认基地址
function GetModulePreferredBaseAddr(dwProcessId: DWORD; pvModuleRemote: Pointer): Pointer;
varidh: TImageDosHeader;inth: TImageNtHeaders;
beginResult := nil;// 读取远程模块Dos头Toolhelp32ReadProcessMemory(dwProcessId, pvModuleRemote, idh, SizeOf(TImageDosHeader), PDWORD(nil)^);// 检测Dos头标志('MZ')if (idh.e_magic = IMAGE_DOS_SIGNATURE) thenbegin// 读取远程模块Nt头Inc(PByte(pvModuleRemote), idh._lfanew);Toolhelp32ReadProcessMemory(dwProcessId, pvModuleRemote, inth, SizeOf(TImageNtHeaders), PDWORD(nil)^);// 检测Nt头标志('PE00')if (inth.Signature = IMAGE_NT_SIGNATURE) thenbeginResult := Pointer(inth.OptionalHeader.ImageBase);end;end;
end;// 显示指定进程信息
procedure ShowProcessInfo(hWndEdit: hWnd; dwProcessID: DWORD);
varth: TToolhelp;fOk: BOOL;pe: TProcessEntry32;me: TModuleEntry32;te: TThreadEntry32;pvPreferredBaseAddr: Pointer;nPriority: Integer;
beginpe.dwSize := SizeOf(TProcessEntry32);me.dwSize := SizeOf(TModuleEntry32);te.dwSize := SizeOf(TThreadEntry32);SetWindowText(hWndEdit, '');th := TToolhelp.Create(TH32CS_SNAPALL, dwProcessID);// 显示指定进程基本信息fOk := th.ProcessFirst(@pe);while fOk dobeginif (pe.th32ProcessID = dwProcessID) thenbeginAddText(hWndEdit, 'Filename: %s'#13#10, [Integer(@pe.szExeFile[0])]);AddText(hWndEdit, ' PID=%08X, ParentPID=%08X, PriorityClass=%d, Threads=%d, Heaps=%d'#13#10, [pe.th32ProcessID, pe.th32ParentProcessID, pe.pcPriClassBase, pe.cntThreads, th.HowManyHeaps()]);Break;end;fOk := th.ProcessNext(@pe);end;// 显示进程所含模块信息AddText(hWndEdit, #13#10'Modules Information:'#13#10' Usage %-8s(%-8s) %8s Module'#13#10, [Integer(PChar('BaseAddr')), Integer(PChar('ImagAddr')), Integer(PChar('Size'))]);fOk := th.ModuleFirst(@me);while fOk dobegin// 引用次数if (me.ProccntUsage <> 65535) thenAddText(hWndEdit, ' %5d', [me.ProccntUsage])elseAddText(hWndEdit, ' Fixed', []);// 映像地址pvPreferredBaseAddr := GetModulePreferredBaseAddr(pe.th32ProcessID, me.modBaseAddr);if (me.modBaseAddr = pvPreferredBaseAddr) thenAddText(hWndEdit, ' %p %8s %8u %s'#13#10, [Integer(me.modBaseAddr), Integer(PChar('')), me.modBaseSize, Integer(@me.szExePath[0])])elseAddText(hWndEdit, ' %p(%p) %8u %s'#13#10, [Integer(me.modBaseAddr), Integer(pvPreferredBaseAddr), me.modBaseSize, Integer(@me.szExePath)]);fOk := th.ModuleNext(@me);end;// 显示进程所含线程信息AddText(hWndEdit, #13#10'Thread Information:'#13#10' TID Priority'#13#10, []);fOk := th.ThreadFirst(@te);while fOk dobeginif (te.th32OwnerProcessID = dwProcessID) thenbeginnPriority := te.tpBasePri + te.tpDeltaPri;if (te.tpBasePri < 16) and (nPriority > 15) thennPriority := 15;if (te.tpBasePri > 15) and (nPriority > 31) thennPriority := 31;if (te.tpBasePri < 16) and (nPriority < 1) thennPriority := 1;if (te.tpBasePri > 15) and (nPriority < 16) thennPriority := 16;AddText(hWndEdit, ' %08X %2d'#13#10, [te.th32ThreadID, nPriority]);end;fOk := th.ThreadNext(@te);end;th.Free;
end;// 显示指定模块信息
procedure ShowModuleInfo(hWndEdit: hWnd; pszModulePath: PChar);
varthProcesses, thModules: TToolhelp;pe: TProcessEntry32;me: TModuleEntry32;fpOk, fmOk: BOOL;
beginpe.dwSize := SizeOf(TProcessEntry32);me.dwSize := SizeOf(TModuleEntry32);SetWindowText(hWndEdit, '');AddText(hWndEdit, 'Pathname: %s'#13#10#13#10, [Integer(pszModulePath)]);AddText(hWndEdit, 'Process Information:'#13#10, []);AddText(hWndEdit, ' PID BaseAddr Process'#13#10, []);// 列出所有使用此模块的进程thProcesses := TToolhelp.Create(TH32CS_SNAPPROCESS);fpOk := thProcesses.ProcessFirst(@pe);while fpOk dobeginthModules := TToolhelp.Create(TH32CS_SNAPMODULE, pe.th32ProcessID);fmOk := thModules.ModuleFirst(@me);while fmOk dobeginif (lstrcmpi(me.szExePath, pszModulePath) = 0) thenbeginAddText(hWndEdit, ' %08X %p %s'#13#10, [pe.th32ProcessID, Integer(me.modBaseAddr), Integer(@pe.szExeFile[0])]);end;fmOk := thModules.ModuleNext(@me);end;thModules.Free;fpOk := thProcesses.ProcessNext(@pe);end;thProcesses.Free;
end;// 对话框WM_INITDIALOG消息处理
function Dlg_OnInitDialog(hWnd, hWndFocus: hWnd; lParam: lParam): BOOL;
begin// 设置窗体图标SendMessage(hWnd, WM_SETICON, ICON_BIG, LoadIcon(HInstance, MakeIntResource(IDI_PROCESSINFO)));SendMessage(hWnd, WM_SETICON, ICON_SMALL, LoadIcon(HInstance, MakeIntResource(IDI_PROCESSINFO)));// 隐藏ListBox(此控件用来管理模块列表)ShowWindow(GetDlgItem(hWnd, IDC_MODULEHELP), SW_HIDE);// 使用等宽字体SendMessage(GetDlgItem(hWnd, IDC_RESULTS), WM_SETFONT, GetStockObject(ANSI_FIXED_FONT), 0);// 枚举当前进程Dlg_PopulateProcessList(hWnd);// 接受默认焦点Result := TRUE;
end;// 对话框WM_SIZE消息处理
function Dlg_OnSize(hWnd: hWnd; state: UINT; cx, cy: Integer): BOOL;
varRc: TRect;n: Integer;hWndCtl: LongWord; // HWND
beginn := LOWORD(GetDialogBaseUnits());hWndCtl := GetDlgItem(hWnd, IDC_PROCESSMODULELIST);GetClientRect(hWndCtl, Rc);SetWindowPos(hWndCtl, 0, n, n, cx - n - n, Rc.bottom, SWP_NOZORDER);hWndCtl := GetDlgItem(hWnd, IDC_RESULTS);SetWindowPos(hWndCtl, 0, n, n + Rc.bottom + n, cx - n - n, cy - (n + Rc.bottom + n) - n, SWP_NOZORDER);Result := FALSE;
end;// 对话框WM_COMMAND消息处理
