c++ readfile reading file incorrectly,

Question

int main() {

    HANDLE source = CreateFile(L"D:\\msgbox.exe", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    LARGE_INTEGER size;
    GetFileSizeEx(source, &size);
    char* buff = new char[size.QuadPart];

    DWORD dwBytesRead;
    ReadFile(source, buff, sizeof(buff), &dwBytesRead, NULL);
    void* buffer = (void*)buff;

    IMAGE_DOS_HEADER* DOSHeader = PIMAGE_DOS_HEADER(buffer);
    PIMAGE_NT_HEADERS nt = PIMAGE_NT_HEADERS((char*)(buffer)+DOSHeader->e_lfanew);
    
    //using other method it is correct (0x40000), using winapi will fail.
    cout << hex << nt->OptionalHeader.ImageBase << endl;
    return 0;
}

When I read file using other technique, e.g fstream. or using c stdio. it works perfectly by outputting the ImageBase of the binary, however it won't work using winapi's ReadFile(). The file size is already correct.

score 2 · Answer 1 · answered Jun 30 '20 at 13:19

2

sizeof(buff) is not the size of the allocated buffer but the size of the pointer buff.

Use size.QuadPart instead of that as the size to read.

answered Jun 30 '20 at 13:19

MikeCAT

73,922
11
45
70

score 0 · Answer 2 · answered Jun 30 '20 at 13:23

0

you have used '''sizeof(buff)''' which wont work for allocated buffer do use '''size.quad'''

answered Jun 30 '20 at 13:23

aniket sagar

15
3

c++ readfile reading file incorrectly,

2 Answers2