我正在try 编写一个PE解析器,我的程序包含两个循环,如下所示:
size_t i = 0;
while (condition_1) {
struct _IMAGE_IMPORT_DESCRIPTOR64 *importDescriptorArray = malloc(sizeof(struct _IMAGE_IMPORT_DESCRIPTOR64));
struct _IMAGE_THUNK_DATA64 *originalFirstThunkArray = malloc(sizeof(struct _IMAGE_THUNK_DATA64));
size_t originalFirstThunkArrayIndex = 0;
originalFirstThunkArray[originalFirstThunkArrayIndex].u1.ordinal = some_value; //set to a computed value
while (condition_2) {
originalFirstThunkArrayIndex++;
originalFirstThunkArray = realloc(originalFirstThunkArray, originalFirstThunkArrayIndex * sizeof(struct _IMAGE_THUNK_DATA64));
originalFirstThunkArrayOffset += sizeof(QWORD); //each element has its address stored as a QWORD, so I have to iterate QWORD-at-a-time.
originalFirstThunkArray[originalFirstThunkArrayIndex].u1.ordinal = reverse_endianess_u_int64_t(readQWord(file, originalFirstThunkArrayOffset, QWORD_Buffer));
}
i++;
importDescriptorArray = realloc(importDescriptorArray, i * sizeof(struct _IMAGE_IMPORT_DESCRIPTOR64));
}
我可以执行外部循环n次,它总是会给我正确的输出.然而,inner循环会随机给出正确答案,或者通过malloc: Incorrect checksum for freed object错误消息退出.
我的代码库超出了复制/粘贴的范围,但以下是 struct 的定义:
struct _IMAGE_IMPORT_DESCRIPTOR64 {
union {
DWORD Characteristics;
IMAGE_THUNK_DATA32 OriginalFirstThunk;
} u;
DWORD timeDateStamp;
DWORD forwarderChain;
DWORD name;
IMAGE_THUNK_DATA32 FirstThunk;
} IMAGE_IMPORT_DESCRIPTOR64;
typedef struct _IMAGE_THUNK_DATA64 {
union {
QWORD forwarderString;
QWORD function;
QWORD ordinal;
QWORD addressOfData;
} u1;
} IMAGE_THUNK_DATA64;
我已经将导致错误的行缩小到内部循环的realloc()函数,但我不能理解原因-是因为我在重新分配之后立即访问数组(但我更改了索引,以便编辑新分配的空间的数据,而不是其他内容)?
我try 做的是一次分配一个 struct (为了节省内存),因为除非在满足特定条件之前读取这些 struct ,否则没有其他方法可以知道它们有多少.