解析PDB中的函数名对应的地址
#include <Windows.h>
#include<stdio.h>
#include <imagehlp.h>
#include <locale.h>
#pragma comment(lib,"DbgHelp.lib")
BOOL CALLBACK CallBackProc(PSYMBOL_INFO pSymInfo, ULONG SymbolSize, PVOID UserContext)
{
printf("函数名: %s
地址: %08X
", pSymInfo->Name, pSymInfo->Address);
return TRUE;
}
char* UnicodeToAnsi(const wchar_t* szStr, char* szDest)
{
int nLen = WideCharToMultiByte(CP_ACP, 0, szStr, -1, NULL, 0, NULL, NULL);
if (nLen == 0)
{
return NULL;
}
char* pResult = new char[nLen];
WideCharToMultiByte(CP_ACP, 0, szStr, -1, pResult, nLen, NULL, NULL);
strcpy(szDest, pResult);
delete pResult;
return szDest;
}
BOOL GetSymbol(LPCTSTR FileName)
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId());
CloseHandle(hProcess);
if (!SymInitialize(hProcess, NULL, FALSE))
{
return FALSE;
}
DWORD dwOpt = SymGetOptions();
SymSetOptions(dwOpt | SYMOPT_DEFERRED_LOADS | SYMOPT_UNDNAME | SYMOPT_CASE_INSENSITIVE);
char sFileName[MAX_PATH] = {
0 };
UnicodeToAnsi(FileName, sFileName);
DWORD64 dwSymModule = SymLoadModuleEx(hProcess, NULL, sFileName, NULL, 0, 0, NULL, 0);
if (0 == dwSymModule)
{
SymCleanup(hProcess);
return -1;
}
if (!SymEnumSymbols(hProcess, dwSymModule, 0, (PSYM_ENUMERATESYMBOLS_CALLBACK)CallBackProc, NULL))
{
SymCleanup(hProcess);
return -1;
}
return SymCleanup(hProcess);
}
int main(int argc, char* argv[])
{
const WCHAR* sDllPath = L"E:\sandbox\libwin\ntdll.dll";
if (!GetSymbol(sDllPath))
{
return -1;
}
getchar();
return 0;
}
下一篇:
java面试题整理《多线程篇》七