2

Is it possible to get data from a memory address that memory leak by other program? Like the below code:

struct Person {
    char *name;
    int age;
    int height;
    int weight;
};
struct Person *who = malloc(sizeof(struct Person));
who->name = "STACK";
who->age = 23;
who->height = 72;
who->weight = 55;

if I didn't Free free(who); then is it possible to get data from that memory address?

Iharob Al Asimi
  • 52,653
  • 6
  • 59
  • 97
H.R. Shadhin
  • 156
  • 1
  • 4
  • 12
  • 1
    Mostly if you exit from a program the memory is freed.It can not be used by other program when your program is running. – Vagish Mar 05 '15 at 11:21
  • Yes of course it is, I don't understand what is your question, memory leak doesn't mean not to call `free()` it means that you for example do this `who = malloc(...)` immediately after the code above, and now you **can't call `free()` on the old pointer**. – Iharob Al Asimi Mar 05 '15 at 11:21
  • 1
    @Vagish that will work as long as `name` is not used outside of the assignment scope. – Iharob Al Asimi Mar 05 '15 at 11:22
  • possible duplicate of [How is it possible to access memory of other processes?](http://stackoverflow.com/questions/1989783/how-is-it-possible-to-access-memory-of-other-processes) – Simon MᶜKenzie Mar 05 '15 at 11:38
  • It is not possible for processes to read each other memory. There are APIs to create "Shared Memory" which can be shared between processes but that isn't happening here. – AnthonyLambert Mar 05 '15 at 13:11

2 Answers2

2

Memory leaks and accessing data from other processes are two unrelated things.

Leaking or not, memory is confined by the operating system to a single process.

To access other process memory, you need to ask the operating system with specific functions like ReadProcessMemory() on windows. Usually it will require administrator privilege level.

Now for "leaks". A leak occurs when you repeatedly fail to free a block of memory, so that over time an increasing amount of process memory is not reclaimed, causing ever increasing unneeded memory consumption.

When you do free a memory block, the memory allocator itself might write some bookkeping and/or debug data into it, so freeing a block of memory is likely to alter its contents even if it is not re-allocated later (and very likely overwritten by new contents).

Seen from a "spy" which has no knowledge of how a given process uses it, the memory is just a big chunk of binary data, so there is no difference between a "live" or "leaked" allocated block.

Either the "spy" knows about the spied process memory organization and can decode its data precisely, or it just has to guess.

kuroi neko
  • 8,479
  • 1
  • 19
  • 43
1

If you don't initialise the memory/structure that 'who' points at it will contain whatever already exists at that memory location, If you use the structure's member variables to examine that memory you most likely will get very strange results as the memory could contain anything. That memory could contain values from earlier activity in the current program or indeed memory set by a previous process. This maybe what is confusing you when looking at this in a debugger? At run time one process can not look at another processes memory - unless you create shared memory.

If you use calloc instead of malloc it clears the returned memory to all 0's first.

The Difference Between Calloc and Malloc

Community
  • 1
  • 1
AnthonyLambert
  • 8,768
  • 4
  • 37
  • 72