procedure Dlg_OnCommand(hWnd: hWnd; id: Integer; hWndCtl: hWnd; codeNotify: UINT);
const
{$J+}s_fProcesses: BOOL = TRUE;
{$J-}
vardw: DWORD;szModulePath: array[0..1024] of Char;si: TStartupInfo;pi: TProcessInformation;szCmdLine: array[0..1024] of Char;hWndCB: LongWord; // HWNDdwProcessId: DWORD;fOk: BOOL;
begincase (id) ofIDCANCEL: // 要求关闭beginEndDialog(hWnd, id);end;ID_PROCESSES: // 枚举进程(菜单)begins_fProcesses := TRUE;EnableMenuItem(GetMenu(hWnd), ID_VMMAP, MF_BYCOMMAND or MF_ENABLED);DrawMenuBar(hWnd);Dlg_PopulateProcessList(hWnd);end;ID_MODULES: // 枚举模块(菜单)begins_fProcesses := FALSE;EnableMenuItem(GetMenu(hWnd), ID_VMMAP, MF_BYCOMMAND or MF_GRAYED);DrawMenuBar(hWnd);Dlg_PopulateModuleList(hWnd);end;IDC_PROCESSMODULELIST: // ComboBox控件beginif (codeNotify = CBN_SELCHANGE) then // 选中项目改变begindw := SendMessage(hWndCtl, CB_GETCURSEL, 0, 0); // 当前选中项目if (s_fProcesses) thenbegindw := SendMessage(hWndCtl, CB_GETITEMDATA, dw, 0); // 进程IDShowProcessInfo(GetDlgItem(hWnd, IDC_RESULTS), dw);endelsebegindw := SendMessage(hWndCtl, CB_GETITEMDATA, dw, 0); // ListBox编号SendMessage(GetDlgItem(hWnd, IDC_MODULEHELP), LB_GETTEXT, dw, Integer(@szModulePath[0]));ShowModuleInfo(GetDlgItem(hWnd, IDC_RESULTS), szModulePath);end;end;end;ID_VMMAP: // 启动进程beginhWndCB := GetDlgItem(hWnd, IDC_PROCESSMODULELIST);dwProcessId := SendMessage(hWndCB, CB_GETITEMDATA, SendMessage(hWndCB, CB_GETCURSEL, 0, 0), 0);wvsprintf(szCmdLine, '..\14-VMMap\VMMap.exe %d', [dwProcessId]);si.cb := SizeOf(TStartupInfo);fOk := CreateProcess(nil, szCmdLine, nil, nil, FALSE, 0, nil, nil, si, pi);if (fOk) thenbeginCloseHandle(pi.hProcess);CloseHandle(pi.hThread);endelsebeginMessageBox(GetActiveWindow(), 'Failed to execute VMMAP.EXE.', 'ProcessInfo', 0);end;end;ID_MWINDOWS:beginMessageBox(GetActiveWindow(), 'HelloWorld', 'ProcessInfo', 0);end;end;
end;// 对话框消息处理回调
function Dlg_Proc(hWnd: hWnd; uMsg: UINT; wParam: wParam; lParam: lParam): BOOL; stdcall;
beginResult := FALSE;case (uMsg) ofWM_INITDIALOG:beginResult := BOOL(SetWindowLong(hWnd, DWL_MSGRESULT, Longint(Dlg_OnInitDialog(hWnd, wParam, lParam))));end;WM_SIZE:beginDlg_OnSize(hWnd, wParam, LOWORD(lParam), HIWORD(lParam));end;WM_COMMAND:beginDlg_OnCommand(hWnd, LOWORD(wParam), lParam, HIWORD(wParam));end;end;
end;// 程序主线程入口
beginTToolhelp(nil).EnableDebugPrivilege(TRUE);DialogBox(HInstance, MakeIntResource(IDD_PROCESSINFO), 0, @Dlg_Proc);TToolhelp(nil).EnableDebugPrivilege(FALSE);
end.
