主程序代码 PEComp.c
#include <windows.h>
#include <Richedit.h>
#include <Commctrl.h>
#include "resource.h" HINSTANCE hInstance;
DWORD dwCount; HWND hWinEdit; //富文本框句柄 /*
初始化窗口程序
*/
void _Init(HWND hWinMain)
{
HICON hIcon;
CHARFORMAT stCf;
TCHAR szFont[] = TEXT("宋体"); hWinEdit = GetDlgItem(hWinMain, IDC_INFO);
hIcon = LoadIcon(hInstance, MAKEINTRESOURCE(ICO_MAIN));
SendMessage(hWinMain, WM_SETICON, ICON_BIG, (LPARAM)hIcon);//为窗口设置图标
SendMessage(hWinEdit, EM_SETTEXTMODE, TM_PLAINTEXT, );//设置编辑控件 RtlZeroMemory(&stCf, sizeof(stCf));
stCf.cbSize = sizeof(stCf);
stCf.yHeight = * ;
stCf.dwMask = CFM_FACE | CFM_SIZE | CFM_BOLD;
lstrcpy(stCf.szFaceName, szFont);
SendMessage(hWinEdit, EM_SETCHARFORMAT, , (LPARAM)&stCf);
SendMessage(hWinEdit, EM_EXLIMITTEXT, , -);
} /*
清除ListView中的内容
删除所有的行和所有的列
*/
void _ListViewClear(HWND _hWinView)
{
SendMessage(_hWinView, LVM_DELETEALLITEMS, , ); while (SendMessage(_hWinView, LVM_DELETECOLUMN, , )){}
} /*
在ListView中增加一个列
输入:_dwColumn = 增加的列编号
_dwWidth = 列的宽度
_lpszHead = 列的标题字符串
*/
void _ListViewAddColumn(HWND _hWinView,DWORD _dwColumn,DWORD _dwWidth,PTCHAR _lpszHead)
{
LV_COLUMN stLVC; RtlZeroMemory(&stLVC, sizeof(LV_COLUMN));
stLVC.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_FMT;
stLVC.fmt = LVCFMT_LEFT;
stLVC.pszText = _lpszHead;
stLVC.cx = _dwWidth;
stLVC.iSubItem = _dwColumn;
SendMessage(_hWinView, LVM_INSERTCOLUMN, _dwColumn, (LPARAM)&stLVC);
} /*
初始化结果表格
*/
void _clearResultView(HWND hProcessModuleTable)
{
_ListViewClear(hProcessModuleTable); //添加表头
_ListViewAddColumn(hProcessModuleTable, , , TEXT("PE数据结构相关字段"));
_ListViewAddColumn(hProcessModuleTable, , , TEXT("文件1的值(H)"));
_ListViewAddColumn(hProcessModuleTable, , , TEXT("文件2的值(H)")); dwCount = ;
} void _GetListViewItem(HWND _hWinView, DWORD _dwLine, DWORD _dwCol, PTCHAR _lpszText)
{
LV_ITEM stLVI; RtlZeroMemory(&stLVI, sizeof(LV_ITEM));
RtlZeroMemory(_lpszText, ); stLVI.cchTextMax = ;
stLVI.mask = LVIF_TEXT;
stLVI.pszText = _lpszText;
stLVI.iSubItem = _dwCol;
SendMessage(_hWinView, LVM_GETITEMTEXT, _dwLine, (LPARAM)&stLVI);
} int _MemCmp(PTCHAR _lp1, PTCHAR _lp2, int _size)
{
DWORD dwResult = ; for (int i = ; i < _size; ++i)
{
if (_lp1[i] != _lp2[i])
{
dwResult = ;
break;
}
}
return dwResult;
} /*
在ListView中新增一行,或修改一行中某个字段的内容
输入:_dwItem = 要修改的行的编号
_dwSubItem = 要修改的字段的编号,-1表示插入新的行,>=1表示字段的编号
*/
DWORD _ListViewSetItem(HWND _hWinView, DWORD _dwItem, DWORD _dwSubItem, PTCHAR _lpszText)
{
LV_ITEM stLVI; RtlZeroMemory(&stLVI, sizeof(LV_ITEM));
stLVI.cchTextMax = lstrlen(_lpszText);
stLVI.mask = LVIF_TEXT;
stLVI.pszText = _lpszText;
stLVI.iItem = _dwItem;
stLVI.iSubItem = _dwSubItem; if (_dwSubItem == -)
{
stLVI.iSubItem = ;
return SendMessage(_hWinView, LVM_INSERTITEM, , (LPARAM)&stLVI);
}
else
{
return SendMessage(_hWinView, LVM_SETITEM, , (LPARAM)&stLVI);
}
} /*
将_lpSZ位置处_Size个字节转换为16进制的字符串
szBuffer处为转换后的字符串
*/
void _Byte2Hex(PTCHAR _lpSZ, PTCHAR szBuffer, int _Size)
{
