Pointer arithmetic and scope 1

[mbozza]

I'm writing a memory viewer which can both display a block of process memory and dump it to file. The following function works fine.

void SomeFunction(void)
{
char* buf = (char*) 0x00123ABC;

for(int i = 0; i < bigNumber; i++)
{
fprintf(fp, "%x", *buf);
}
}

However if I try this below, the program crashes.

DWORD* temp = (DWORD*)0x00123ABC;
DWORD currAddr = *temp;

void someFunction(void)
{
char* buf = (char*) currAddr;

for(int i = 0; i < bigNumber; i++)
{
fprintf(fp, "%x", *buf); // program crash
}
}

I have to get something along these lines working as I need to be able to change what buf is pointing to from outwith the function, in order to 'page' through memory. The real function isn't void but I don't want to pass in currAddr (I still don't think that would solve it anyway).

I've come across this issue before and after a bit of experimenting, I think I've narrowed the problem down to a general case:

// variable with file scope
DWORD* somePtr = (DWORD*) 0x00123ABC;

void someFunction(void)
{

somePtr++; //crashes program
}

If somePtr has global scope, why can't I perform pointer arithmetic on it from within the function?

Compiling with MSVC++ 6.0

 

[PerFnurt]

I assume you get a
"First-chance exception in YourApp.exe: 0xC0000005: Access Violation."

What makes you think you've got access to the data at 0x00123ABC?

I'd expect even the first program to crash.



/Per

_{www.perfnurt.se}

 

[mbozza]

Thanks for the reply

"What makes you think you've got access to the data at 0x00123ABC?"

The code is in a dll, which is loaded by the program. The memory in question has at least read permission.

"I'd expect even the first program to crash."

The first function works fine.

Refering to the last bit of code above, this is an example of the sort of thing I've been doing:

// variable with file scope
DWORD* somePtr = (DWORD*) 0x00123ABC;

void someFunction(void)
{
    DWORD* derivedPtr = (DWORD*)*somePtr;
    // do something with derivedPtr
}

But if I try to do something in the function with the original ptr, somePtr, the program crashes. The memory at somePtr has at least read access, if not read/write/execute access.

 

[Captrick458]

mbozza:

I can't find anything wrong with

// variable with file scope
DWORD* somePtr = (DWORD*) 0x00123ABC;

void someFunction(void)
{

somePtr++; //crashes program
}

as a matter of fact it compiles and works just fine on
my system.

On the other hand:



DWORD* temp = (DWORD*)0x00123ABC; //temp=0x00123ABC
DWORD currAddr = *temp; //currAddr has whatever is contained
//at the address 0x00123ABC

void someFunction(void)
{
char* buf = (char*) currAddr;//buff now contains the
//contents of address 0x00123ABC
//but thinks it is a pointer

for(int i = 0; i < bigNumber; i++)
{
fprintf(fp, "%x", *buf); // program crash
}
}

I'm not certain why all the mechanations, why DWORDs, etc. but I think that you might have some luck with either setting char *pChar = 0x123..., and then just incrementing the pointer, or change the second line to DWORD *currAddr = temp.

Of course, if 0x123ABC is a **, then all bets are off.

Hope this helps, Rick