Toolhelp.pas,
unit Toolhelp;interfaceusesWindows, TlHelp32;typeTToolhelp = class(TObject)privatem_hSnapshot: THandle;publicconstructor Create(dwFlags: DWORD = 0; dwProcessID: DWORD = 0);destructor Destroy(); override;function CreateSnapshot(dwFlags: DWORD; dwProcessID: DWORD = 0): BOOL;function ProcessFirst(ppe: PProcessEntry32): BOOL;function ProcessNext(ppe: PProcessEntry32): BOOL;function ProcessFind(dwProcessId: DWORD; ppe: PProcessEntry32): BOOL;function ModuleFirst(pme: PModuleEntry32): BOOL;function ModuleNext(pme: PModuleEntry32): BOOL;function ModuleFind_BaseAddr(pvBaseAddr: Pointer; pme: PModuleEntry32): BOOL;function ModuleFind_ModName(pszModName: PChar; pme: PModuleEntry32): BOOL;function ThreadFirst(pte: PThreadEntry32): BOOL;function ThreadNext(pte: PThreadEntry32): BOOL;function HeapListFirst(phl: PHeapList32): BOOL;function HeapListNext(phl: PHeapList32): BOOL;function HowManyHeaps(): Integer;function HeapFirst(phe: PHeapEntry32; dwProcessID, dwHeapID: DWORD): BOOL;function HeapNext(phe: PHeapEntry32): BOOL;function HowManyBlocksInHeap(dwProcessID, dwHeapId: DWORD): Integer;function IsAHeap(hProcess: THandle; pvBlock: Pointer; pdwFlags: PDWORD): BOOL;function EnableDebugPrivilege(fEnable: BOOL = TRUE): BOOL;function ReadProcessMemory(dwProcessID: DWORD; pvBaseAddress, pvBuffer: Pointer;cbRead: DWORD; pdwNumberOfBytesRead: PDWORD = nil): BOOL;end;implementation// 构造函数
constructor TToolhelp.Create(dwFlags: DWORD = 0; dwProcessID: DWORD = 0);
beginm_hSnapshot := INVALID_HANDLE_VALUE;CreateSnapshot(dwFlags, dwProcessID);
end;// 析构函数
destructor TToolhelp.Destroy();
beginif (m_hSnapshot <> INVALID_HANDLE_VALUE) then CloseHandle(m_hSnapshot);
end;// 建立快照
function TToolhelp.CreateSnapshot(dwFlags: DWORD; dwProcessID: DWORD = 0): BOOL;
beginif (m_hSnapshot <> INVALID_HANDLE_VALUE) then CloseHandle(m_hSnapshot);if (dwFlags = 0) thenm_hSnapshot := INVALID_HANDLE_VALUEelsem_hSnapshot := CreateToolhelp32Snapshot(dwFlags, dwProcessID);Result := m_hSnapshot <> INVALID_HANDLE_VALUE;
end;// 进程枚举
function TToolhelp.ProcessFirst(ppe: PProcessEntry32): BOOL;
beginResult := Process32First(m_hSnapshot, ppe^);if (Result = TRUE) and (ppe.th32ProcessID = 0) thenResult := ProcessNext(ppe); // Remove the "[System Process]" (PID = 0)
end;function TToolhelp.ProcessNext(ppe: PProcessEntry32): BOOL;
beginResult := Process32Next(m_hSnapshot, ppe^);if (Result = TRUE) and (ppe.th32ProcessID = 0) thenResult := ProcessNext(ppe); // Remove the "[System Process]" (PID = 0)
end;function TToolhelp.ProcessFind(dwProcessId: DWORD; ppe: PProcessEntry32): BOOL;
beginResult := ProcessFirst(ppe);while Result dobeginif (ppe.th32ProcessID = dwProcessId) then Break;Result := ProcessNext(ppe);end;
end;// 模块枚举
function TToolhelp.ModuleFirst(pme: PModuleEntry32): BOOL;
beginResult := Module32First(m_hSnapshot, pme^);
end;function TToolhelp.ModuleNext(pme: PModuleEntry32): BOOL;
beginResult := Module32Next(m_hSnapshot, pme^);
end;function TToolhelp.ModuleFind_BaseAddr(pvBaseAddr: Pointer; pme: PModuleEntry32): BOOL;
beginResult := ModuleFirst(pme);while Result dobeginif (pme.modBaseAddr = pvBaseAddr) then Break;Result := ModuleNext(pme);end;
