Thread: problem with search algorithm or its data

When I 1st made my algorithm I got every possible address, that I rectified by comparing the right data (dunno why but I had originally set it to compare against next node and somehow both where 0), now however I don't get any results, I know for sure it enters the while loop at bottom of proc_aobscan but haven't been able to get even one result out of it.

Gotta head to work soon so just posting my code here in the hopes someone will figure out what I'm doing wrong before I get a chance to debug it tonight

Code:

define PAGE_LINE_SIZE (((sizeof(void*) * 2) * CHAR_BIT) + 7)

intptr_t proc_intptr_next( int *err, proc_handle_t *handle, intptr_t addr, intptr_t *size ) {
	char line[PAGE_LINE_SIZE] = {0};
	intptr_t from = 0, upto = 0;
	if ( !size ) {
		if ( err ) *err = EDESTADDRREQ;
		return -1;
	}
	*size = -1;
	if ( !handle ) {
		if ( err ) *err = EINVAL;
		return -1;
	}
#ifdef _LARGEFILE64_SOURCE
	lseek64( handle->pagesFd, 0, SEEK_SET );
#else
	lseek( handle->pagesFd, 0, SEEK_SET );
#endif
	next_page:
	if ( read( handle->pagesFd, line, PAGE_LINE_SIZE )
		!= PAGE_LINE_SIZE ) {
		if ( err ) *err = errno;
		return -1;
	}
	line[PAGE_LINE_SIZE-1] = 0;
	sscanf( line, "%p-%p", (void**)(&from), (void**)(&upto) );
	if ( addr >= upto ) {
		while ( read( handle->pagesFd, line, 1 ) != 1 ) {
			if ( line[0] == '\n' )
				goto next_page;
		}
		if ( err ) *err = errno;
		return -1;
	}
	*size = upto - from;
	return from;
}

node_t proc_aobscan(
	int *err, int into,
	proc_handle_t *handle,
	uchar *array, intptr_t bytes,
	intptr_t from, intptr_t upto ) {
	node_t count = 0;
	uchar buff[BUFSIZ*2] = {0}, *i, *next;
	intptr_t done, addr, size, stop;
	errno = EXIT_SUCCESS;
	if ( into < 0 ) {
		if ( err ) *err = EDESTADDRREQ;
		return 0;
	}
	if ( !handle || !array || bytes <= 0 ) {
		if ( err ) *err = EINVAL;
		return 0;
	}
	if ( (addr = proc_intptr_next( err, handle, from, &size )) < 0 )
		return 0;
	stop = addr + size;
	if ( addr >= upto ) {
		if ( err ) *err = EXIT_SUCCESS;
		return 0;
	}
	if ( from < addr ) from = addr;
#ifdef _LARGEFILE64_SOURCE
	if ( lseek64( handle->rdMemFd, from, SEEK_SET ) < 0 ) {
		if ( err ) *err = errno;
		return 0;
	}
	if ( lseek64( into, 0, SEEK_SET ) < 0 ) {
		if ( err ) *err = errno;
		return 0;
	}
#else
	if ( lseek( handle->rdMemFd, from, SEEK_SET ) < 0 ) {
		if ( err ) *err = errno;
		return 0;
	}
	if ( lseek( into, 0, SEEK_SET ) < 0 ) {
		if ( err ) *err = errno;
		return 0;
	}
#endif
	done = stop - from;
	if ( done >= BUFSIZ ) done = BUFSIZ;
	if ( (done = read( handle->rdMemFd, buff, done )) <= 0 ) {
		if ( err ) *err = errno;
		return 0;
	}
	next = buff + done;
	while ( (from + bytes) < upto ) {
		if ( done == BUFSIZ ) {
			done = stop - from;
			if ( done >= BUFSIZ ) done = BUFSIZ;
			if ( (done =
				read( handle->rdMemFd, buff + BUFSIZ, done )) <= 0) {
				if ( err ) *err = errno;
				return count;
			}
		}
		for ( i = buff; i < next; ++i, ++from ) {
			if ( memcmp( i, array, bytes ) == 0 ) {
				if ( write( into, &from, sizeof(from) ) != sizeof(from) ) {
					if ( err ) *err = errno;
					return count;
				}
				++count;
			}
		}
		(void)memmove( buff, buff + BUFSIZ, BUFSIZ );
		(void)memset( buff + BUFSIZ, 0, BUFSIZ );
		next = buff + done;
		if ( from >= stop ) {
			if ( (addr = proc_intptr_next(
				err, handle, from, &size )) < 0 )
				return count;
			if ( addr >= upto ) {
				if ( err ) *err = EXIT_SUCCESS;
				return count;
			}
			stop = addr + size;
			if ( from < addr ) from = addr;
		}
	}
	if ( err ) *err = EXIT_SUCCESS;
	return count;
}

And for full file/project:
gasp.zip - Google Drive

Code:

        while ( read( handle->pagesFd, line, 1 ) != 1 ) {
            if ( line[0] == '\n' )
                goto next_page;

This is not a good use of goto. The general advise is to avoid using goto. There are exceptions to the rule, but the exceptions are for cases where goto makes the code clearer. A goto that jumps backwards into code that's full of early returns is not structured code (far from it) and doesn't make things clearer. If you find yourself typing goto (and every snippet you write seems to use it) I suggest taking a step back and asking yourself if it's really necessary

Originally Posted by Hodor

Code:

        while ( read( handle->pagesFd, line, 1 ) != 1 ) {
            if ( line[0] == '\n' )
                goto next_page;

This is not a good use of goto. The general advise is to avoid using goto. There are exceptions to the rule, but the exceptions are for cases where goto makes the code clearer. A goto that jumps backwards into code that's full of early returns is not structured code (far from it) and doesn't make things clearer. If you find yourself typing goto (and every snippet you write seems to use it) I suggest taking a step back and asking yourself if it's really necessary

It is a good use, no need for recursive call there, simple go back and identify next page

Originally Posted by awsdert

It is a good use, no need for recursive call there, simple go back and identify next page

I have however just noticed I did incorrect check on read result

Originally Posted by laserlight

When starting a new post, you should introduce what you're doing: what is the problem that you're trying to solve? What is the test input, expected output, and actual output? If you cannot provide these, then perhaps you need to extract or even simplify your code so that you can post the smallest and simplest compilable program (not just a snippet) that demonstrates the problem.