TCHAR szBuf[]; for (int i = ; i < _Size; ++i)
{
wsprintf(szBuf, TEXT("%02X "), (TBYTE)_lpSZ[i]);
lstrcat(szBuffer, szBuf);
}
} void _addLine(HWND hProcessModuleTable,PTCHAR _lpSZ, PTCHAR _lpSP1, PTCHAR _lpSP2, int _Size)
{
TCHAR szBuffer[]; dwCount = _ListViewSetItem(hProcessModuleTable, dwCount, -, _lpSZ); // 在表格中新增加一行
_ListViewSetItem(hProcessModuleTable, dwCount, , _lpSZ);//显示字段名 //将指定字段按照十六进制显示,格式:一个字节+一个空格 RtlZeroMemory(szBuffer, );
_Byte2Hex(_lpSP1, szBuffer, _Size);
_ListViewSetItem(hProcessModuleTable, dwCount, , szBuffer);//第一个文件中的值 RtlZeroMemory(szBuffer, );
_Byte2Hex(_lpSP2, szBuffer, _Size);
_ListViewSetItem(hProcessModuleTable, dwCount, , szBuffer);//第二个文件中的值
} /*
IMAGE_DOS_HEADER头信息
*/
void _Header1(HWND hProcessModuleTable, PTCHAR lpMemory, PTCHAR lpMemory1)
{
int offbuf[] = { , , , , , , , , , , , , , , , , , , };
TCHAR szRec[][] = {TEXT("IMAGE_DOS_HEADER.e_magic"),
TEXT("IMAGE_DOS_HEADER.e_cblp"),
TEXT("IMAGE_DOS_HEADER.e_cp"),
TEXT("IMAGE_DOS_HEADER.e_crlc"),
TEXT("IMAGE_DOS_HEADER.e_cparhdr"),
TEXT("IMAGE_DOS_HEADER.e_minalloc"),
TEXT("IMAGE_DOS_HEADER.e_maxalloc"),
TEXT("IMAGE_DOS_HEADER.e_ss"),
TEXT("IMAGE_DOS_HEADER.e_sp"),
TEXT("IMAGE_DOS_HEADER.e_csum"),
TEXT("IMAGE_DOS_HEADER.e_ip"),
TEXT("IMAGE_DOS_HEADER.e_cs"),
TEXT("IMAGE_DOS_HEADER.e_lfarlc"),
TEXT("IMAGE_DOS_HEADER.e_ovno"),
TEXT("IMAGE_DOS_HEADER.e_res"),
TEXT("IMAGE_DOS_HEADER.e_oemid"),
TEXT("IMAGE_DOS_HEADER.e_oeminfo"),
TEXT("IMAGE_DOS_HEADER.e_res2"),
TEXT("IMAGE_DOS_HEADER.e_lfanew"),}; for (int i = , off = ; i < ; ++i)
{
_addLine(hProcessModuleTable,szRec[i], lpMemory + off, lpMemory1 + off, offbuf[i]);
off += offbuf[i];
}
} /*
IMAGE_DOS_HEADER头信息
*/
void _Header2(HWND hProcessModuleTable, PTCHAR lpMemory, PTCHAR lpMemory1)
{
int offbuf[] = { , , , , , , , , , , , , , , , , , , , , , , , , , ,
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
, , , , , , , , , , , , };
TCHAR szRec[][] = { TEXT("IMAGE_NT_HEADERS.Signature"),
TEXT("IMAGE_FILE_HEADER.Machine"),
TEXT("IMAGE_FILE_HEADER.NumberOfSections"),
TEXT("IMAGE_FILE_HEADER.TimeDateStamp"),
TEXT("IMAGE_FILE_HEADER.PointerToSymbolTable"),
TEXT("IMAGE_FILE_HEADER.NumberOfSymbols"),
TEXT("IMAGE_FILE_HEADER.SizeOfOptionalHeader"),
TEXT("IMAGE_FILE_HEADER.Characteristics"),
TEXT("IMAGE_OPTIONAL_HEADER32.Magic"),
TEXT("IMAGE_OPTIONAL_HEADER32.MajorLinkerVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MinorLinkerVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfCode"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfInitializedData"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfUninitializedData"),
TEXT("IMAGE_OPTIONAL_HEADER32.AddressOfEntryPoint"),
TEXT("IMAGE_OPTIONAL_HEADER32.BaseOfCode"),
TEXT("IMAGE_OPTIONAL_HEADER32.BaseOfData"),
TEXT("IMAGE_OPTIONAL_HEADER32.ImageBase"),
TEXT("IMAGE_OPTIONAL_HEADER32.SectionAlignment"),
TEXT("IMAGE_OPTIONAL_HEADER32.FileAlignment"),
