Sorry but I dont understand this line:
mbi = MEMORY_BASIC_INFORMATION()
This creates a instance of the class?
Also, I thought with VirtualQueryEx, what you need for it
is a handle, which I acquire from this
Process = Kernel32.OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ,
False, PID)
and then feed it to the function like so:
VirtualQuery(Process, ctypes.byref(mbi), ctypes.sizeof(mbi))
I know it doesn't work. But what are these lines for? They don't look like
handle to me:
VirtualQuery = kernel32.VirtualQuery
VirtualQuery.restype = SIZE_T
VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
thanks !
On Thu, Oct 5, 2017 at 1:13 PM, eryk sun <eryk...@gmail.com> wrote:
> On Thu, Oct 5, 2017 at 8:27 PM, Michael C
> <mysecretrobotfact...@gmail.com> wrote:
> >
> > How do I see the values of each field? This doesn't work.
> >
> > print(PMEMORY_BASIC_INFORMATION.Protect)
>
> Create an instance of MEMORY_BASIC_INFORMATION and pass a pointer to
> it via byref(). For example, the following queries the region of
> memory of the VirtualQuery function itself.
>
> kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
>
> MEM_COMMIT = 0x1000
> PAGE_EXECUTE_READ = 0x20
> PAGE_EXECUTE_WRITECOPY = 0x80
>
> VirtualQuery = kernel32.VirtualQuery
> VirtualQuery.restype = SIZE_T
> VirtualQuery.argtypes = (LPVOID, PMEMORY_BASIC_INFORMATION, SIZE_T)
>
> mbi = MEMORY_BASIC_INFORMATION()
> VirtualQuery(VirtualQuery, ctypes.byref(mbi), ctypes.sizeof(mbi))
>
> >>> mbi.AllocationBase == kernel32._handle
> True
> >>> mbi.AllocationProtect == PAGE_EXECUTE_WRITECOPY
> True
> >>> mbi.BaseAddress
> 140703181352960
> >>> mbi.RegionSize
> 364544
> >>> mbi.State == MEM_COMMIT
> True
> >>> mbi.Protect == PAGE_EXECUTE_READ
> True
>
_______________________________________________
Tutor maillist - Tutor@python.org
To unsubscribe or change subscription options:
https://mail.python.org/mailman/listinfo/tutor
