#include <iostream>
#include <Windows.h>
#include <ObjBase.h>
using namespace std;
interface IX
{
public:
virtual void Fx1() = 0;
virtual void Fx2() = 0;
};
interface IY
{
public:
virtual void Fy1() = 0;
virtual void Fy2() = 0;
};
class CA : public IX
{
public:
virtual void Fx1(){ cout<<"Fx1"<<endl; }
virtual void Fx2(){ cout<<"Fx2"<<endl; }
virtual void Fy1(){ cout<<"Fy1"<<endl; }
virtual void Fy2(){ cout<<"Fy2"<<endl; }
private:
int ca;
};
void main()
{
CA* pA = new CA;
return;
}
加载exe以及相关符号文件.然后输入以下命令:bp回车
然后在输入bl回车,此时输出:
bl
0 e [e:\测试程序\2013-5-08\test\test\main.cpp @ 29] 0001 (0001) 0:**** Test!main
ok,然后程序调起来
然后单步调试,我们可以查看CA模块的一些名称
0:000> x test!CA::*
00e216d0 Test!CA::Fx2 (void)
00e21650 Test!CA::Fx1 (void)
00e217d0 Test!CA::Fy2 (void)
00e21750 Test!CA::Fy1 (void)
00e215d0 Test!CA::CA (void)
00e285f8 Test!CA::`RTTI Base Class Descriptor at (0,-1,0,64)' = <no type information>
00e285d4 Test!CA::`RTTI Class Hierarchy Descriptor' = <no type information>
00e285e8 Test!CA::`RTTI Base Class Array' = <no type information>
00e286c0 Test!CA::`RTTI Complete Object Locator' = <no type information>
00e285bc Test!CA::`RTTI Complete Object Locator' = <no type information>
00e285bc Test!CA::`RTTI Complete Object Locator' = <no type information>
00e27804 Test!CA::`vftable' = <no type information>
00e278c4 Test!CA::`vftable' = <no type information>
00e27814 Test!CA::`vftable' = <no type information>
我们可以继续跟踪这个几个地址00e27804 00e278c4 00e27814的内容
0:000> dps 00e278c4
00e278c4 00e210dc Test!ILT+215(?Fx1CAUAEXXZ)
00e278c8 00e21032 Test!ILT+45(?Fx2CAUAEXXZ)
00e278cc 00e2113b Test!ILT+310(?Fy1CAUAEXXZ)
00e278d0 00e211fe Test!ILT+505(?Fy2CAUAEXXZ)
00e278d4 00000000
00e278d8 005f005f
00e278dc 0061006e
00e278e0 00690074
发现其有四个虚函数.指针
这里我们其实可以直接通过查看pA的内容来找到虚拟函数指针的相关信息:
0:000> dt pA
Local var @ 0x24f7a0 Type CA*
0x00124810
+0x000 __VFN_table : 0x00e278c4
+0x004 ca : -842150451
0:000> dps 0x00e278c4
00e278c4 00e210dc Test!ILT+215(?Fx1CAUAEXXZ)
00e278c8 00e21032 Test!ILT+45(?Fx2CAUAEXXZ)
00e278cc 00e2113b Test!ILT+310(?Fy1CAUAEXXZ)
00e278d0 00e211fe Test!ILT+505(?Fy2CAUAEXXZ)