pointer

[Jrdman]

is it possible to use a pointer to see the data stored in a given
address in the memory ? if no what's the appropriate way to do that?
thanks.

 

[Richard Tobin]

is it possible to use a pointer to see the data stored in a given
address in the memory ?

Yes, you can convert any pointer to a character pointer type and
examine the bytes it points to. The consequences of following an
invalid pointer, or looking beyond the end of the object it points to,
are undefined.

E.g.

int a = 42;
unsigned char *p = (unsigned char *)&a;
int i;

for(i=0; i<sizeof(a); i++)
printf("%02x ", p);
printf("\n");

-- Richard

 

[Jrdman]

is it possible to use a pointer to see the data stored in a given
address in the memory ?

Yes, you can convert any pointer to a character pointer type and
examine the bytes it points to.  The consequences of following an
invalid pointer, or looking beyond the end of the object it points to,
are undefined.

E.g.

     int a = 42;
     unsigned char *p = (unsigned char *)&a;
     int i;

     for(i=0; i<sizeof(a); i++)
         printf("%02x ", p);
     printf("\n");

-- Richard

thanks!

 

[Jrdman]

is it possible to use a pointer to see the data stored in a given
address in the memory ?

Yes, you can convert any pointer to a character pointer type and
examine the bytes it points to.  The consequences of following an
invalid pointer, or looking beyond the end of the object it points to,
are undefined.

E.g.

     int a = 42;
     unsigned char *p = (unsigned char *)&a;
     int i;

     for(i=0; i<sizeof(a); i++)
         printf("%02x ", p);
     printf("\n");

-- Richard

but what if we repalce &a with an arbitrary address(number)cuz i wanna
access a specific place?

 

[Richard Tobin]

but what if we repalce &a with an arbitrary address(number)cuz i wanna
access a specific place?

Please use proper English.

If the number corresponds to some accessible memory, then it will
work, but you need to be familiar with the details of your operating
system. In a general purpose operating system with virtual memory,
there's not likely to be anything much useful at fixed addresses.

-- Richard

 

[Keith Thompson]

is it possible to use a pointer to see the data stored in a given
address in the memory ?

Yes, you can convert any pointer to a character pointer type and
examine the bytes it points to.  The consequences of following an
invalid pointer, or looking beyond the end of the object it points to,
are undefined.

E.g.

     int a = 42;
     unsigned char *p = (unsigned char *)&a;
     int i;

     for(i=0; i<sizeof(a); i++)
         printf("%02x ", p);
     printf("\n");

but what if we repalce &a with an arbitrary address(number)cuz i wanna
access a specific place?

Addresses are not numbers. They may be represented as numbers on some
systems, probably most of them, but as far as the C language is
concerned they're two very different things.

It's possible to convert an integer value to a pointer type, and vice
versa. The results of any such conversion are implementation-defined,
and any attempt to use an address (equivalently a pointer value)
obtained by conversion from some arbitrary integer value is likely to
be dangerous. (Conversion of a constant 0 is a special case, yielding
a null pointer.)

Here's a program that illustrates how you might do this:
========================================
#include <stdio.h>

int main(void)
{
unsigned long num = 0xdeadbeef;
unsigned char data;

printf("The byte at 0x%lx is: ", num);
/*
* Flush stdout to make sure the above line appears
* even if the program crashes.
*/
fflush(stdout);

data = *(unsigned char*)num;
printf("0x%x\n", (unsigned int)data);

return 0;
}
========================================

And here's the output I got when I ran it:
========================================
The byte at 0xdeadbeef is: Segmentation fault (core dumped)
========================================

This is close to the best result I could have gotten; the system was
kind enough to tell me I had done something stupid, rather than just
giving me meaningless data.

Now I'll ask you the question I probably should have asked in
the first place.

*Why* do you want to do this? What problem are you trying to solve?

