修复重定位表后运行不了

aswcy815174418

先修改了ImageBase = 0x500000（原来是0x400000），代码优化了一天，还是不行，来求助各位大佬
测试的程序：点我下载
错误分析：我判断高位时，以为高位为3低12位全为0就没必要修复了，错误在这里
以下是我已经修改好的代码：

#include <iostream>
#include <windows.h>

DWORD RVATranformFOA(IMAGE_NT_HEADERS* nt, IMAGE_SECTION_HEADER** sectionArr, DWORD virAddr) {
    if (virAddr == 0) {
        return 0;
    }
    for (int i = 0; i < nt->FileHeader.NumberOfSections; i++) {
        if (sectionArr[i]->VirtualAddress >= virAddr) {
            //printf("%x %x %x\n", virAddr, sectionArr[i]->VirtualAddress, sectionArr[i]->PointerToRawData);
            if (sectionArr[i]->VirtualAddress == virAddr) {
                return sectionArr[i]->PointerToRawData;
            }
            i == 0 ? i++ : i;
            return  virAddr - sectionArr[i - 1]->VirtualAddress + sectionArr[i - 1]->PointerToRawData;
        }
    }
    return 0;
}

int main() {
    HANDLE handle = CreateFileA("D:\\EverEdit.exe", GENERIC_READ | GENERIC_WRITE, FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0);
    HANDLE handleMap = CreateFileMappingA(handle, 0, PAGE_READWRITE, 0, 0, 0);
    LPVOID handleView = MapViewOfFile(handleMap, FILE_MAP_WRITE, 0, 0, 0);

    IMAGE_DOS_HEADER* dos = (IMAGE_DOS_HEADER*)handleView;
    IMAGE_NT_HEADERS* nt = (IMAGE_NT_HEADERS*)((UINT)dos + dos->e_lfanew);
    IMAGE_SECTION_HEADER** sectionArr = (IMAGE_SECTION_HEADER**)malloc(nt->FileHeader.NumberOfSections * 4);

    for (int i = 0; i < nt->FileHeader.NumberOfSections; i++) {
        sectionArr[i] = (IMAGE_SECTION_HEADER*)((UINT)nt + sizeof(*nt) + 40 * i);
        //printf("%x\n", sectionArr[i]);
    }

    //保存之前的ImageBase
    DWORD preImageBase = nt->OptionalHeader.ImageBase;
    //修改的ImageBase
    nt->OptionalHeader.ImageBase = 0x700000;
    //获取差值
    DWORD offset = nt->OptionalHeader.ImageBase - preImageBase;

    IMAGE_BASE_RELOCATION* relocSecVirAddr = (IMAGE_BASE_RELOCATION*)(RVATranformFOA(nt, sectionArr, nt->OptionalHeader.DataDirectory[5].VirtualAddress) + (UINT)dos);
    //获取到重定位表相对文件位置FOA
    printf("offsetFOA: %x\n", (UINT)relocSecVirAddr - (UINT)dos);

    if (offset) {

        while (relocSecVirAddr->VirtualAddress && relocSecVirAddr->SizeOfBlock) {
            WORD* offer = (WORD*)((UINT)relocSecVirAddr + 8);
            printf("***************************************************");
            for (size_t i = 0; i < (relocSecVirAddr->SizeOfBlock - 8) / 2; i++) {
                offer = (WORD*)((UINT)relocSecVirAddr + 8 + i * 2);
                if (*offer >= 3000) {
                    DWORD* motifyAddr = (DWORD*)(RVATranformFOA(nt, sectionArr, relocSecVirAddr->VirtualAddress) + *offer - 0x3000 + (UINT)dos);
                    printf("%x\n", *offer - 0x3000 + RVATranformFOA(nt, sectionArr, relocSecVirAddr->VirtualAddress));
                    *motifyAddr += offset;
                }

            }
            printf("***************************************************");
            relocSecVirAddr = (IMAGE_BASE_RELOCATION*)((UINT)relocSecVirAddr + relocSecVirAddr->SizeOfBlock);

        }

        printf("motify is ok\n");
    }

    CloseHandle(handle);
}