end;function TToolhelp.ModuleFind_ModName(pszModName: PChar; pme: PModuleEntry32): BOOL;
beginResult := ModuleFirst(pme);while Result dobeginif (lstrcmpi(pme.szModule, pszModName) = 0) or(lstrcmpi(pme.szExePath, pszModName) = 0) then Break;Result := ModuleNext(pme);end;
end;// 线程枚举
function TToolhelp.ThreadFirst(pte: PThreadEntry32): BOOL;
beginResult := Thread32First(m_hSnapshot, pte^);
end;function TToolhelp.ThreadNext(pte: PThreadEntry32): BOOL;
beginResult := Thread32Next(m_hSnapshot, pte^);
end;// 内存枚举
function TToolhelp.HowManyHeaps(): Integer;
varhl: THeapList32;fOk: BOOL;
beginResult := 0;hl.dwSize := SizeOf(THeapList32);fOk := HeapListFirst(@hl);while fOK dobeginInc(Result);fOk := HeapListNext(@hl);end;
end;function TToolhelp.HowManyBlocksInHeap(dwProcessID, dwHeapId: DWORD): Integer;
varhe: THeapEntry32;fOK: BOOL;
beginResult := 0;he.dwSize := SizeOf(he);fOk := HeapFirst(@he, dwProcessID, dwHeapID);while fOK dobeginInc(Result);fOk := HeapNext(@he);end;
end;function TToolhelp.HeapListFirst(phl: PHeapList32): BOOL;
beginResult := Heap32ListFirst(m_hSnapshot, phl^);
end;function TToolhelp.HeapListNext(phl: PHeapList32): BOOL;
beginResult := Heap32ListNext(m_hSnapshot, phl^);
end;function TToolhelp.HeapFirst(phe: PHeapEntry32; dwProcessID, dwHeapID: DWORD): BOOL;
beginResult := Heap32First(phe^, dwProcessID, dwHeapID);
end;function TToolhelp.HeapNext(phe: PHeapEntry32): BOOL;
beginResult := Heap32Next(phe^);
end;function TToolhelp.IsAHeap(hProcess: THandle; pvBlock: Pointer; pdwFlags: PDWORD): BOOL;
varhl: THeapList32;he: THeapEntry32;mbi: TMemoryBasicInformation;fOkHL, fOkHE: BOOL;
beginResult := FALSE;hl.dwSize := SizeOf(THeapList32);he.dwSize := SizeOf(THeapEntry32);fOkHL := HeapListFirst(@hl);while fOkHL dobeginfOkHE := HeapFirst(@he, hl.th32ProcessID, hl.th32HeapID);while fOkHE dobeginVirtualQueryEx(hProcess, Pointer(he.dwAddress), mbi, SizeOf(TMemoryBasicInformation));if (DWORD(mbi.AllocationBase) <= DWORD(pvBlock)) and(DWORD(pvBlock) <= DWORD(mbi.AllocationBase) + mbi.RegionSize) thenbeginpdwFlags^ := hl.dwFlags;Result := TRUE;Exit;end;fOkHE := HeapNext(@he);end;fOkHL := HeapListNext(@hl);end;
end;// 提升权限
function TToolhelp.EnableDebugPrivilege(fEnable: BOOL = TRUE): BOOL;
constSE_DEBUG_NAME: PChar = 'SeDebugPrivilege';
varhToken: THandle;tp: TTokenPrivileges;
beginResult := FALSE;if OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, hToken) thenbegintp.PrivilegeCount := 1;LookupPrivilegeValue(nil, SE_DEBUG_NAME, tp.Privileges[0].Luid);if fEnable thentp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLEDelsetp.Privileges[0].Attributes := 0;AdjustTokenPrivileges(hToken, FALSE, tp, SizeOf(TTokenPrivileges), nil, PDWORD(nil)^);Result := (GetLastError() = ERROR_SUCCESS);CloseHandle(hToken);end;
end;// 内存读取
function TToolhelp.ReadProcessMemory(dwProcessID: DWORD; pvBaseAddress, pvBuffer: Pointer;cbRead: DWORD; pdwNumberOfBytesRead: PDWORD = nil): BOOL;
beginResult := Toolhelp32ReadProcessMemory(dwProcessID, pvBaseAddress, pvBuffer^, cbRead, pdwNumberOfBytesRead^);
end;end.rc文件中增加控件,菜单,子菜单相关推荐
- android怎么查看方法被谁调用,Android中查看布局文件中的控件(view,id)在哪里被调用(使用)...