 

[Jrdman]

<2ecf9822-1a6c-4a86-bd8d-c56ea4946...@k37g2000hsf.googlegroups.com>,
is it possible to use a pointer to see the data stored in a given
address in the memory ?
Yes, you can convert any pointer to a character pointer type and
examine the bytes it points to.  The consequences of following an
invalid pointer, or looking beyond the end of the object it points to,
are undefined.
E.g.
     int a = 42;
     unsigned char *p = (unsigned char *)&a;
     int i;
     for(i=0; i<sizeof(a); i++)
         printf("%02x ", p);
     printf("\n");

but what if we repalce &a with an arbitrary address(number)cuz i wanna
access a specific place?

Addresses are not numbers.  They may be represented as numbers on some
systems, probably most of them, but as far as the C language is
concerned they're two very different things.

It's possible to convert an integer value to a pointer type, and vice
versa.  The results of any such conversion are implementation-defined,
and any attempt to use an address (equivalently a pointer value)
obtained by conversion from some arbitrary integer value is likely to
be dangerous.  (Conversion of a constant 0 is a special case, yielding
a null pointer.)

Here's a program that illustrates how you might do this:
========================================
#include <stdio.h>

int main(void)
{
    unsigned long num = 0xdeadbeef;
    unsigned char data;

    printf("The byte at 0x%lx is: ", num);
    /*
     * Flush stdout to make sure the above line appears
     * even if the program crashes.
     */
    fflush(stdout);

    data = *(unsigned char*)num;
    printf("0x%x\n", (unsigned int)data);

    return 0;}

========================================

And here's the output I got when I ran it:
========================================
The byte at 0xdeadbeef is: Segmentation fault (core dumped)
========================================

This is close to the best result I could have gotten; the system was
kind enough to tell me I had done something stupid, rather than just
giving me meaningless data.

Now I'll ask you the question I probably should have asked in
the first place.

*Why* do you want to do this?  What problem are you trying to solve?

--
Keith Thompson (The_Other_Keith) (e-mail address removed)  <http://www.ghoti.net/~kst>
Nokia
"We must do something.  This is something.  Therefore, we must do this."
    -- Antony Jay and Jonathan Lynn, "Yes Minister"- Hide quoted text -

- Show quoted text -

i wanna access the memory address at 0x00(first segment) and then
printf a range of memory from the first segment to a specific address
something is wrong with this idea ?if this ,is possible please help
me?

 

[Walter Roberson]

i wanna access the memory address at 0x00(first segment) and then
printf a range of memory from the first segment to a specific address
something is wrong with this idea ?if this ,is possible please help
me?

What you are asking to do is system-specific.

Most of the systems I use don't have segments at all; the other systems
I use that do have segments pretty much ignore the existance of segments
and use linear virtual address ranges in practice. So what you
are asking for is impossible on many systems and irrelevant on a bunch
more.

As you are wanting to do something that isn't possible at all on
many systems that run C, if you are able to implement it at all
on the systems of interest to you, you have to use non-portable methods
to accomplish it.

On C systems that use a linear virtual address space, you can
often (but it isn't promised to work) look at offsets in your virtual
address space by converting the offset from an integral type to a pointer.

For example,

unsigned char *ptr = (char *)0x000003fc;
unsigned char c = *ptr;

C doesn't define what this means: C says that the implementation
can assign any meaning it wants to the conversion shown in the first line.

Actually attempting to access the memory you've constructed a pointer
to might do nearly anything, including possibly hang your system. (And
I don't mean that lightly: just *reading* from memory addresses can
trigger nasty hardware behaviour.)

Because C doesn't define the conversion, the memory address actually
examined might have no obvious relationship at all to the constant
0x000003fc -- you may have to dig deep into your system documentation
to find out which address constant you need to use to access particular
memory locations.

Even on systems that have segments at all, there is no common
idiomatic way of storing particular values in segment base registers.
You might have to drop in some inline assembler, if your C happens
to have an inline assembler extension (inline assembler is not
part of C.)

 

[Jens Thoms Toerring]

i wanna access the memory address at 0x00(first segment) and then
printf a range of memory from the first segment to a specific address
something is wrong with this idea ?if this ,is possible please help
me?

You can "legally" only look at memory that belongs to your
program. "Legally" includes memory that are variables you
defined and memory you allocated. With everything else you
are at the mercy of your system. There may be parts of the
address space that you can look at and others that you can't.
And to some of the addresses you may even write to. For the
address NULL you always will get a crash if you try to read
from it or write to it (but mind, NULL is not always necessary
0 in this context).

