tags:

views:

57

answers:

3
Q: 

Exploring Virtual Memory (ProcessWalker)

I was reading this article on MSDN "Managing Heap Memory in Win32"

And in it they are explaining about a tool called ProcessWalker.exe

In the article they explained that they can use this tool to explore the contents of virtual memory of any process.

  1. Does anyone know where I can download this tool from. Or maybe ProcessWalker might be deprecated. Does anyone know any other such tool?

  2. And I don't understand how is it even possible for such a tool to exist, wouldn't such a tool cause security breach?

A: 

njoy....

http://hotfile.com/dl/50825402/10ac867/ProcessWalker.rar.html

Vineel Kumar Reddy  2010-06-27 04:06:26
Well, I can't download stuff from some file share website.It has to be from a authenticated source.But anyway, my purpose is fulfilled by the sysinternals suite (as advised in Han's comment).
bits  2010-06-28 21:29:45
+1  A: 

The OS must keep information about virtual memory mappings of user processes. Tools such as runtime linkers and loaders explicitly manipulate virtual memory layout of a given process. All these are vital but normal services of the operating system as a whole.

Then there's the monitoring side - how much memory each process is using, what libraries are used by each, what's a page fault rate, etc. etc. All this must be available to userland tools.

The security side of things is managed with user and group permissions, or capabilities. Regular user must not be able to inspect memory of other user's process, but should be able to inspect his own. An administrator should then be able to access all the information provides by the system.

Nikolai N Fetissov  2010-06-27 04:43:03
+2  A: 

17 years is a really long time ago. Forget everything it says about GlobalAlloc and LocalAlloc. The SysInternals' VMMap utility does a similar job, it is excellent.

Hans Passant  2010-06-27 11:59:16
Thanks for the vmmap tip. I downloaded the entire sysinternals suite and found it very useful.
bits  2010-06-28 21:27:17
Although, I can't see the actual memory contents using vmmap, but thats okay... my intention was to learn virtual memory management, and its helping a lot.
bits  2010-06-28 21:28:12
Yes, staring at 2 gigabytes of hex dumps doesn't get you anywhere. You can get that from the debugger.
Hans Passant  2010-06-28 21:56:49

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS