How to dereference pointer pointing at memory in another process?

  Hi,

I'm working on a debugger that uses ctypes structures to describe and 
store data that is read from another process's memory.

This works really well, except for pointers.  Dereferencing a ctypes 
pointer for such a "mirrored" structure raises an error because ctypes 
reads the debugger process's memory instead of the debuggee's memory.  
That is incorrect, since the pointer points to memory in the other process.

How can I modify the ctypes pointer dereferencing behavior so that the 
memory is read from somewhere other than the current process?

Thanks,
    Devon

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may

FW: No Subject

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_mar

_______________________________________________
ctypes-users mailing list
ctypes-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ctypes-users

ctypes hi

------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d

_______________________________________________
ctypes-users mailing list
ctypes-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ctypes-users

Missing data when reading file using ctypes.Structure subclass

Hello,

I' trying to read binary data files using subclasses of
ctyptes.Structure. While the first test case worked fine, the second one
fails, possibly due to the bit fields in the structure: While some
struct fields receive correct data, others seem to receive none. I'm new
to ctypes, so this is probably a beginner's mistake...

The input file contains data of this type
    struct tIndexTs
    {
      uint64_t offset:40;
      int reserved:7;
      int independent:1;
      uint16_t number:16;
    };

I'm trying to read it with something like
    ....
    class IndexStruct(ctypes.Structure):
        _fields_ = [
                    ('offset', c_uint64, 40),
                    ('reserved', c_int16, 7),
                    ('independent', c_int16, 1),
                    ('number', c_uint16, 16),
                   ]
    ...
    is = IndexStruct()
    with open(indexFilename, 'rb') as file:
        while file.readinto(is) == sizeof(is):
            print is.offset, is.reserved, is.independent, is.number

The value of 'sizeof(is)' is 8, which seems ok. The first 4 chunks of 8
bytes each in the input file are
    00 00 00 00 00 80 01 00
    9c 4f 01 00 00 00 01 00
    50 98 01 00 00 00 01 00
    00 d6 01 00 00 00 01 00
But the values read are
    0 0 0 0
    85916 0 0 0
    104528 0 0 0
    120320 0 0 0
The values of 'offset' are fine. But 'independent' should be 1 for the
first chunk and 'number' should be 1 in all chunks. Instead, they are 0.
The input data to those fields is not all zeros.

What am I doing wrong?

Environment:
Python 2.6.6 (r266:84292, Dec 27 2010, 00:02:40)
[GCC 4.4.5] on linux2

Thanks, Malte

------------------------------------------------------------------------------
Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
much more. Get web development skills now with LearnDevNow -
350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122812

(no subject)

http://viagra-generic-100mg.com/img/lib.php

Sent from Libero Mobile

------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122712

Re: ctypes stack corruption [SEC=UNOFFICIAL]

So I went and setup a small test program using libffi and managed to 
recreate the erroneous behavior so it seems likely that this is an issue 
with libffi rather than ctypes. Time to head over to their mailing list 
and bother them there.