And then you should be aware that the addresses you use on
most modern systems are virtual addresses and not physical
addresses. So if you try to do something like e.g. reading
from or writing to the video buffer since you read something
about the address range where it's mapped in memory you are
out of luck on modern systems - they won't let you touch this
memory at all (unless you're getting at the level the kernel
is operating on). If you want to do things like that you have
to go back to something like DOS, on (reasonable) multi-tasking
and, even more, multi-user systems completely different rules
apply. All low level things are protected from being peeked or
even poked at by normal users. And then you really would have
to ask in a group dealing with the low level specifics of your
operating system.

So, again, the question: what do you want to achieve? Just
saying "wanna access the memory address at 0x00" isn't any-
thing to go by. What's the purpose of accessing that address?
Mere curiousity is absolutely fine, but it's unclear if your
looking in a completely wrong direction where there are just
impenetrable walls.
Regards, Jens

 

[Jrdman]

You can "legally" only look at memory that belongs to your
program. "Legally" includes memory that are variables you
defined and memory you allocated. With everything else you
are at the mercy of your system. There may be parts of the
address space that you can look at and others that you can't.
And to some of the addresses you may even write to. For the
address NULL you always will get a crash if you try to read
from it or write to it (but mind, NULL is not always necessary
0 in this context).

And then you should be aware that the addresses you use on
most modern systems are virtual addresses and not physical
addresses. So if you try to do something like e.g. reading
from or writing to the video buffer since you read something
about the address range where it's mapped in memory you are
out of luck on modern systems - they won't let you touch this
memory at all (unless you're getting at the level the kernel
is operating on). If you want to do things like that you have
to go back to something like DOS, on (reasonable) multi-tasking
and, even more, multi-user systems completely different rules
apply. All low level things are protected from being peeked or
even poked at by normal users. And then you really would have
to ask in a group dealing with the low level specifics of your
operating system.

So, again, the question: what do you want to achieve? Just
saying "wanna access the memory address at 0x00" isn't any-
thing to go by. What's the purpose of accessing that address?
Mere curiousity is absolutely fine, but it's unclear if your
looking in a completely wrong direction where there are just
impenetrable walls.
                            Regards, Jens

actually i wanna make a small memory dumper and it seems that it's not
the correct way.so what should i know to be able to write a basic
memory dumper?
thanks.

 

[Walter Roberson]

actually i wanna make a small memory dumper

Of physical or virtual memory?

We can deduce from your earlier questions that you are using
a system that has segment registers, but we do not know whether
you are trying to write a routine to dump a block of memory
from the current program, or if you are trying to dump a block
of memory from a different program that is running under your
username, or if you are trying to dump a block of memory from a
different program that is running under a different username,
or if you are trying to examine physical memory on an embedded
system, or if you are trying to examine physical memory on
a "hosted" multiprocessing system (such as MS Windows) ??

 

[Jens Thoms Toerring]

actually i wanna make a small memory dumper and it seems that it's not
the correct way.so what should i know to be able to write a basic
memory dumper?
thanks.

What kind of memory you want to "dump"? On basically all modern
operating systems your program is running in a kind of memory
"sandbox", i.e. the addresses your program sees have nothing
at all to do with "real" addresses. All you could dump is the
mostky rather uninteresting address space of your program. You
could do such memory dumps twenty years ago with CP/M, DOS,
TOS and similar rather primitive operating systems that exposed
everything to a user program. Back then that was possible - there
was just a single task running because you did something stupid
you cursed and toggled the power button. But with systems running
several programs at once (or serving several users at once!) that
is not an option anymore.

So, if you want to do a "real" memory dump, where "real" means
not just what the system your program is running under allows
it to see but what's really stored in physical memory addresses,
then you have to resort to extremely system-specific methods (or
use a system like DOS that lets you mess around with all the
internals). But comp.lang.c isn't the right group for asking
questions about that since that's not anything related to the C
language but all about something extremely system specific. It
will be rather different if you try to do it under Windows,
Linux or MacOSX etc. So you will have to pick a newsgroup that
deals with the low level innards of the system you're using,
that's where the experts for that can be found and that are
prepared to answer such questions.

