Accessing an integer from memory

Question

I am trying to learn how to access values from memory. To learn this I made 2 programs in C using Visual Studio Code. One of which just prints it's process id along with assigning then printing the new integer (it then runs in an infinite loop). here is the following output when ran from my cmd.

Process ID: 4209760
Integer Value: 123456  Memory Location: 0061FF14

I then have a second C program that runs in my cmd which attempts to read the above integer's value (aka 123456). Here is what my code looks like.

int main()
{
printf("Test 1 \n");

DWORD access = PROCESS_ALL_ACCESS;
DWORD pid = 4209760;
HANDLE hProcess = OpenProcess(access, FALSE, pid);

printf("Test 2 \n");

if(hProcess == NULL) {
    printf("OpenProcess Failed GetLastError: %d \n", GetLastError());
    system("pause");
    return EXIT_FAILURE;
}

printf("Test 3 \n");

int memoryAddress = 0x0061FF14;
int intRead = 0;

BOOL rpmReturn = ReadProcessMemory(hProcess, (LPCVOID) memoryAddress, &intRead, sizeof(int), NULL);

printf("Test 4 \n");

if (rpmReturn == FALSE) {
    printf("ReadProcessMemory failed. GetLastError = %d \n", GetLastError());
    system("pause");
    return EXIT_FAILURE;
}

printf("INT READ: %i \n", intRead);

return EXIT_SUCCESS;
}

When I run this I get an error right after Test 2 (at hProcess == NULL) which yields error code 87. Looking this error code up here https://learn.microsoft.com/en-us/windows/win32/debug/system-error-codes--0-499- gives me an invalid parameter error. But when I hover over OpenProcess it says that my parameters should be DWORD, BOOL, and DWORD which is what I provided any ideas what is going on? Furthermore, when I decided to comment out that null check I got another error (Error code 6) in the if statement right after Test 4. This error code just meant that I used an invalid HANDLE which cemented the fact that the problem was originating from a parameter issue with hProcess.

One last thing while looking into this topic I noticed that people used "uintptr_t" as the variable type for memoryAddress which is "an unsigned integer type that is capable of storing a data pointer". However this seems to only be a C++ implantation and my worry is using a normal int will cause issues after I figure out this parameter issue out. I could use unsiged int as the variable type but I am not sure if that is equivalent to uintptr_t in this context.

I also tried to run my programs in administrator mode but that did not change the outcome. Does anyone have any idea what is going on?

Edit: Here is what my first program looks like.

int main() {

int varInt = 123456;

printf("Process ID: %i \n", GetCurrentProcessId);
printf("Integer Value: %i  %p \n", varInt, &varInt);

while(true) {
    if(getchar()) {
        printf("Shutting Down");
        return EXIT_SUCCESS;
    }
}
printf("Error Shutting Down");
return EXIT_FAILURE;
}

"Invalid parameters" doesn't mean the types, as that's checked by the compiler. It's rather the *values* of the parameters that are invalid. — Some programmer dude, Oct 27 '22 at 06:45
"However this seems to only be a C++ implantation" `uintptr_t` has been standard C for over 20 years. — Lundin, Oct 27 '22 at 06:47
First hit on google: https://stackoverflow.com/questions/1845482/what-is-the-uintptr-t-data-type — Lundin, Oct 27 '22 at 06:51
@Someprogrammerdude Why would the values be invalid? I ran the first program with this printf("Process ID: %i \n", GetCurrentProcessId); before then adding the updated values to my new project before compiling it. — IDontWantToMakeAnotherAccount, Oct 27 '22 at 06:51
@Lundin Oh thank you I probably missed it because it was not tagged with C but I included and it works now thank you! — IDontWantToMakeAnotherAccount, Oct 27 '22 at 06:53
Is it `printf("Process ID: %i \n", GetCurrentProcessId);` as in your comment, or `printf("Process ID: %i \n", GetCurrentProcessId());`? Consider adding the code for the other program to your question as well. — Retired Ninja, Oct 27 '22 at 06:57
While you change and rebuild this program, is the other program still running (and keeps its pid)? — Some programmer dude, Oct 27 '22 at 07:02
@Someprogrammerdude Yes its left in an infinite loop just a basic while(true) loop. — IDontWantToMakeAnotherAccount, Oct 27 '22 at 07:06
@RetiredNinja I added the code from my first program into my original question above. — IDontWantToMakeAnotherAccount, Oct 27 '22 at 07:16
With `printf("Process ID: %i \n", GetCurrentProcessId);` you print the low 32 bits of the pointer to the function `GetCurrentProcessId` itself. You don't actually call the function. See the comment by @RetiredNinja. — Some programmer dude, Oct 27 '22 at 07:19
@Someprogrammerdude Oh thank you for pointing that out I must of missed it. Funny thing is I ran taskkill and it printed out a completely different id which confused me till now thanks! Its working correctly now! — IDontWantToMakeAnotherAccount, Oct 27 '22 at 07:28
Didn't you get a compiler warning? Then raise the warning level to the maximum! — the busybee, Oct 27 '22 at 14:34
A serious compiler (called with maximum warning level) will moan because of wrong data types. `GetCurrentProcessId` is not an `int`. — the busybee, Oct 27 '22 at 19:54

Accessing an integer from memory

0 Answers0