在阅读别人的代码时通常是很痛苦的,有时很想要看一看布局中的控件在哪里被调用了,为之很苦恼 在这里提供一种方法. 复制要查看的控件ID,到R文件中搜索到该ID, 接下来就好办的了,选中ID按下Ctrl鼠 ...
- android的xml登录,Android----xml文件中的控件的id设置
Android开放中要想得到布局文件中控件的引用,该控件必须设置id属性,这两有两种方式设置id:(1)@+id/xxxx;(2)@id/xxxx;下面做个简单的介绍.@+id/xxx:如果R文件中没 ...
- 布局中文件中【控件间距参数详解以及单位选择】
注意:例如:android:layout_gravity和android:gravity的区别: android:layout_gravity:此控件相对父控件的相对位置 android:gravit ...
- Android在Activity中动态增加xml自定义样式布局控件(引用xml布局文件和循环增加控件)
工程目录: MainActivity package com.example.test1121;import androidx.appcompat.app.ActionBar; import andr ...
- java文件上传控件_java实现大文件上传控件
这里只写后端的代码,基本的思想就是,前端将文件分片,然后每次访问上传接口的时候,向后端传入参数:当前为第几块文件,和分片总数 下面直接贴代码吧,一些难懂的我大部分都加上注释了: 上传文件实体类: 看得 ...
- .net dataGridView当鼠标经过时当前行背景色变色;然后【给GridView增加单击行事件,并获取单击行的数据填充到页面中的控件中】...
1.首先在前台dataGridview属性中增加onRowDataBound属性事件 2.然后在后台Observing_RowDataBound事件中增加代码 protected void Obser ...
- 组件开发之ASP.NET中集成资源文件的服务器端控件开发
一个ASP.net中的控件,往往要使用到一些图片.CSS和脚本JS文件等等,如果要求用户把这些资源文件自己复制到网站目录中,往往让人感觉很麻烦很不专业.如果能够在控件中包含这些资源,能够自动引用,不单 ...
- activex 控件的id 定义位置+使用ocx控件的客户端程序中对控件定义的文件中控件id定义的位置...
activex 控件的id 定义位置 // SuperDisplayCtl.cpp IMPLEMENT_OLECREATE_EX(CSuperDisplayCtrl, "SuperDispl ...
- 在子线程中更改主线程中的控件的信息,在子线程中用toast
一丶在子线程中不允许更改主线程中的控件的信息,也不允许在子线程中用toast,我们要更改的话 (1)消息机制:使用handler (由主线程调用) 在主程序中Handler handler = new ...
最新文章
- linux修正系统错误指令fsck和badblocks
- java swt webkit_使用Java和Webkit的HTML编辑器 – SWT浏览器
- opencv中匹配点对的坐标提取
- 有趣的灵魂百里挑一,Linux同学你低下头干嘛,起来说下这个问题。
- Spring Boot中使用Actuator的/info端点输出Git版本信息
- 杜拉拉升职记摘录:早日实现退休理想--你需要眼光和资格
- c语言编程学习宝典,C语言学习宝典
- 图像转PDF的问题、方法及题外话
- TikTok选品有什么技巧?
- FastJson是如何导致App Crash的
- 风生水起的VR直播丨VR直播市场何时迎来爆发期?
- php电商开源框架,Sylius 开源PHP电商解决方案
- 买房贷款在什么情况下会被拒? 你避开这些雷区了吗?
- python dataframe合并相同行_pandas之DataFrame合并merge
- excel怎样制作html,HTML_Excel/Access 97 网页制作速成,一、 利用Excel 97制作网页 - phpStudy...
- matlab中三角函数sin、cos、tan以弧度为单位
- python爬虫需要cookie_python爬虫(六) Cookie
- 亚马逊测评提升销量有什么好办法,分享6点技巧
- 【Linux】【开发环境】【RHEL】开发环境搭建系列之十一——Linux系统下搭建基于vim的C/C++ IDE开发环境
- C语言实现matlab的butter函数