[Tutor] using while loop for read process memory
steve at pearwood.info
Sun Oct 8 20:12:13 EDT 2017
I have no idea about ctypes or Windows, but it seems to me that you are
creating a rod for your own back by using a while loop here. Why use a
primitive, low-level looping construct when Python gives you much better
My *guess* is that somewhere you are miscalcuating when to stop, and
trying to read beyond the valid region.
Your code uses nested while loops. But since you already know the
beginning and end of the loop, that is much better written as
for-loops (and will be faster too).
It's not clear to me how much memory you expect to be reading at a time.
I *guess* that you read blocks of memory the size of mbi at a time. If
your memory is:
and mbi is (lets say) *six* chars long, then you want to read:
Then, within each mbi-sized block, if each buffer is (say) *two* chars
long, you want to read:
Is that right? If not, you will have to adjust the following to better
suit your intention.
# Untested, as I don't run Windows.
blocksize = ctypes.sizeof(mbi)
buffer_blocksize = ctypes.sizeof(buffer)
for current_address in range(
# process the current address here
# Note that there's no need for a backslash \ to continue
# lines inside open brackets and parentheses; by
# convention such lines are indented extra to allow them
# to stand out. Feel free to make it a bit more compact if
# you prefer it that way.
if mbi.Protect == PAGE_READWRITE and mbi.State == MEM_COMMIT:
print('This region can be scanned!') # which region?
for index in range(
current_address + mbi.RegionSize,
## FIXME implement value comparison
Hope this helps.
More information about the Tutor