WinAPI: do I need to call FlushInstructionCache in the memory-mapped executable?

I wrote a short program to read the obj windows file and find the .text section and run the code in it. To do this, I make the following calls to the Windows API functions ( Full code [gist.github.com] , for those who are interested):

HANDLE FileHandle = CreateFile("lib.obj",
                               GENERIC_READ | GENERIC_EXECUTE,
                               FILE_SHARE_READ, 0,
                               OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);

HANDLE MappingHandle = CreateFileMapping(FileHandle, 0, PAGE_EXECUTE_READ, 0, 0, 0);

void *Address = MapViewOfFile(MappingHandle, FILE_MAP_EXECUTE | FILE_MAP_READ,
                              0, 0, 0);

Then I find the .text section in the file and overlay the code pointer with the C ++ function pointer and just call the function. It really worked for me.

I made a mistake without calling FlushInstructonCache in the virtual memory area associated with the file?

I ask about this because I recently read the VirtualAlloc documentation and it notes below:

, , FlushInstructionCache ​​ . .

, CPU ?

MapViewOfFile CreateFileMapping.

+4
1

MapViewOfFile, .

, , .

MAY - :

  • : , [ , , , ].

  • , - "" "", .

, VirtualAlloc , , .

, , " " (-, , , - ), , INT 3 x86.

"" - (, " " , , , ), , " , "

+5

Source: https://habr.com/ru/post/1670900/


All Articles