- Forum
- Windows Programming
- Reading memory
Reading memory
Making a simple memory editor, using the ReadProcessMemory method, but I have a question about memory that I cant seem to find anywhere by gewgling, i guess i just dont know the right search terms.
My call looks something like this:
ReadProcessMemory(hProcess, dAddress, &Buffer, 4, Null)
And of course the MSDN library is the most cryptic thing to make heads or tails of so a little help would be nice! That 4 in there has something to do with the number of bytes to read, making it lower gives me a smaller return ie '3433' instead of '343353456' but making it anything higher then 5 causes a windows error. Now I realize every memory address stores a value...or null, but by using '4' will I always retrieve all data at that memory address?
If all that was nonsense straightening out is appreciated!
My call looks something like this:
ReadProcessMemory(hProcess, dAddress, &Buffer, 4, Null)
And of course the MSDN library is the most cryptic thing to make heads or tails of so a little help would be nice! That 4 in there has something to do with the number of bytes to read, making it lower gives me a smaller return ie '3433' instead of '343353456' but making it anything higher then 5 causes a windows error. Now I realize every memory address stores a value...or null, but by using '4' will I always retrieve all data at that memory address?
If all that was nonsense straightening out is appreciated!
|
|
| nSize [in] The number of bytes to be read from the specified process. |
Well, that variable seems to decide how many bytes are read from process...although I don't know why 5 or more would give you an error.
@jsmith
you sure on that one? ive used memory editors before such as artmoney, well written on that note, and memory addresses contain data lengths of 1 byte, up to 10 byte floats and im sure possibly even a bit more if you stretch things?
@firedraco
it would seem as though im trying to get more bytes then are there, which would cause the overflow (hope thats the right term) and hence the error, so after digging for a few hours through the msdn library i havnt found anything else on how to check for a length of a value... did learn how to change the titles of other windows while they are running and move them around and stuff.. kinda neat but useless essentially
there must be some way.... ideas anyone? possibly outside of windows.h?
you sure on that one? ive used memory editors before such as artmoney, well written on that note, and memory addresses contain data lengths of 1 byte, up to 10 byte floats and im sure possibly even a bit more if you stretch things?
@firedraco
it would seem as though im trying to get more bytes then are there, which would cause the overflow (hope thats the right term) and hence the error, so after digging for a few hours through the msdn library i havnt found anything else on how to check for a length of a value... did learn how to change the titles of other windows while they are running and move them around and stuff.. kinda neat but useless essentially
there must be some way.... ideas anyone? possibly outside of windows.h?
100% positively sure.
Data types such as int, float, etc consume more than one byte of memory. The "address" of such a variable is the address of the 1st byte consumed by the data.
Data types such as int, float, etc consume more than one byte of memory. The "address" of such a variable is the address of the 1st byte consumed by the data.
I'm pretty sure sizeof(type) will get you what you want (I believe it returns the number of bytes).
Topic archived. No new replies allowed.