当前位置:七道奇文章资讯编程技术VC/C++编程
日期:2011-03-22 13:54:00  来源:本站整理

<b>xp下用户程序空间分配(9):还剩下什么?</b>[VC/C++编程]

赞助商链接



  本文“<b>xp下用户程序空间分配(9):还剩下什么?</b>[VC/C++编程]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:

在去除前面的部份后,看看内存里还剩下什么:

基址 分配基址 分配保护 大小 状况 保护 范例
00010000 00010000 00000004

PAGE_READWRITE

00002000 00001000

MEM_COMMIT

00000004

PAGE_READWRITE

00020000

MEM_PRIVATE

7ffdd000 7ffdd000 00000004

PAGE_READWRITE

00001000 00001000

MEM_COMMIT

00000004

PAGE_READWRITE

00020000

MEM_PRIVATE

7ffde000 7ffde000 00000004

PAGE_READWRITE

00001000 00001000

MEM_COMMIT

00000004

PAGE_READWRITE

00020000

MEM_PRIVATE

7ffdf000 7ffdf000 00000004

PAGE_READWRITE

00001000 00001000

MEM_COMMIT

00000004

PAGE_READWRITE

00020000

MEM_PRIVATE

7ffe0000 7ffe0000 00000002

PAGE_READONLY

00001000 00001000

MEM_COMMIT

00000002

PAGE_READONLY

00020000

MEM_PRIVATE

这些块都对比小,毕竟是什么东西?

1.1 环境块

在毛德操的《windows内核情境解析》里说起 一个叫环境块(仿佛是这个名字)的东西,且是在内存的最低的位置,咱看看它的内容:

0x00010000  3d 00 3a 00 3a 00 3d 00 3a 00 3a 00 5c 00 00 00 3d 00 45 00  =::=::.=E
0x00010014  3a 00 3d 00 45 00 3a 00 5c 00 50 00 72 00 6f 00 67 00 72 00  :=E:Progr
0x00010028  61 00 6d 00 20 00 46 00 69 00 6c 00 65 00 73 00 5c 00 4d 00  am FilesM
0x0001003C  69 00 63 00 72 00 6f 00 73 00 6f 00 66 00 74 00 20 00 56 00  icrosoft V
0x00010050  69 00 73 00 75 00 61 00 6c 00 20 00 53 00 74 00 75 00 64 00  isual Stud
0x00010064  69 00 6f 00 20 00 39 00 2e 00 30 00 5c 00 56 00 43 00 5c 00  io 9.0VC
0x00010078  76 00 63 00 70 00 61 00 63 00 6b 00 61 00 67 00 65 00 73 00  vcpackages
0x0001008C  00 00 3d 00 46 00 3a 00 3d 00 46 00 3a 00 5c 00 65 00 6d 00  .=F:=F:em
0x000100A0  62 00 65 00 64 00 5c 00 65 00 74 00 6f 00 6f 00 6c 00 73 00  bedetools
0x000100B4  00 00 41 00 4c 00 4c 00 55 00 53 00 45 00 52 00 53 00 50 00  .ALLUSERSP
0x000100C8  52 00 4f 00 46 00 49 00 4c 00 45 00 3d 00 45 00 3a 00 5c 00  ROFILE=E:
0x000100DC  44 00 6f 00 63 00 75 00 6d 00 65 00 6e 00 74 00 73 00 20 00  Documents
0x000100F0  61 00 6e 00 64 00 20 00 53 00 65 00 74 00 74 00 69 00 6e 00  and Settin
0x00010104  67 00 73 00 5c 00 41 00 6c 00 6c 00 20 00 55 00 73 00 65 00  gsAll Use
0x00010118  72 00 73 00 00 00 41 00 50 00 50 00 44 00 41 00 54 00 41 00  rs.APPDATA
0x0001012C  3d 00 45 00 3a 00 5c 00 44 00 6f 00 63 00 75 00 6d 00 65 00  =E:Docume
0x00010140  6e 00 74 00 73 00 20 00 61 00 6e 00 64 00 20 00 53 00 65 00  nts and Se
0x00010154  74 00 74 00 69 00 6e 00 67 00 73 00 5c 00 00 5f d1 53 05 80  ttings开辟者
0x00010168  5c 00 41 00 70 00 70 00 6c 00 69 00 63 00 61 00 74 00 69 00  Applicati
0x0001017C  6f 00 6e 00 20 00 44 00 61 00 74 00 61 00 00 00 42 00 58 00  on Data.BX
0x00010190  53 00 48 00 41 00 52 00 45 00 3d 00 2e 00 00 00 43 00 44 00  SHARE=..CD
0x000101A4  53 00 52 00 4f 00 4f 00 54 00 3d 00 65 00 3a 00 5c 00 65 00  SROOT=e:e

都是些unicode文本,把它的内容和系统环境变量举行对比,差别还是对比明显的 ,但是系统环境变量和用户环境变量在这块内存区里都可以找到呼应的定义.尝试在用户环境变量里添 加一个定义,再重新运路程序,公然在这块区域里找到了这个新的环境变量.

1.2 NT_TIB

每个线 程都有一块地方记录线程的基本信息,在程序里有三个线程,想必应当有三块空间,读出fs的内容,可 以发现主线程的这个信息存放在0x7ffd f000,看下它的原始数据:

0x7FFDF000  a8 ff 12 00 00 00 13 00 00 10 0e 00 00 00 00 00  ................
0x7FFDF010  00 1e 00 00 00 00 00 00 00 f0 fd 7f 00 00 00 00  ................
0x7FFDF020  30 0e 00 00 d4 07 00 00 00 00 00 00 00 00 00 00  0...............
0x7FFDF030  00 d0 fd 7f b7 00 00 00 00 00 00 00 00 00 00 00  ................
0x7FFDF040  00 b3 6e e3 00 00 00 00 00 00 00 00 00 00 00 00  ..n.............


  以上是“<b>xp下用户程序空间分配(9):还剩下什么?</b>[VC/C++编程]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:

  • <b>hosts是什么 hosts文件在什么位置 若何改正hosts</b>
  • <b>在 Windows 8 中手动安装语言包</b>
  • <b>五个常见 PHP数据库问题</b>
  • Windows中Alt键的12个高效快速的利用本领介绍
  • <b>MySQL ORDER BY 的实现解析</b>
  • <b>详解MySQL存储历程参数有三种范例(in、out、inout)</b>
  • <b>Win8系统恢复出来经典的开始菜单的办法</b>
  • <b>Win8系统花屏怎么办 Win8系统花屏的办理办法</b>
  • <b>Windows 7系统下无线网卡安装</b>
  • <b>为什么 Linux不需求碎片整理</b>
  • <b>Windows 8中删除账户的几种办法(图)</b>
  • <b>教你如安在win7下配置路由器</b>
  • 本文地址: 与您的QQ/BBS好友分享!
    • 好的评价 如果您觉得此文章好,就请您
        0%(0)
    • 差的评价 如果您觉得此文章差,就请您
        0%(0)

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .