-2

I sm trying to scan a system's memory.

My plan : Create pointers to point to memory, And move this pointer up one byte each loop.

So this is what i came up with :

#include <stdlib.h>
#include <stdio.h>
#include <string.h>

const char *MemAdressPointer(int n);

int main(void) {

    int i = 0;
    for(i = 0; i<100; i++)
    {
        const char* pAddr = MemAdressPointer(i+5000);
        printf("%c hexadecimal value of : 0x%p with i at : %i\n", *pAddr, pAddr, i);
    }
    getchar();
    return 0;
}

const char *MemAdressPointer(int n)
{
    void *p1 = (void*) n;

    const char* p2;
    p2 = p1;

    return p2;
}

Everything, at least that i know of, works.

It prints the good memory address.

But when i print the character (%c) it just stops responding

It is weird, the pointer, being a character,

shouldn't it point to one byte and get this byte's binary value

and get the corresponding character out of it.

Thanks for any help you can give me.

Begah
  • 128
  • 9
  • 6
    So you just access memory addresses 5000 thru `5000+100*sizeof(int)` and expect this to run without a problem? Well, good luck with that. Most chances are you'll be performing an illegal memory access at some point during the execution of your program (although you're only reading, not writing, but it's still looks quite unsafe). In any case, as a formal answer to your question - your code yields undefined behavior (the illegal memory access is the practical answer). – barak manos Nov 11 '14 at 17:09
  • 2
    By the way, if you're running over virtual memory address space, then your program will be testing virtual addresses, **not** physical ones. In other words, you'll be reading at an offset from the base address into which your process was loaded by the OS (which may be different every time you run your program, or even every time the OS swaps it in and out of memory). – barak manos Nov 11 '14 at 17:12
  • Made a mistake with the `5000+100*sizeof(int)` there. Should be simply 5099 (including). The rest of the comment sustains... – barak manos Nov 11 '14 at 17:16

2 Answers2

3

That is not how modern operating systems work. You cannot simply read out the systems ram, because applications memory is virtualized and also the OS prohibits direct access due to security policies.

The OS may offer some API to access other processes memory (assumed you have the rights to do). On Win32Api this is ReadProcessMemory.

May be some other OS API allows the direct read out of the systems address space. You may dig into How do you read directly from physical memory?

Community
  • 1
  • 1
vlad_tepesch
  • 6,681
  • 1
  • 38
  • 80
0

Didn't your compiler throw below warning:

warning: cast to pointer from integer of different size

In the function MemAdressPointer() you are doing:

void *p1 = (void*) n;/* which is wrong */
Gopi
  • 19,784
  • 4
  • 24
  • 36
  • No, the compiler didn't throw me any exception, it just stopped responding at the print("%c", *pAddr); piece of code. – Begah Nov 11 '14 at 17:38
  • Pointer to a variable? No this is wrong it should be address of a variable . Even with this change you have an undefined behavior here . – Gopi Nov 11 '14 at 17:42