Regards, Jens

 

[CBFalconer]

.... snip ...

but what if we repalce &a with an arbitrary address(number) cuz
i wanna access a specific place?

There is no portable (standard C) way to do that. For something
specific to your system, read the system documentation.

 

[Keith Thompson]

actually i wanna make a small memory dumper and it seems that it's not
the correct way.so what should i know to be able to write a basic
memory dumper?

One thing you should know is that you don't need to quote an entire
article when you post a followup. Just quote enough so your followup
makes reasonable sense to someone who didn't see the parent article.
In particular, don't quote signatures unless you're actually
commenting on them.

There is no portable way to write a memory dumper in C, or in any
other language as far as I know. You're delving into some very
system-specific stuff.

The system(s) you're probably using almost certainly use virtual
memory, which means that any addresses are specific to the current
execution of your program.

*If* it's possible to write a memory dumper, then converting from an
integer representation of an address to an unsigned char* and then
dereferencing it is likely to be as good a way as any. That is,
unless your system provides something better. <OT>On Unix-like
systems, consider something like /dev/mem, /dev/kmem, /proc/*.</OT>

 

[viza]

unsigned char *p = (unsigned char *)&a; int i;

for(i=0; i<sizeof(a); i++)
printf("%02x ", p);

I think you need %02hhx there, or cast p to (unsigned int).

Or do you? unsigned char gets promoted to unsigned int right? So why do
some implementations give an hh length modifier? Or why does the
standard give the h modifier?

viza

 

[Harald van Dijk]

unsigned char *p = (unsigned char *)&a; int i;

for(i=0; i<sizeof(a); i++)
printf("%02x ", p);

I think you need %02hhx there, or cast p to (unsigned int).

Technically, yes, but it's also worth pointing out that implementations
would have more trouble making the code misbehave without a cast, than to
accept it. va_arg requires that signed arguments can be accessed as the
corresponding unsigned type, and vice versa, so for printf not to accept
the version as written requires that:
- signed and unsigned arguments are passed in different ways
- at the same time, it's possible to see whether the argument is signed
- printf isn't written in C, or isn't written using va_arg
- and printf doesn't bother to check the type of the passed argument
I don't believe such an implementation exists currently.

Or do you? unsigned char gets promoted to unsigned int right?

Usually, unsigned char gets promoted to signed int.

 

[Richard Bos]

Unless you /*are*/ the operating system.

But if you are the OS, you shouldn't be asking such fundamental
questions as the OP.

Richard

 

[Richard Bos]

There may be parts of the
address space that you can look at and others that you can't.
And to some of the addresses you may even write to. For the
address NULL you always will get a crash if you try to read
from it or write to it

Not true. Reading from and writing to non-existent addresses, including
null pointers, causes undefined behaviour. This means that anything may
happen. Crashing is a very common option, but scribbling over memory you
shouldn't scribble over is also quite possible.

Richard

 

[Richard Tobin]

unsigned char *p = (unsigned char *)&a; int i;

for(i=0; i<sizeof(a); i++)
printf("%02x ", p);

I think you need %02hhx there, or cast p to (unsigned int).

[/QUOTE]

Technically, yes

Possibly in C90, but C99 7.15.1.1 specifically allows the case where:

one type is a signed integer type, the other type is the
corresponding unsigned integer type, and the value is representable
in both types

In the odd case where integers and chars are the same size (so that
the value might not be representable), I think the default promotions
cause the unsigned char to be converted to an unsigned int, so that
does not cause a problem either.

-- Richard

 

[Harald van Dijk]

unsigned char *p = (unsigned char *)&a; int i;

for(i=0; i<sizeof(a); i++)
printf("%02x ", p);
I think you need %02hhx there, or cast p to (unsigned int).

Technically, yes

Possibly in C90, but C99 7.15.1.1 specifically allows the case where:

Ordinarily "va_arg requires that signed arguments can be accessed as the
corresponding unsigned type, and vice versa" -- quoted from my message
that you responded to -- but C99 7.15.1.1 (va_arg) need not apply.