TEXT("IMAGE_OPTIONAL_HEADER32.MajorOperatingSystemVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MinorOperatingSystemVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MajorImageVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MinorImageVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MajorSubsystemVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.MinorSubsystemVersion"),
TEXT("IMAGE_OPTIONAL_HEADER32.Win32VersionValue"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfImage"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfHeaders"),
TEXT("IMAGE_OPTIONAL_HEADER32.CheckSum"),
TEXT("IMAGE_OPTIONAL_HEADER32.Subsystem"),
TEXT("IMAGE_OPTIONAL_HEADER32.DllCharacteristics"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfStackReserve"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfStackCommit"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfHeapReserve"),
TEXT("IMAGE_OPTIONAL_HEADER32.SizeOfHeapCommit"),
TEXT("IMAGE_OPTIONAL_HEADER32.LoaderFlags"),
TEXT("IMAGE_OPTIONAL_HEADER32.NumberOfRvaAndSizes"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Export)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Export)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Import)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Import)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Resource)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Resource)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Exception)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Exception)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Security)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Security)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(BaseReloc)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(BaseReloc)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Debug)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Debug)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Architecture)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Architecture)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(GlobalPTR)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(GlobalPTR)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(TLS)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(TLS)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Load_Config)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Load_Config)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Bound_Import)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Bound_Import)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(IAT)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(IAT)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Delay_Import)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Delay_Import)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Com_Descriptor)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Com_Descriptor)"),
