I am learning pointers in the C language. Using pointers I can retrieve the memory location of a variable defined in my program. Since it resides in memory can we access it's location as well as it's values outside the scope of the c prgram using other coding techniques.
Asked
Active
Viewed 172 times
1
-
Do you have kernel permissions? – Leeor Dec 12 '15 at 12:54
-
@Leeor i don't have knowledge of about this kernal permission . I am just curious to know. I have just started to learn think deeply in programming – Darshan Makwana Dec 12 '15 at 12:59
-
Are we on Linux? or on some other esoteric OSes? – Déjà vu Dec 12 '15 at 13:22
-
1Try reading about the stack and the heap. http://stackoverflow.com/questions/79923/what-and-where-are-the-stack-and-heap – Nuetrino Dec 12 '15 at 13:24
-
@ringø Yes i have dual boot os windows and ubuntu linux – Darshan Makwana Dec 12 '15 at 13:24
-
It's not clear what exactly you are after, if you don't meant to do this programmatically, how exactly do you want to access it? Probing bus transactions with some equipment? Sniffing network packets? Exploiting a security vulnerability? Listening to capacitors discharging in the cache? – Leeor Dec 12 '15 at 13:32
-
@Leeor I just want to acces it location of memory and its value of variable in c program reside in location without using c program but using some other method such as using unix terminal – Darshan Makwana Dec 12 '15 at 13:36
1 Answers
1
On Linux you have read access to the memory of a process, via /proc/${pid}/maps, as greatly explained here.
Now to find where is the memory segment of a particular variable is another story.
If you wrote the program, you may pack the variable in a "packed" structure, in between two long char arrays in which you put some defined bytes which sequence is unlikely to appear naturally in a process (i.e. not 0,0,0 ... but a bunch of random-like bytes you know and keep stored somewhere else). This compiled with no optimization, -g to generate and keep the symbols table.
Then with the read (2) function you should be able to find easily the first char array (the 2nd one is showing where the variable ends), and then access the variable.
But if you wrote the program, you may well use gdb to analyze its data while running ..
If you didn't write the program, and this is probably more what you are interested in, you can still
- use tools to view the the process memory, access
/proc/${pid}/maps - generate a core dump of the process (crash the process and store its core memory on disk)
but then, this is the difficult part, how can you locate the variable?
- if the running program has still its symbol table (not stripped), this answer (similar to above) is of help
- if the running program is stripped, like most of what is running on Linux, then ... you may look at strings, values in memory and try, by dichotomy, to catch your variable, but that won't be easy.
-
Can we read value 0f symbol table because symbol table has address and location that point to? – Darshan Makwana Dec 12 '15 at 13:47
-
If the program has still its symbols table, use "1st dot" in the "didn't write the program" section (of the answer). Basically follow [instructions here](http://stackoverflow.com/questions/68160/is-it-possible-to-get-a-core-dump-of-a-running-process-and-its-symbol-table), use *gdb* to explore the process content. – Déjà vu Dec 12 '15 at 13:49