Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
31 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

CreateProcess and memory access

Started by
10 comments, last by no such user 13 years, 6 months ago
Hi!

I have a small process "A" which prints an address of a variable and keeps running.
I also have a process "B" which opens process "A" using "CreateProcessA" and it works fine.

But when I debug process "B" and check what's in that address (in the watch window)
I don't get the value that really exists in the variable in "A".

what is going on???

thanks :)
Advertisement
Processes each have their own address space. A memory address used by one process is more or less meaningless to another process without using system calls like ReadProcessMemory().
Quote:Original post by SiCrane
Processes each have their own address space. A memory address used by one process is more or less meaningless to another process without using system calls like ReadProcessMemory().


I know, but since process "A" for some reason took control of process "B"'s console I was hoping they might use shared memory. :)

ReadProcessMemory is the only way to do it?
There's no EASIER way than ReadProcessMemory.

You could also:

- Redirect stdout (it sounds like you're already doing this)
- Named pipes
- Memory mapped file (recommended if you have the source code for both programs)
- Windows messages
- Sockets
- Code Injection (last resort if you don't have the source code for one program)
Quote:Original post by Nypyren
There's no EASIER way than ReadProcessMemory.

You could also:

- Redirect stdout (it sounds like you're already doing this)
- Named pipes
- Memory mapped file (recommended if you have the source code for both programs)
- Windows messages
- Sockets
- Code Injection (last resort if you don't have the source code for one program)
Command line arguments and environment variables can also come in handy if you just want to pass on a couple of settings.
But can ReadProcessMemory read the process' stack itself?
I'm trying to read the return address of the method
so I'm getting the frame pointer, and read the value of the return value.
As far as I understand I'm supposed to get a value equals to m_stackframe.AddrReturn.Offset, but:

1. If I add the Esp to the frame pointer address - ReadProcessMemory returns false.
2. If I simply use the address frame offset - I get a wrong value.


//Reading the top method in the stack.bool ok = StackWalk64(IMAGE_FILE_MACHINE_I386,m_processInfo.Handle ,m_threadInfo.Handle, &m_stackframe,&m_threadContext,						  0,SymFunctionTableAccess64,SymGetModuleBase64,0);// the Esp register is the base address of the stack, right?DWORD baseAddressOfCallstack  = m_threadContext.Esp;// Getting the absolute address by adding the ESP to the stack frame address.	DWORD absoluteAddressInCallstack = m_stackframe.AddrFrame.Offset + baseAddressOfCallstack ;// Converting it to a pointer.	DWORD* addressInCallStack = (DWORD*)absoluteAddressInCallstack;	DWORD val = 0;	SIZE_T bytesRead = 0;// and trying to read it from the process...	ok = ReadProcessMemory(m_processInfo.Handle, addressInCallStack, (void*)&val, sizeof(DWORD),&bytesRead);



can anybody tell me what's wrong with it?
thanks :)
anybody? :(
AddrFrame.Offset doesn't mean what you think it means. It actually is the frame pointer address. It's not an offset into the stack.
Quote:Original post by no such user
AddrFrame.Offset doesn't mean what you think it means. It actually is the frame pointer address. It's not an offset into the stack.


Ok, so in order to read the return address directly from the stack:
ReadProcessMemory(m_processInfo.Handle, m_stackframe.AddrFrame.Offset, (void*)&val, sizeof(DWORD),&bytesRead);


should work, right?
because according to wikipedia (http://en.wikipedia.org/wiki/Call_stack)
the return address is just above the frame pointer... :)
Why would you read the return value from the stack? It's returned as one of the entries of the STACKFRAME64.

This topic is closed to new replies.

Advertisement

Popular Topics

Aybe One
How do you manage yourself and your time as years pass on? GDNet Lounge
Jikoob
Too many managers? General and Gameplay Programming
ReignOnU
Do your part to stop global warming and climate change GDNet Lounge
aigan
The promise of freedom in story games Game Design and Theory
robertrobert
Facebook Ads for sales on steam, does it work? Games Business and Law
AliAbdulKareem
Understanding the wavy-like shape in alpha-testing magnification for text rendering Graphics and GPU Programming
Advertisement

Recommended Tutorials

Myopic Rhino
Linux Game Development Part 4 General and Gameplay Programming
jbadams
Latency Matters in Online Gaming Business and Law
Myopic Rhino
Real-Time Rendering Chapter 6: Special Effects Graphics and GPU Programming
Gaiiden
Dynamic Resolution Rendering Graphics and GPU Programming
ivan.spasov
Crafting a Platformer Game Game Design and Theory

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top