const, *, & 位置不同 代表意義也不同

CPolicyEnforcementModule * const p1 : p是一個const pointer 指向  CPolicyEnforcementModule (用途, array的p++, p會自動加array element size 的大小, 這裡會compile不過)

CPolicyEnforcementModule const * p2:  p是一個pinter 指向 const 的object. 要用P來呼叫 CPolicyEnforcementModule 裡面的 member function只能呼叫const的那種, (即使是get也不能呼叫, 除非在prototype和define 上都有定義成const

const CPolicyEnforcementModule *: 同p2

const * CPolicyEnforcementModule p: 沒有這個寫法, * 要在 Datatype 後

CPolicyEnforcementModule & const: (TBD….)

CPolicyEnforcementModule const &

const & CPolicyEnforcementModule

const CPolicyEnforcementModule &

 

Testing Program

const int constValue=3;
int notConstValue=3;

const int * p1 =&constValue; //a pointer point to a const integer   
//(*p1)++;//This is invalid. Through p to change the value it point is illegal
p1++; //this is ok

//int * const p2=&constValue; //error, the date can not change.
int * const p2=&notConstValue; //a const pointer point to a integer

(*p2)++;//this is ok, only the pointer is const, but the value can be changed
//p2++; //this is invalid, since it is a const pointer,

int const * p3=&constValue; //Same as p1   
//(*p3)++;
p3++;

//const * int p4=3; invalid decoration

[windbg] User mode heap corruption

設定

Host: windbg 接進guest OS

Guest: app ver on, 設定要檢查的 process

當有heap corruption 發生, 就會有

=======================================
VERIFIER STOP 00000013: pid 0xBF0: First chance access violation for current stack trace.

    0A1D1000 : Invalid address causing the exception.
    6687545A : Code address executing the invalid access.
    0867FA14 : Exception record.
    0867FA30 : Context record.

先切到0xdf0 底下 (就是你設的app ver target)

.process /r /p /P <EProcess>

(1)拿發生的address 去ln 可以找到離這個位置最近的symbol

ln 6687545A

但以這個例子 只看到是在做memory copy

(2)如果夠準確, 直接 kvn 就可以看到stack 然後看到誰call 剛剛那個memcpy

兇手出現!!!

Try for blogger by iPhone

Why I call this blog as "30, and be independent"? That's is odd? Isn't that? Anyway. I m doing a test here and exiting about post a blog by iPhone. Don't know why, just exiting..

to check

g_pNtDllInst->m_pfnRtlNtStatusToDosError = reinterpret_cast<PFN_RtlNtStatusToDosError >
                ( ::GetProcAddress(g_pNtDllInst->m_hDLLModule, "RtlNtStatusToDosError" ) );

perl resource

http://affy.blogspot.com/p5be/ch10.htm
http://affy.blogspot.com/p5be/ch12.htm
http://www.catonmat.net/download/perl.predefined.variables.pdf

To Check C++ howto

DWORD &JobResultStatus

function pointer 的用法

//local 宣告function pointer
int (*netcmd)(uint16,int(*)(cbuf_t*,uint16,void*,uint16),void*,uint16,void*,uint16*,uint32,int*);

//指定成不同的function pointer 根據傳入的參數
netcmd = (block) ? netcmdBlockSend : netcmdNonblockSend;

//可以直接call不需dereference 但是(*netcmd)才是比較一般的作法 參考這個網址
err_code=netcmd( 
    EVT_ARP_ADD, netexeArpAdd, &add, sizeof(cmdArpAdd_t),
    NULL, NULL, 5000, &result);

 

一些介紹function pointer的link:

• Pointers to functions : 簡單有介紹state machine 用function pointer array的作法
• The function pointer tutorial : 還沒看過全部