?
Solved

How to get data segement, .bss and heap area offsets of a process?

Posted on 2010-01-11
2
Medium Priority
?
310 Views
Last Modified: 2013-11-20
Hi,

I've got a handle to a running process (launched externally to my app) and can read various vals from its memory area using readProcessMemory, but I was wondering if there is a simple way to obtain the offset (from image base) of the Data area (in particular, separate offsets for the start of the data segment, .bss area and heap?). (Win32 / MFC).

Thanks if you can help!
Chris J
0
Comment
Question by:chrispauljarram
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 33

Accepted Solution

by:
pgnatyuk earned 2000 total points
ID: 26288411
If you a static variable has a special value, for example it is a string that begins from 'zzzvvtttss', you can find it it he executable. It's simple. Other things are not simple at all.
If you build your project with "Generate map-file", it is possible to find the functions.

If you don't have these links about PE format:
http://msdn.microsoft.com/en-us/magazine/cc301805.aspx
http://msdn.microsoft.com/en-us/library/ms809762.aspx
http://msdn.microsoft.com/en-us/library/ms680330(VS.85).aspx

CodeProject (source code is here):
http://www.codeproject.com/KB/system/inject2exe.aspx
http://www.codeproject.com/KB/tips/PE_File.aspx
http://www.codeproject.com/KB/tips/Self-generating-code.aspx
0
 

Author Closing Comment

by:chrispauljarram
ID: 31676271
Cheers pgnatyuk, I think I can derive what I need from that - actually for the most part the image never changes, and it looks like I can just read the data area start address from the PE header (and offset the image base) for the majority of my purposes.

Thanks again for the quick response :)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Dialogs (2) modeless dialog and a worker thread.  Handling data shared between threads.  Recursive functions. Continuing from the tenth article about sudoku.   Last article we worked with a modal dialog to help maintain informat…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month11 days, 2 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question