tags:

views:

128

answers:

4
Q: 

how to find the address of data in memory?

i need to find a way how to find the address's for value of another program. i find the address before hand but i don't know how to find them again after i close and reopen the program with out searching for them again (i need the program to find them on it's own). anyone know how i can do this (sorry if im unclear i don't know how to explain it really) if your confused just ask and i'll try to make it clear

im using C++

+2  A: 

A program can find addresses of its own variables pretty easily (&variable). If it's cooperating in things, it can then send that to the other program by some normal IPC mechanism. The other program won't (normally) be able to do much with it directly though -- at least on a typical system (*BSD, Linux, Windows, etc.) each process will have memory mapped separately, so an address in one isn't directly usable in another.

Nearly all will provide some sort of debugging capability that lets you access one process' memory from another process, but how that works varies widely.

Jerry Coffin  2010-04-10 05:04:13
Why mention IPC as an option but dismiss shared memory as platform-specific? They are equally unportable.
Potatoswatter  2010-04-10 05:21:50
@Potatocorn:Because some of them aren't really very platform specific. Just for an obvious example, you can spawn the child process with `popen`, and the child writes the address to its standard output. Technically, that's not guaranteed 100% portable, but practically speaking, it's awfully close. Shared memory is much less so. Though it's a guess, I'm also guessing that the intent is something like a debugger and debuggee, where one process has primary responsibility, and the other undergoes only minimal adaptation.
Jerry Coffin  2010-04-10 05:42:33
Or use `mmap` and install a heap inside the shared memory. Although quick and dirty, it at least wouldn't be useless. But I'm not so clear there are two different programs as opposed to successive instances of one program, anyway.
Potatoswatter  2010-04-10 06:14:43
+1  A: 

After you close and reopen a program, the addresses are all randomized. There's no way to save an address for the next time you run.

Instead, you need to design a file structure for whatever data you have. Write it to a file, expressing structural relationships somehow other than addresses, and restore pointer-links when reading it back. This is called serialization.

Potatoswatter  2010-04-10 05:04:45
.. =\ i know they are put in a random... spot.also i can't write it to a file :\
blood  2010-04-10 16:34:51
+1  A: 

In theory, if you understand how the target program working and its internal data structure, you can find the address of the target variable, because each single byte of memory that is dynamically allocated during run time can always be found from some information statically known to code, except variables originated inside a function. However, practically, it's nearly impossible to understand a program by inspecting its binary representation. So you are out of luck:-)

A little more thoughts:

let me guess what you are trying to do: you want to stop an integer counting down in another process. If that the case, you can manually find the address by a game tool, then set a break point by a debugger to pause when the address is written, then make the break point to happen by different possible operations in the target program. This way you could identify which code are decreasing the value and possibly modify the EXE/DLL to disable these code. Chances are the target program will crash more often or does not entertain you any more, for the same code you disabled is used to decrease the energy of you and your opponents:-)

Codism  2010-04-10 05:24:58
=\ well i know the program very well but it's data is just placed in the next free area so i don't know how to find it with out searching memory. right now i just find one of the values and i know they are all in order so i can find them all then with a little math but i still have to find one. :(
blood  2010-04-10 16:23:27
By meaning knowing the program very well, I assume you have the source code of the program. In that case, you can modify the source code to put a "marker" data segment before the variable, for example:struct foo { char marker[8]={'0x23','0xfd',...}; int theVariable;}; then every time you just need to find the marker and you know the actual variable is right after it.
Codism  2010-04-10 20:52:03
:\ huh? i don't understand
blood  2010-04-11 00:35:07
+1  A: 
nhaa123  2010-04-10 05:55:25
Hmm i think is might work =3 how would i do that inject dll because i never have used one.
blood  2010-04-10 16:15:48
=3 k think this is what im going to try to use tyvm
blood  2010-04-12 00:28:17

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS