Main Page   Modules   Data Structures   File List   Data Fields   Examples  

simple.c

Example for using memgrep as a library. 

#include <stdlib.h>
#include <stdio.h>

#include "memgrep.h"

int main(int argc, char **argv)
{
        MEM_CTX        ctx;
        MEMGREP_RESULT result;
        MEMGREP_RESULT_ROW_DUMP *dump;
        unsigned long  replace[1];
        unsigned char  failed = 0;
        unsigned long  x;
        char           data[] = "Blah";

        if (argc == 1)
        {
                fprintf(stdout, "Must specify pid.\n");
                return 0;
        }

        memset(&ctx, 0, sizeof(ctx));

        do
        {
                if (!memgrep(&ctx, MEMGREP_CMD_INITIALIZE, NULL, MEMORY_MEDIUM_PID, atoi(argv[1]) & 0xFFFF))
                {
                        fprintf(stdout, "MEMGREP_CMD_INITIALIZE failed.\n");
                        break;
                }
        
                if (!memgrep(&ctx, MEMGREP_CMD_POPULATE, NULL, (unsigned long)"rodata", 0))
                {
                        fprintf(stdout, "MEMGREP_CMD_POPULATE failed.\n");
                        break;
                }
        
                if (!memgrep(&ctx, MEMGREP_CMD_SEARCH, &result, (unsigned long)"s,Test", 0))
                {
                        fprintf(stdout, "MEMGREP_CMD_SEARCH found no matches.\n");
                        break;
                }

                fprintf(stdout, "%lu matches were found.\n", result.numRows);

                for (x = 0; x < result.numRows; x++)
                {
                        MEMGREP_RESULT_ROW_SEARCH *search = (MEMGREP_RESULT_ROW_SEARCH *)result.rows[x];

                        fprintf(stdout, "  match found at %.8x\n", (unsigned int)search->addr);

                        if (x == 0)
                                replace[0] = search->addr;
                }

                memgrep(&ctx, MEMGREP_CMD_DESTROYRESULT, NULL, (unsigned long)&result, 0);

                fprintf(stdout, "Going to replace 'Test' at %.8x with 'Blah'.\n", (unsigned int)replace[0]);

                if (!memgrep(&ctx, MEMGREP_CMD_POPULATE, NULL, (unsigned long)replace, 1))
                {
                        fprintf(stdout, "MEMGREP_CMD_POPULATE failed.\n");
                        break;
                }

                if (!memgrep(&ctx, MEMGREP_CMD_REPLACE, NULL, (unsigned long)"s,Blah", 0))
                {
                        fprintf(stdout, "MEMGREP_CMD_REPLACE replaced 0 addresses.\n");
                        break;
                }

                fprintf(stdout, "Replace was successful!  Double-checking memory...\n");

                memgrep(&ctx, MEMGREP_CMD_SET, NULL, MEMGREP_PARAM_LENGTH, 4);

                if (!memgrep(&ctx, MEMGREP_CMD_DUMP, &result, 0, 0) || !result.numRows)
                {
                        fprintf(stdout, "MEMGREP_CMD_DUMP failed.\n");
                        break;
                }

                dump = (MEMGREP_RESULT_ROW_DUMP *)result.rows[0];

                for (x = 0; x < sizeof(data)-1 && !failed; x++)
                {
                        if (data[x] != dump->buf[x])
                                failed = 1;
                }

                if (!failed)
                        fprintf(stdout, "Replace was successful.\n");
                else
                        fprintf(stdout, "Replace was NOT successful.\n");

                memgrep(&ctx, MEMGREP_CMD_DESTROYRESULT, NULL, (unsigned long)&result, 0);

        } while (0);

        memgrep(&ctx, MEMGREP_CMD_DEINITIALIZE, NULL, 0, 0);
        
        return 1;
}
Generated on Mon Dec 29 02:04:13 2003 for memgrep by doxygen1.2.15