TEXT("IMAGE_DATA_DIRECTORY.VirtualAddress(Reserved)"),
TEXT("IMAGE_DATA_DIRECTORY.isize(Reserved)") }; for (int i = , off = ; i < ; ++i)
{
_addLine(hProcessModuleTable,szRec[i], lpMemory + off, lpMemory1 + off, offbuf[i]);
off += offbuf[i];
}
} /*
节表
*/
void _Header3(HWND hProcessModuleTable, PTCHAR lpMemory, PTCHAR lpMemory1, DWORD _dwValue)
{
int offbuf[] = { , , , , , , , , , };
TCHAR szBuffer[];
TCHAR szRec[][] = { TEXT("IMAGE_SECTION_HEADER%d.Name1"),
TEXT("IMAGE_SECTION_HEADER%d.VirtualSize"),
TEXT("IMAGE_SECTION_HEADER%d.VirtualAddress"),
TEXT("IMAGE_SECTION_HEADER%d.SizeOfRawData"),
TEXT("IMAGE_SECTION_HEADER%d.PointerToRawData"),
TEXT("IMAGE_SECTION_HEADER%d.PointerToRelocations"),
TEXT("IMAGE_SECTION_HEADER%d.PointerToLinenumbers"),
TEXT("IMAGE_SECTION_HEADER%d.NumberOfRelocations"),
TEXT("IMAGE_SECTION_HEADER%d.NumberOfLinenumbers"),
TEXT("IMAGE_SECTION_HEADER%d.Characteristics")}; for (int i = , off = ; i < ; ++i)
{
wsprintf(szBuffer, szRec[i], _dwValue);
_addLine(hProcessModuleTable,szBuffer, lpMemory + off, lpMemory1 + off, offbuf[i]);
off += offbuf[i];
}
} /*
打开PE文件并处理
*/
void _openFile(HWND hWinMain, HWND hProcessModuleTable, PTCHAR szFileNameOpen1, PTCHAR szFileNameOpen2)
{
HANDLE hFile;
HANDLE hMapFile = NULL;
HANDLE hFile1;
HANDLE hMapFile1=NULL;
DWORD dwFileSize, dwFileSize1;
static LPVOID lpMemory, lpMemory1; hFile = CreateFile(szFileNameOpen1, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE, NULL); if (hFile != INVALID_HANDLE_VALUE)
{
dwFileSize = GetFileSize(hFile, NULL);
if (dwFileSize)
{
hMapFile = CreateFileMapping(hFile, NULL, PAGE_READONLY, , , NULL);// 内存映射文件
if (hMapFile)
{
lpMemory = MapViewOfFile(hMapFile, FILE_MAP_READ, , , );
if (((PIMAGE_DOS_HEADER)lpMemory)->e_magic != IMAGE_DOS_SIGNATURE)//判断是否有MZ字样
{
_ErrFormat:
MessageBox(hWinMain, TEXT("这个文件不是PE格式的文件!"), NULL, MB_OK);
UnmapViewOfFile(lpMemory);
CloseHandle(hMapFile);
CloseHandle(hFile);
return;
}
if (((PIMAGE_NT_HEADERS)((PTCHAR)lpMemory +
((PIMAGE_DOS_HEADER)lpMemory)->e_lfanew))->Signature !=
IMAGE_NT_SIGNATURE)//判断是否有PE字样
{
goto _ErrFormat;
}
}
}
} hFile1 = CreateFile(szFileNameOpen2, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE, NULL); if (hFile1 != INVALID_HANDLE_VALUE)
{
dwFileSize1 = GetFileSize(hFile1, NULL);
if (dwFileSize1)
{
hMapFile1 = CreateFileMapping(hFile1, NULL, PAGE_READONLY, , , NULL);// 内存映射文件
if (hMapFile1)
{
lpMemory1 = MapViewOfFile(hMapFile1, FILE_MAP_READ, , , ); if (((PIMAGE_DOS_HEADER)lpMemory1)->e_magic != IMAGE_DOS_SIGNATURE)//判断是否有MZ字样
{
_ErrFormat1:
MessageBox(hWinMain, TEXT("这个文件不是PE格式的文件!"), NULL, MB_OK);
UnmapViewOfFile(lpMemory1);
CloseHandle(hMapFile1);
CloseHandle(hFile1);
return;
} if (((PIMAGE_NT_HEADERS)((PTCHAR)lpMemory1 +
((PIMAGE_DOS_HEADER)lpMemory1)->e_lfanew))->Signature !=
IMAGE_NT_SIGNATURE)//判断是否有PE字样
{
goto _ErrFormat1;
}
}
}
} /*
到此为止,两个内存文件的指针已经获取到了。
lpMemory和lpMemory1分别指向两个文件头
下面是从这个文件头开始,找出各数据结构的字段值,进行比较。
