程序使用ReadProcessMemory扫描内存块以获取特定值。不幸的是,当我致电ReadProcessMemory时,我收到错误299.
void update_memblock(MEMBLOCK *mb)
{
//variables
static unsigned char tempbuf[128*1024];
size_t bytes_left;
size_t total_read;
size_t bytes_to_read;
size_t bytes_read;
size_t sizeMem;
size_t MemoryBase;
bytes_left = mb->size;
total_read = 0;
while (bytes_left)
{
bytes_to_read = (bytes_left > sizeof(tempbuf)) ? sizeof(tempbuf) : bytes_left;
ReadProcessMemory(mb->hProc ,mb->addr + total_read,mb->buffer, bytes_to_read, (SIZE_T*)&bytes_read);
if (bytes_read != bytes_to_read)break;
memcpy(mb->buffer + total_read, tempbuf,bytes_read);
bytes_left -= bytes_read;
total_read += bytes_read;
}
mb->size = total_read;
}
答案 0 :(得分:0)
Erorr Code 299(0x12B)ERROR_PARTIAL_COPY "只完成了ReadProcessMemory或WriteProcessMemory请求的一部分"
您之所以收到此错误,是因为您正在尝试从未分配的页面中读取内存,并且#34;
您希望在每个内存页面上使用VirtualQueryEx(),这会产生MEMORY_BASIC_INFORMATION结构,其中包含2个注意变量:
状态:可以是MEM_COMMIT,MEM_FREE或MEM_RESERVE 保护:可以是Memory Protection Constants
中的任何一个你想循环遍历所有内存页面,在它们上面调用VirtualQueryEx()并跳过任何不好的页面。我想跳过所有状态的页面/区域!= MEM_COMMIT和Protect == PAGE_NOACCESS
这是一个伪代码示例:
MEMORY_BASIC_INFORMATION mbi = { 0 };
while (LoopingThroughTheMemories.bat)
{
if (!VirtualQueryEx(hProc, currentMemoryAddress, &mbi, sizeof(mbi))) continue
if (mbi.State != MEM_COMMIT || mbi.Protect == PAGE_NOACCESS) continue;
//good mem region, do ReadProcessMemory() stuffs
}