Checking memory allocation

This is a discussion on Checking memory allocation within the C Programming forums, part of the General Programming Boards category; Okay, so I'm basically writing a c .dll that will iterate through memory of the target process and report if ...

  1. #1
    Registered User
    Join Date
    Dec 2008
    Posts
    3

    Checking memory allocation

    Okay, so I'm basically writing a c .dll that will iterate through memory of the target process and report if a certain value is true.

    I have this working fine (through the use of pointers), however, when it hits region of memory that hasn't been allocated it crashes the process. I was looking for a method (preferably not through Windows API) to check whether or not the memory has being allocated.

    Code looks something like this:

    Code:
    for(i=0x10000;i<0x7FFFFFFF;i+=0x10000)
    {
    			
    	if(*(DWORD*)(i + 0xAC) == 0x16945630)
    	{
    		pdwMyAddr = (DWORD*)(i + 0xAC);
    		//Abritrary code here.
    	}
    }
    Thanks for any help .

  2. #2
    Registered User C_ntua's Avatar
    Join Date
    Jun 2008
    Posts
    1,853
    Well, it crashes as it owes to. I suppose you have a method to know exactly which memory address the process owns? Like from where the heap, the stack etc etc start end.
    Well, the information is somewhere, but that depends on the OS. The OS is responsible for managing memory along processes. But I don't know where you can read that information. The sure think is that it would be TOTALLY unsafe if somebody could just read information from the memory without being owned by the process.
    It would be also unsafe to find out where a process writes and just read that memory!
    And finally, every time the process runs it won't have the same memory space. It would depend.
    Now, if you have access to the code of the program it might be possible. You could probably just print the address of each variable, manually or with a certain function maybe? Then finding the "bounds" of the memory owned by the process you might get what you want. Probably not what you want 'cause I don't believe its possible for security reasons...

  3. #3
    Woof, woof! zacs7's Avatar
    Join Date
    Mar 2007
    Location
    Australia
    Posts
    3,459
    The days when such a thing was possible are long, long gone.

    Basically you need to inject a DLL into the target process and then read the memory of the process via that DLL. I won't say anymore just incase it's against the rules (this sort of stuff is used by viruses and game cheats).

  4. #4
    Registered User
    Join Date
    Dec 2008
    Posts
    3
    The sure think is that it would be TOTALLY unsafe if somebody could just read information from the memory without being owned by the process.
    My dll creates a thread belonging to the process.

    And finally, every time the process runs it won't have the same memory space. It would depend.
    Yep, I am aware of that, this function is for finding the address of a value within memory

    Basically you need to inject a DLL into the target process and then read the memory of the process via that DLL. I won't say anymore just incase it's against the rules (this sort of stuff is used by viruses and game cheats).
    Yep, yep everything is working, other than when it hits a block of unallocated memory it crashes (as it is attempting to assign it to a DWORD, when there's nothing there)

    And finally, every time the process runs it won't have the same memory space. It would depend.
    Oh, ohk, so I will have to resort to an api to check? :[.

    Thanks for the quick replies

  5. #5
    C++まいる!Cをこわせ! Elysia's Avatar
    Join Date
    Oct 2007
    Posts
    22,768
    Yes, you may want to look into the Virtual Memory functions of the Win32 API, more specifically VirtualQuery. Use it to query if the pages have been allocated or not.
    But then again, why do you need to do this?
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  6. #6
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    There was a discussion not so long ago, where we came up with a list of "Possible virtual addresses that the process may own".

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. POSIX Threads and dynamic memory allocation
    By PING in forum Linux Programming
    Replies: 1
    Last Post: 04-02-2009, 10:28 AM
  2. To find the memory leaks without using any tools
    By asadullah in forum C Programming
    Replies: 2
    Last Post: 05-12-2008, 07:54 AM
  3. Assignment Operator, Memory and Scope
    By SevenThunders in forum C++ Programming
    Replies: 47
    Last Post: 03-31-2008, 06:22 AM
  4. Checking for memory allocation...
    By kinghajj in forum C Programming
    Replies: 7
    Last Post: 12-22-2004, 09:42 PM
  5. Memory allocation at runtime?
    By electrolove in forum C Programming
    Replies: 6
    Last Post: 02-05-2003, 10:39 AM

Tags for this Thread


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21