*/ _Header1(hProcessModuleTable, (PTCHAR)lpMemory, (PTCHAR)lpMemory1); //调整指针指向PE文件头
(PTCHAR)lpMemory += ((PIMAGE_DOS_HEADER)lpMemory)->e_lfanew;
(PTCHAR)lpMemory1 += ((PIMAGE_DOS_HEADER)lpMemory1)->e_lfanew;
_Header2(hProcessModuleTable, (PTCHAR)lpMemory, (PTCHAR)lpMemory1); //节的数量
WORD dNum, dNum1, dNum2;
dNum1 = ((PIMAGE_NT_HEADERS)lpMemory)->FileHeader.NumberOfSections;
dNum2 = ((PIMAGE_NT_HEADERS)lpMemory1)->FileHeader.NumberOfSections;
dNum = dNum1 > dNum2 ? dNum1 : dNum2; //整指针指向节表
(PTCHAR)lpMemory += sizeof(IMAGE_NT_HEADERS);
(PTCHAR)lpMemory1 += sizeof(IMAGE_NT_HEADERS); DWORD _dwValue = ;//节序号
while (dNum--)
{
_Header3(hProcessModuleTable, (PTCHAR)lpMemory, (PTCHAR)lpMemory1, _dwValue++); (PTCHAR)lpMemory += sizeof(IMAGE_SECTION_HEADER);
(PTCHAR)lpMemory1 += sizeof(IMAGE_SECTION_HEADER);
} UnmapViewOfFile(lpMemory);
CloseHandle(hMapFile);
CloseHandle(hFile); UnmapViewOfFile(lpMemory1);
CloseHandle(hMapFile1);
CloseHandle(hFile1);
} /*
打开输入文件
*/
void _OpenFile1(HWND hWinMain, HWND hText1, PTCHAR szFileNameOpen1)
{
OPENFILENAME stOF; RtlZeroMemory(&stOF, sizeof(stOF));
stOF.lStructSize = sizeof(stOF);
stOF.hwndOwner = hWinMain;
stOF.hInstance = hInstance;
stOF.lpstrFilter = TEXT("Excutable Files\0*.exe;*.com\0\0");
stOF.lpstrFile = szFileNameOpen1;
stOF.nMaxFile = MAX_PATH;
stOF.Flags = OFN_FILEMUSTEXIST | OFN_HIDEREADONLY | OFN_PATHMUSTEXIST;
if (GetOpenFileName(&stOF))//显示“打开文件”对话框
{
SetWindowText(hText1, szFileNameOpen1);
} } /*
打开输入文件
*/
void _OpenFile2(HWND hWinMain, HWND hText2, PTCHAR szFileNameOpen2)
{
OPENFILENAME stOF; RtlZeroMemory(&stOF, sizeof(stOF));
stOF.lStructSize = sizeof(stOF);
stOF.hwndOwner = hWinMain;
stOF.hInstance = hInstance;
stOF.lpstrFilter = TEXT("Excutable Files\0*.exe;*.com\0\0");
stOF.lpstrFile = szFileNameOpen2;
stOF.nMaxFile = MAX_PATH;
stOF.Flags = OFN_FILEMUSTEXIST | OFN_HIDEREADONLY | OFN_PATHMUSTEXIST;
if (GetOpenFileName(&stOF))//显示“打开文件”对话框
{
SetWindowText(hText2, szFileNameOpen2);
} } INT_PTR CALLBACK _resultProcMain(HWND hProcessModuleDlg, UINT wMsg, WPARAM wParam, LPARAM lParam)
{
static HWND hWinMain, hProcessModuleTable, hText1, hText2;
TCHAR bufTemp1[0x200], bufTemp2[0x200];
static TCHAR szFileNameOpen1[MAX_PATH], szFileNameOpen2[MAX_PATH]; switch (wMsg)
{
case WM_CLOSE:
EndDialog(hProcessModuleDlg, );
break; case WM_INITDIALOG: //初始化
hWinMain = (HWND)lParam; hProcessModuleTable = GetDlgItem(hProcessModuleDlg, IDC_MODULETABLE);
hText1 = GetDlgItem(hProcessModuleDlg, ID_TEXT1);
hText2 = GetDlgItem(hProcessModuleDlg, ID_TEXT2); //定义表格外观
SendMessage(hProcessModuleTable, LVM_SETEXTENDEDLISTVIEWSTYLE, ,
LVS_EX_GRIDLINES | LVS_EX_FULLROWSELECT);
ShowWindow(hProcessModuleTable, SW_SHOW); _clearResultView(hProcessModuleTable);//清空表格内容
break; case WM_NOTIFY:
if(((NMHDR *)lParam)->hwndFrom == hProcessModuleTable)//更改各控件状态
{
if (((NMHDR *)lParam)->code == NM_CUSTOMDRAW)//绘画时
{
if (((NMLVCUSTOMDRAW *)lParam)->nmcd.dwDrawStage == CDDS_PREPAINT)
