Thread: Accessing specific bytes in memory.

Originally posted by Imperito
This is way more low level than I am used to, but does anyone know how to access a specific byte in a programs address-space and load it into an unsigned char, possibly even altering it?

What I am looking for in a nutshell is the C version of QBASIC's PEEK and POKE, and DEF SEG commands. I am trying to upgrade an old program, written in QBASIC, in which I have recently renewed interest, to C (well, C++ actually, but I figured I'd be better off asking low level stuff in here) and I'm stumped. I'd rather not resort to asm, but any solution is better then nothing.

You can try access whatever in your address space, but if you try access something you shouldnt you will raise an access violation...

Tell me what PEEK, POKE & DEF SEG do and what you are trying to do....

You dont need to bother too much with segments as windows programs operate in a 4GB flat address space (therefore any 32bit pointer can access any memory for the address space)

To access a byte or assign a byte you just need a pointer to that byte.....

Code:

#include <iostream>
using namespace std;


struct MYSTRUCT{
	int x;
	int y;
	int z;
};
	
	
	
	
int main(){

	MYSTRUCT MyStruct = {10,20,30};//area of memory with some data
	int *PtrInt = NULL;

	/*Show what the data is*/
	cout << "Values = " << MyStruct.x << " ";
	cout << MyStruct.y << " " << MyStruct.z << endl;

	/*Assign pointer to start of data*/
	PtrInt = &MyStruct.x;

	/*Pointer address*/
	cout << "Start of memory. Address = " << PtrInt << endl;

	/*Move up 2 * sizeof(int)*/
	PtrInt += 2;

	/*Report new memory address for pointer*/
	cout << "After increment. Address = " << PtrInt << endl;

	/*Show the value found in that memory*/
	cout << "Found Value " << *PtrInt << endl;

	/*Increase that value in memory*/
	*PtrInt += 10;

	/*Show what the data is again*/
	cout << "New Values = " << MyStruct.x << " ";
	cout << MyStruct.y << " " << MyStruct.z << endl;

	return 0;
}

but what are you trying to do?

It is much less intimidating in a variable-pitch font.

So, combining that with previous knowledge, the highest order bit (128) is the status of insert, the second highest (64) the status of Caps Lock, 32 is Numlock, 16 scroll lock, 8 alt, 4 ctrl, 2 the left shift, and 1 the right shift.

And XORing that particular bit against 112 and tripping INT 16 AH=2 will cause the lights on the keyboard to flash, sans massivesoft code.

Originally posted by Imperito
I stopped by #winprog to get some opinions, and apparently modern Windows doesn't allow you to just waltz over to a memory address of your choosing and tweak it, like you could in DOS.

I guess I'll have to go down to massivesoft HQ with the invoice that proves that it is my memory, bought and paid for, and tell them that if I wanna mess with it they better damn well let me!

What you are trying to do can only be done by a prog running in protected mode........ans a decent OS wont allow you to do that easily......

The first bit of advice you posted was the best :-

Code:

First, if you just don't want NumLock turned on when you reboot, check
your system's setups. (Press a special key like Del at boot time, or run
the setup program supplied with your system.) Many systems may have an
option in setup to turn NumLock off at boot time.

Originally posted by Imperito
Thats not really what I am trying to do.

As for direct memory access, I have been directed to a kernel DLL that opens it up, as well as some possible API calls that would (nonportably) do what I am looking for.

That or I could just reinstall DOS.

Ok....I'll level with you - I dont understand what it is you want.......

I may have missed what you are looking for, but .....well.....

Anyway......if you want to set the NumLock key do something like

Code:

#include <Windows.h>


int main()

{ 
 
	DWORD dwFlags = KEYEVENTF_EXTENDEDKEY;

	keybd_event(VK_NUMLOCK,NULL,dwFlags,NULL);

	dwFlags |= KEYEVENTF_KEYUP;

	keybd_event(VK_NUMLOCK,NULL,dwFlags,NULL);

	return 0;

}

This isn't rocket science.

Peek means 'retrieve'
poke menas 'assign'

'Peek' at an address location. or 'Poke' something into an address location.

The direct correlation in C is to use a pointer. Now pointers confuse a lot of people, so the _easy_ way to get the compiler to do the same thing is to use array notation.

Look at this:

Let's say you have some RAM:

Code:

Address     RAM Bytes
-----------------------------------------------------
00000000     29 64 E7 D3 9A 62 4A AA
00000008     D7 00 00 00 3A 65 B4 E9
00000010     B9 66 07 FF E7 F7 00 00
00000018     3A 65 B4 E9 29 64 E7 D4
00000020     07 FF E7 F7 D3 9A 62 4A
...

Further let's say that you want to 'peek' at the memory in location 0x10 (above). let's view the code:

Code:

unsigned char  *myByteP;
unsigned char  theChar;

myByteP = 0x00000010;               /* set pointer to address 0x10 */
theChar = myByteP[0];                 /* PEEK - same as 'theChar=*myByteP;' */
myByteP[0] = 0x05;                      /* POKE - same as *myByteP=0x05;' */

and the RAM would look like this when done:

Code:

Address     RAM Bytes
-----------------------------------------------------
00000000     29 64 E7 D3 9A 62 4A AA
00000008     D7 00 00 00 3A 65 B4 E9
00000010     05 66 07 FF E7 F7 00 00
00000018     3A 65 B4 E9 29 64 E7 D4
00000020     07 FF E7 F7 D3 9A 62 4A
...