ReadProcessMemory + address from ollydbg
ag0aep6g via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Fri Jun 30 17:23:36 PDT 2017
On 07/01/2017 01:41 AM, bauss wrote:
> string ReadWinString(HANDLE process, DWORD address, size_t stringSize,
> string defaultValue = "") {
> if (!process || !address) {
> return defaultValue;
> }
>
> SIZE_T bytesRead;
> char[1024] data;
>
> if (!ReadProcessMemory(process,
> cast(PCVOID)address, cast(PVOID)&data,
The second cast still looks suspicious. PVOID is void*, right? Then any
mutable pointer type should implicitly convert to PVOID and you
shouldn't need the cast.
> stringSize, &bytesRead)) {
> return defaultValue;
> }
>
> auto s = cast(string)data[0 .. stringSize];
>
> return s ? s : defaultValue;
Here's an error that produces garbage.
`data` is a fixed-sized array, so the values are on the stack. That
means `s` points to the stack. You can't return a pointer to the stack.
It becomes invalid when the function returns. You can put it on the heap
instead: `auto s = data[0 .. stringSize].idup;`.
> }
More information about the Digitalmars-d-learn
mailing list