{
SetWindowLong(hProcessModuleDlg, DWL_MSGRESULT, CDRF_NOTIFYITEMDRAW);
}
else if (((NMLVCUSTOMDRAW *)lParam)->nmcd.dwDrawStage == CDDS_ITEMPREPAINT)
{
//当每一单元格内容预画时,判断两列的值是否一致
//如果一致,则将文本的背景色设置为浅红色,否则黑色
_GetListViewItem(hProcessModuleTable, ((NMLVCUSTOMDRAW *)lParam)->nmcd.dwItemSpec,
, bufTemp1);
_GetListViewItem(hProcessModuleTable, ((NMLVCUSTOMDRAW *)lParam)->nmcd.dwItemSpec,
, bufTemp2);
if (_MemCmp(bufTemp1, bufTemp2, lstrlen(bufTemp1)))
{
((NMLVCUSTOMDRAW *)lParam)->clrTextBk = 0xa0a0ff;
}
else
{
((NMLVCUSTOMDRAW *)lParam)->clrTextBk = 0xffffff;
}
SetWindowLong(hProcessModuleDlg, DWL_MSGRESULT, CDRF_DODEFAULT);
}
}
}
break; case WM_COMMAND: //菜单
switch (LOWORD(wParam))
{
case IDC_OK: //刷新
_openFile(hWinMain, hProcessModuleTable, szFileNameOpen1, szFileNameOpen2);
break; case IDC_BROWSE1: //用户选择第一个文件
_OpenFile1(hWinMain, hText1, szFileNameOpen1);
break;
case IDC_BROWSE2: //用户选择第二个文件
_OpenFile2(hWinMain, hText2, szFileNameOpen2);
break;
}
break; default:
return FALSE;
} return TRUE; } /*
窗口程序
*/
INT_PTR CALLBACK _ProcDlgMain(HWND hWnd, UINT wMsg, WPARAM wParam, LPARAM lParam)
{
switch (wMsg)
{
case WM_CLOSE:
EndDialog(hWnd, );
break; case WM_INITDIALOG: //初始化
_Init(hWnd);
break; case WM_COMMAND: //菜单
switch (LOWORD(wParam))
{
case IDM_EXIT: //退出
EndDialog(hWnd, );
break; case IDM_OPEN: //打开PE对比对话框
DialogBoxParam(hInstance, MAKEINTRESOURCE(RESULT_MODULE), hWnd,
_resultProcMain, (LPARAM)hWnd);
case IDM_1:
case IDM_2:
case IDM_3:
default:
break;
}
break; default:
return FALSE;
} return TRUE;
} int WINAPI WinMain(HINSTANCE hInst, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
HMODULE hRichEdit; hInstance = hInst;
InitCommonControls();
hRichEdit = LoadLibrary(TEXT("RichEd20.dll"));
DialogBoxParam(hInstance, MAKEINTRESOURCE(DLG_MAIN), NULL, _ProcDlgMain, (LPARAM)NULL);
FreeLibrary(hRichEdit);
return ;
}
头文件 resource.h
//{{NO_DEPENDENCIES}}
// Microsoft Visual C++ 生成的包含文件。
// 供 Resource.rc 使用
//
#define ICO_MAIN 101
#define IDM_MAIN 103
#define DLG_MAIN 104
#define RESULT_MODULE 105
#define IDC_INFO 1001
#define ID_TEXT1 1002
#define ID_TEXT2 1008
#define IDC_BROWSE1 1003
#define ID_STATIC 1007
#define ID_STATIC1 1004
#define IDC_EDIT2 1005
#define IDC_BROWSE2 1006
#define IDC_MODULETABLE 1009
#define IDC_THESAME 1010
#define IDC_BUTTON3 1011
#define IDC_OK 1011
#define ID_40002 40002
#define ID_40003 40003
#define ID_40004 40004
#define ID_40005 40005
#define ID_40006 40006
#define IDM_OPEN 40007
#define IDM_1 40008
#define IDM_2 40009
#define IDM_3 40010
#define IDM_EXIT 40011
#define ID_40012 40012
#define ID_40013 40013
#define ID_40014 40014
#define ID_40015 40015
#define IDM_4 40016
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NEXT_RESOURCE_VALUE 106
#define _APS_NEXT_COMMAND_VALUE 40017
#define _APS_NEXT_CONTROL_VALUE 1012
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
资源文件 resource.rc
// Microsoft Visual C++ generated resource script.
//
#include "resource.h" #define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#include "winres.h" /////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS /////////////////////////////////////////////////////////////////////////////
// 中文(简体,中国) resources #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_CHS)
LANGUAGE LANG_CHINESE, SUBLANG_CHINESE_SIMPLIFIED #ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
// TEXTINCLUDE
BEGIN
"resource.h\0"
END TEXTINCLUDE
BEGIN
"#include ""winres.h""\r\n"
"\0"
END TEXTINCLUDE
BEGIN
"\r\n"
"\0"
END #endif // APSTUDIO_INVOKED /////////////////////////////////////////////////////////////////////////////
//
// Icon
// // Icon with lowest ID value placed first to ensure application icon
// remains consistent on all systems.
ICO_MAIN ICON "main.ico" /////////////////////////////////////////////////////////////////////////////
//
// Menu
// IDM_MAIN MENU
BEGIN
POPUP "文件(&F)"
BEGIN
MENUITEM "打开PE对比对话框", IDM_OPEN
MENUITEM "---", IDM_1
MENUITEM "---", IDM_2
MENUITEM "---", IDM_3, CHECKED
MENUITEM SEPARATOR
MENUITEM "退出(&x)", IDM_EXIT
END
POPUP "编辑(&E)"
BEGIN
MENUITEM SEPARATOR
END
POPUP "格式(&O)"
BEGIN
MENUITEM SEPARATOR
END
POPUP "查看(&V)"
BEGIN
MENUITEM "源文件", IDM_1
MENUITEM "窗口透明度", IDM_2
MENUITEM SEPARATOR
MENUITEM "大小", IDM_3
MENUITEM "宽度", IDM_4
END
POPUP "帮助(&H)"
BEGIN
MENUITEM SEPARATOR
END
END /////////////////////////////////////////////////////////////////////////////
//
// Dialog
// DLG_MAIN DIALOG , , ,
STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU
CAPTION "PEComp"
MENU IDM_MAIN
FONT , "宋体"
BEGIN
CONTROL "",IDC_INFO,"RichEdit20A",ES_MULTILINE | ES_AUTOVSCROLL | ES_AUTOHSCROLL | ES_READONLY | ES_WANTRETURN | WS_BORDER | WS_VSCROLL | WS_TABSTOP,,,,
END RESULT_MODULE DIALOGEX , , ,
STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU
CAPTION "PE文件对比结果"
FONT , "宋体", , , 0x0
BEGIN
LTEXT "您选定的第一个文件为:",ID_STATIC,,,,
EDITTEXT ID_TEXT1,,,,
PUSHBUTTON "浏览...",IDC_BROWSE1,,,,
LTEXT "您选定的第二个文件为:",ID_STATIC1,,,,
EDITTEXT ID_TEXT2,,,,
PUSHBUTTON "浏览...",IDC_BROWSE2,,,,
CONTROL "",IDC_MODULETABLE,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | WS_BORDER | WS_TABSTOP,,,,
CONTROL "只显示不同的值",IDC_THESAME,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,,,,
PUSHBUTTON "执行...(&R)",IDC_OK,,,,
END /////////////////////////////////////////////////////////////////////////////
//
// DESIGNINFO
// #ifdef APSTUDIO_INVOKED
GUIDELINES DESIGNINFO
BEGIN
DLG_MAIN, DIALOG
BEGIN
LEFTMARGIN,
RIGHTMARGIN,
TOPMARGIN,
BOTTOMMARGIN,
END RESULT_MODULE, DIALOG
BEGIN
LEFTMARGIN,
RIGHTMARGIN,
BOTTOMMARGIN,
END
END
#endif // APSTUDIO_INVOKED #endif // 中文(简体,中国) resources
///////////////////////////////////////////////////////////////////////////// #ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
// /////////////////////////////////////////////////////////////////////////////
#endif // not APSTUDIO_INVOKED