Can Use VirtualAllocEx( ) to Get Memory from Other Process?
-
MSDN says we can use VirtualAllocEx() to obtain memory from another process. When I testify this, VirtualAllocEx(MEM_RESERVER|MEM_COMMIT) succeeded, but when I tried to write to the buffer, most often it caused GPF! Here is my sample codes: // Create a child process and obtain its handle. // Use the handle to allocate memory with VirtualAllocEx(). // Then use the return buffer to do data copying, etc... ----------------------------------------------------------------- ... CreateProcess( OtherProcess, NULL,NULL, NULL, TRUE, CREATE_SUSPENDED , NULL, NULL, &si, &pi ); pBase = (char*) VirtualAllocEx ( pi.hProcess, NULL, iSize, MEM_RESERVE, PAGE_NOACCESS ); pBuffer = (char*) VirtualAllocEx ( pi.hProcess, pBase, iSize, MEM_COMMIT, PAGE_READWRITE); ZeroMemory( temp, iSize); // *** Add this line causes GPF at the end of the program*** VirtualFreeEx( pi.hProcess, pBase, 0, MEM_DECOMMIT); VirtualFreeEx( pi.hProcess, pBase, 0, MEM_RELEASE); ..... ResumeThread( (HANDLE ) pi.hThread); CloseHandle( pi.hProcess ); CloseHandle( pi.hThread ); ... ----------------------------------------------------------------- It seemed everything were OK as all the function calls all succeeded. However, the program could encounter GPF upon end of main(). Obviously it was caused by the ZeroMemory() write action. If no write action was performed, then no problem arised. And if only wrote few hundread bytes to the return buffer, it could have no problem either. I think I could have make some mistakes here but I still couldn't find out the reason after carefully examining all the possibilities. Can somebody give me insight on this! Other than FileMapping or WM_COPYDATA, I really want to use another approach like VirtualAllocEx() to share data among different processes. Thanks for help.
-
MSDN says we can use VirtualAllocEx() to obtain memory from another process. When I testify this, VirtualAllocEx(MEM_RESERVER|MEM_COMMIT) succeeded, but when I tried to write to the buffer, most often it caused GPF! Here is my sample codes: // Create a child process and obtain its handle. // Use the handle to allocate memory with VirtualAllocEx(). // Then use the return buffer to do data copying, etc... ----------------------------------------------------------------- ... CreateProcess( OtherProcess, NULL,NULL, NULL, TRUE, CREATE_SUSPENDED , NULL, NULL, &si, &pi ); pBase = (char*) VirtualAllocEx ( pi.hProcess, NULL, iSize, MEM_RESERVE, PAGE_NOACCESS ); pBuffer = (char*) VirtualAllocEx ( pi.hProcess, pBase, iSize, MEM_COMMIT, PAGE_READWRITE); ZeroMemory( temp, iSize); // *** Add this line causes GPF at the end of the program*** VirtualFreeEx( pi.hProcess, pBase, 0, MEM_DECOMMIT); VirtualFreeEx( pi.hProcess, pBase, 0, MEM_RELEASE); ..... ResumeThread( (HANDLE ) pi.hThread); CloseHandle( pi.hProcess ); CloseHandle( pi.hThread ); ... ----------------------------------------------------------------- It seemed everything were OK as all the function calls all succeeded. However, the program could encounter GPF upon end of main(). Obviously it was caused by the ZeroMemory() write action. If no write action was performed, then no problem arised. And if only wrote few hundread bytes to the return buffer, it could have no problem either. I think I could have make some mistakes here but I still couldn't find out the reason after carefully examining all the possibilities. Can somebody give me insight on this! Other than FileMapping or WM_COPYDATA, I really want to use another approach like VirtualAllocEx() to share data among different processes. Thanks for help.
macauit wrote: ZeroMemory( temp, iSize); What is "temp"? It's not defined anywhere in your code...
Ryan
"Punctuality is only a virtue for those who aren't smart enough to think of good excuses for being late" John Nichol "Point Of Impact"
-
MSDN says we can use VirtualAllocEx() to obtain memory from another process. When I testify this, VirtualAllocEx(MEM_RESERVER|MEM_COMMIT) succeeded, but when I tried to write to the buffer, most often it caused GPF! Here is my sample codes: // Create a child process and obtain its handle. // Use the handle to allocate memory with VirtualAllocEx(). // Then use the return buffer to do data copying, etc... ----------------------------------------------------------------- ... CreateProcess( OtherProcess, NULL,NULL, NULL, TRUE, CREATE_SUSPENDED , NULL, NULL, &si, &pi ); pBase = (char*) VirtualAllocEx ( pi.hProcess, NULL, iSize, MEM_RESERVE, PAGE_NOACCESS ); pBuffer = (char*) VirtualAllocEx ( pi.hProcess, pBase, iSize, MEM_COMMIT, PAGE_READWRITE); ZeroMemory( temp, iSize); // *** Add this line causes GPF at the end of the program*** VirtualFreeEx( pi.hProcess, pBase, 0, MEM_DECOMMIT); VirtualFreeEx( pi.hProcess, pBase, 0, MEM_RELEASE); ..... ResumeThread( (HANDLE ) pi.hThread); CloseHandle( pi.hProcess ); CloseHandle( pi.hThread ); ... ----------------------------------------------------------------- It seemed everything were OK as all the function calls all succeeded. However, the program could encounter GPF upon end of main(). Obviously it was caused by the ZeroMemory() write action. If no write action was performed, then no problem arised. And if only wrote few hundread bytes to the return buffer, it could have no problem either. I think I could have make some mistakes here but I still couldn't find out the reason after carefully examining all the possibilities. Can somebody give me insight on this! Other than FileMapping or WM_COPYDATA, I really want to use another approach like VirtualAllocEx() to share data among different processes. Thanks for help.
For performing some write operations in memory allocated by VirtualAllocEx() use WriteProcessMemory() function. Other functions often raise an exception when used to write in memory of another process.