ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using ptrace function to read data from memory of other process.
It's equivalent of readprocessmemory() function from windows, but there is one difference.
4th argument of readprocessmemory is nSize, so if we want to read int it's needed to put there 4.
Similarly when we want to read long we put there 8, and when we want to read text we put there lenght of this text.
The problem with ptrace is that this function haven't nSize argument, and it returns all data as long.
For example, i have text like this in some process memory:
|T|E|X|T| - text
|1|2|3|4| - addresses
If I'd like to read this text on windows I'd call:
Well, you have to put it in a loop. Figure out how much data you want, where you want to get it from, where you want to put it, and get it four bytes at a time.
So your suggestion is to read characters one by one?
I think that's good idea but size of char is 1 byte, not 8 bytes.
ptrace reads 8 bytes so is there any way to read char with it?
So the idea is to read characters not one by one, not eight by eight, but four by four.
Thanks, but I have idea how to read them one by one.
I know that it'll work slower, but should be much more simple.
I found on other forum how to read one byte, it was something like this:
Code:
BYTE byte=(BYTE)ptrace(...);
Is it correct?
If it is, I could write simple loop:
Your code will almost work. It will be slower getting the data byte by byte, but your code will be simpler.
I'm assuming that what you want to read is a string, right, with a NUL byte at the end? You seem to be testing for a NUL byte as the termination condition.
A problem with your code is that you test for the NUL byte at the beginning of the loop, rather than at the end. And you don't initialize c to be anything in particular before you go into the loop. So if c contains all bits off when you go into the loop, you'll never actually execute the body of the loop.
So initialize c to something nonzero, anything at all between 1 and 255, (or between -128 and 127, but not including zero) before the for statement.
You could avoid that by using a do...while loop, because it would test c at the end of each time through the loop, not the beginning.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.