I don't want to discourage you posting here, but you're treating this forum like your personal project forum: you expect readers to come in and understand the context implicitly. You didn't even document your functions. That's not the way to ask for help. Here's an extract from the "How to ask questions the smart way" article linked to in my signature:

I did state the problem, I wasn't getting any results despite there being garunteed addresses somewhere in the paged memory since the app is currently reading from its own memory, amd no I'm not treating it as my personal project forum, I was focusing on getting ready to leave, I wasn't really expecting much from this thread to begin with, I normally only post when I'm at the end of my ideas or simply don't have the time to do any research and am simply hoping to get lucky by the time I do have time, still at work btw so can't try anything for a few more hours

Originally Posted by awsdert

It is a good use, no need for recursive call there, simple go back and identify next page

I didn't mention recursion. A simple loop would suffice (iteration)

Originally Posted by laserlight

Read your first post in this topic again. No, you didn't state that

Originally Posted by awsdert

now however I don't get any results

I think you're the one that needs to re-read the post, also did connect to code if you hadn't noticed the largish function at the bottom of the post, I even went as far as to upload a zip of project for people who want to actually test the code without writing their own project for it, sure it's got little or no comments but that's because I haven't settled on the api yet, consider it similar to nuklear in that aspect, I'll work on that after I can successfully change data from another process with this app, on another note it turned out the reason I wasn't getting results is because I hadn't accessed the right section of memory (or I'm using memcmp wrong), I haven't managed to correct that yet but I can get results if I look for single byte values, fixing that typo I mentioned on a previous post probably helped with that, only tried single byte after having fixed that.

Originally Posted by laserlight

And that's precisely how you're treating this as your personal project forum. If you don't have time to ask a question well, defer asking until you have the time. In deferring and hence thinking more clearly about how you can present the question well to someone else, you might realise you have solved it yourself with a eureka moment in the meantime

Fine, not gonna argue too much on that point since I do sometimes rush the question, I'll try to keep that at the back of my mind, only human though so I'll probably make poorly phrased questions again.

Originally Posted by Hodor

Regarding this. I'm responding to you, @awsdert and not laserlight.

I've taken the time to download and debug your code dumps before even though I normally wouldn't unless I was involved in the project. The reason I've done this is because your programs interest me. But you seem to have ignored nearly every bit of advice given you by me and others. You still don't comment your code. You still insist on never putting a blank line between anything. You still make debugging hard by putting lots of things on one line instead of 2 or 3 lines like a normal programmer. Whitespace is your friend. Comments are your friend. Putting things on different lines is helpful (so you can set debug breakpoints). I've said all this before but you seem to think that all these things are nasty or why else do you insist on making things hard for yourself and others? Putting 500 statements or expressions on one line doesn't make your program faster ya know

Edit: I will concede that the majority of my programming in C is for embedded systems and maybe the rules are different there because we have to be able to read the code easily (because once it's deployed it's not usually easy to change; and when it is easy it's not necessarily cheap). Maybe this isn't the case for general programming, but I've got PRs accepted into the Linux kernel and I've looked at a lot of source code for the kernel. Whitespace is used extensively. Comments are used extensively. There is one thing per line except in the most trivial of cases. So I think that using whitespace and comments and writing things so a breakpoint can be set when a condition is true/false is pretty common and almost required. Maybe I'm wrong though

ah that's my bad, I'm so used to cutting down on whitespace that I tend to forget until it is pointed out to me, might have been a habit I developed in college when writing essays. Hard to kick a habit once it's there, as long as it's pointed out to me I don't mind putting in the effort to rectify it and reposting it.

Originally Posted by laserlight

Which you did not explain, neither in your post nor in a comment. You only mentioned being unable to "get even one result out of it", but leave the reader to figure it out from scratch. So unfortunately it's not connected to the question.


Then you should read Stroustrup's implied criticism of your approach, also in my signature: "Most have more sense than to send me hundreds of lines of code." You've been doing this over and over again. It's fine if the forum is specifically about your own project because then readers are expected to research your project for the context, but this is a general C programming forum. You're going to get C programmers who might pass by and might have been interested in helping you, but after looking at the missing context, they just move on. Let's do better. I can't guarantee that you'll actually get more useful help, but you'll be helping yourself increase your chances of getting such help.

Well the most I was expecting was for peops to take a glance at the code I posted (not the google drive) and point out any problems they happen to spot, wasn't really expecting any thing in depth, anyways I found the issue now, it was the size of the line variable where I was reading the scope of each page in the first function of my initial post.

Where I used this:

Code:

#define PAGE_LINE_SIZE (((sizeof(void*) * 2) * CHAR_BIT) + 7)

I should've used a smaller value like this:

Code:

#define PAGE_LINE_SIZE ((sizeof(void*) * 4) + 7)

The result of the bigger value was corrupted page scope and skipped pages, now I get the results I was expecting so I can move onto modifying the memory and printing the result to confirm.