- Forum
- Windows Programming
- Proces and Memory
Proces and Memory
Hello everyone I am currently trying to develop a memory scanner.
And I am having some trouble with the memory.
After calling VirtualQueryEx() to get the memory region I call ReadProcessMemory() and read the entire buffer everything is going great until I hit the process of my program. It starts as normal memory usage goes true the roof and it crashes giving me this error.
So I tried several ways of not opening my process. But with no success.
hOpenProcess being a handle that is retrieved with OpenProcess().
I also tryd like this + several other methods
If anyone can steer me in the right direction it would be greatly appreciated.
And also when scanning true processes it do not seem to be allot of humanly readable content.
I wouldn't expect it to be allot of it but some atleast. Like if I have notepad up with my nick in an unsaved .Txt file shouldn't I be able to read that from memory.? Some sort of pattern recognition I can do to sort out what's what maybe? I dont mean to search for WetCode in a string i know how to do that :p . But somthing i need to do in order to make the data in the buffer look meaning full to humen eys?
Cheers
WetCode.
Edit: I`am using Code::Blocks 10.05 on Windows 7 64 bit if anyone would want to know
And I am having some trouble with the memory.
After calling VirtualQueryEx() to get the memory region I call ReadProcessMemory() and read the entire buffer everything is going great until I hit the process of my program. It starts as normal memory usage goes true the roof and it crashes giving me this error.
bytes To Read: 577536 EndOfBUffer......................... bytes read 577536 from: VirtualQuery.exe bytes To Read: 1282048 EndOfBUffer......................... bytes read 1282048 from: VirtualQuery.exe terminate called after throwing an instance of 'std::bad_alloc' what(): std::bad_alloc This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. Process returned 3 (0x3) execution time : 18.741 s Press any key to continue. |
So I tried several ways of not opening my process. But with no success.
|
|
hOpenProcess being a handle that is retrieved with OpenProcess().
I also tryd like this + several other methods
|
|
If anyone can steer me in the right direction it would be greatly appreciated.
And also when scanning true processes it do not seem to be allot of humanly readable content.
I wouldn't expect it to be allot of it but some atleast. Like if I have notepad up with my nick in an unsaved .Txt file shouldn't I be able to read that from memory.? Some sort of pattern recognition I can do to sort out what's what maybe? I dont mean to search for WetCode in a string i know how to do that :p . But somthing i need to do in order to make the data in the buffer look meaning full to humen eys?
Cheers
WetCode.
Edit: I`am using Code::Blocks 10.05 on Windows 7 64 bit if anyone would want to know
Last edited on
Ok so I don't know but I removed a part of the if statement and it dosent crash on scanning it self.
However it do crash when it try to read out a substr from the buffer I converted to a string.
If I remove this line of code my program runs fine...
Can anyone please help me with this, as you sourly all have guest I am a noob trying to learn.
And for now I am only trying to learn to work with the memory before I go about trying to make my own cheat engine. Thanks to everyone how takes there time to look at my problem.
Program output:
Cheers
However it do crash when it try to read out a substr from the buffer I converted to a string.
MatchFound= Buffer.substr(FoundPos - 8, 12);If I remove this line of code my program runs fine...
Can anyone please help me with this, as you sourly all have guest I am a noob trying to learn.
And for now I am only trying to learn to work with the memory before I go about trying to make my own cheat engine. Thanks to everyone how takes there time to look at my problem.
Program output:
bytes To Read: 4096 EndOfBUffer......................... bytes read 4096 from: notepad.exe bytes To Read: 8192 terminate called after throwing an instance of 'std::out_of_range' what(): basic_string::substr This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. Process returned 3 (0x3) execution time : 6.806 s Press any key to continue. |
Cheers
The first issue you are describing is because you're hitting an infinite loop. I'd imagine you are dynamically allocating the memory for the memory you are copying? This will lead to your process copying itself recursivley into itself which is why you get the "std::badalloc", it means no more memory can be allocated because you've used it all. You need to focus on reading one process at a time.
Last edited on
Yes that's was my tout to there is only 1 process open at the time and its goes true a loop using VirtualQueryEX to get the first memory block and size. Thing is that when I removed the first part of my if statement.
if ( /*( != ) && */(hOpenProcessATM != FALSE)) I don't get the same crash and the program executes fine.
But when delivering that buffer from ReadProcessMemory into my SearchFunction, it crashes almost immediately.
Not on the process of it self if I remove the line
Cheers
if ( /*( != ) && */(hOpenProcessATM != FALSE)) I don't get the same crash and the program executes fine.
But when delivering that buffer from ReadProcessMemory into my SearchFunction, it crashes almost immediately.
Not on the process of it self if I remove the line
MatchFound= Buffer.substr(FoundPos - 8, 12); it don't even seem to crash when I print the entyer char buffer out ether. Except it freezes due to some special characters ore somthing. But i whouldent want to search my program anyways so way is none if the if statments working? Thanks for your reply btw Computergeek01.Cheers
Last edited on
I forgot to check if the FoundPosision > -1 && FoundPosision != string::npos
Works now;)
Works now;)
Topic archived. No new replies allowed.