Many thanks guys,

- Dan

On 08/11/2012 23:58, Andrew MacIntyre wrote:
> [apologies for top post]
>
> Just to suggest, as Diez alluded to, that this might be an alignment issue between the libffi
configuration that ctypes is using and the alignment that your C library routine is expecting.  This
possibly could be related to structure definitions.
>
> You might be able to test this with C test code that calls your C routine via libffi (make sure its the version
used by Python, in case there are multiple versions).
>
> -------------------------> "These thoughts are mine alone!" <---------
> Andrew MacIntyre           Operations Branch
> tel:   +61 2 6219 5356     Communications Infrastructure Division
> fax:   +61 2 6253 3277     Australian Communications & Media Authority
> email: andrew.macintyre <at> acma.gov.au            http://www.acma.gov.au/
>
>
>> -----Original Message-----
>> From: Daniel Holden [mailto:theonlydancingbanana <at> hotmail.com]
>> Sent: Friday, 9 November 2012 12:06 AM
>> To: ctypes-users <at> lists.sourceforge.net
>> Subject: [ctypes-users] ctypes stack corruption
>>
>> Hi all,
>>
>> I was wondering if anyone could help me with a ctypes stack corruption
>> issue I'm having. The details are posted in this stack overflow question:
>>
>> http://stackoverflow.com/questions/13275211/python-ctypes-stack-
>> corruption
>>
>> I've been battling this bug for a while now and am at a bit of a dead
>> end. I was basically wondering if anyone had any more suggestions for
>> debugging techniques. I also don't want to out-rule that it might be a
>> bug in ctypes but needed a sanity check first.
>>
>> Certainly ctypes seems to believe `skel` is a pointer of some sort but
>> somehow it is getting put on the stack incorrectly. If anyone believes
>> it is a bug in ctypes I'll upload the code somewhere so that it can be
>> attempted to be reproduced.
>>
>> Thanks,
>>
>> Dan
>>
>> ------------------------------------------------------------------------------
>> Everyone hates slow websites. So do we.
>> Make your web apps faster with AppDynamics
>> Download AppDynamics Lite for free today:
>> http://p.sf.net/sfu/appdyn_d2d_nov
>> _______________________________________________
>> ctypes-users mailing list
>> ctypes-users <at> lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/ctypes-users
> NOTICE: This email message is for the sole use of the intended recipient(s)
>   and may contain confidential and privileged information. Any unauthorized
>   review, use, disclosure or distribution is prohibited. If you are not the
>   intended recipient, please contact the sender by reply email and destroy all
>   copies of the original message.
>
>

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov

ctypes stack corruption

Hi all,

I was wondering if anyone could help me with a ctypes stack corruption 
issue I'm having. The details are posted in this stack overflow question:

http://stackoverflow.com/questions/13275211/python-ctypes-stack-corruption

I've been battling this bug for a while now and am at a bit of a dead 
end. I was basically wondering if anyone had any more suggestions for 
debugging techniques. I also don't want to out-rule that it might be a 
bug in ctypes but needed a sanity check first.

Certainly ctypes seems to believe `skel` is a pointer of some sort but 
somehow it is getting put on the stack incorrectly. If anyone believes 
it is a bug in ctypes I'll upload the code somewhere so that it can be 
attempted to be reproduced.

Thanks,

Dan

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov

How to pass FILE *

The function I am trying to call wants a FILE *:

dlg_progressbox(const char *title,
		const char *cprompt,
		int height,
		int width,
		int pauseopt,
		FILE *fp)

I can open the file to be referenced:

fp = os.fdopen(self.pipefds[0], 'r')

Every thing I've tried ends with ctypes raising a TypeError.

--

-- 
Yonder nor sorghum stenches shut ladle gulls stopper torque wet 
strainers.

------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html

My ctypes interface fails on OSX 10.8 (Mountain Lion) but works on Red Hat Linux 6

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
ctypes-users mailing list
ctypes-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ctypes-users

C to ctype conversion

typedef void * (*MALLOCFUNCPTR)( size_t size );

I have a C function defined as below:
void DLL_ENTRY UploadData( BOOL *pChangeCountError,
                           MALLOCFUNCPTR pMf,
                           ulong *pMsgLen,
                           uchar **pMsgData );

I want to implement CType interface to this function to access it via
Python. How can I convert these arguments to the CType for python?

Any help is greatly appreciated.

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

Enumeration with callback fails

Hello,

can you please advise why the following call correctly enumerates all
schemes and then fails?

>>> import ctypes
>>> import ctypes.wintypes
>>> callbacktype = ctypes.CFUNCTYPE(ctypes.c_bool, ctypes.c_uint, ctypes.wintypes.DWORD,
ctypes.wintypes.LPWSTR, ctypes.wintypes.DWORD, ctypes.wintypes.LPWSTR,
ctypes.POINTER(PowerPolicy), ctypes.wintypes.LPARAM)
>>>
>>> def callback(*args):
...     print(args)
...     return True
...
>>> callbackinstance = callbacktype(callback)
>>> ctypes.windll.powrprof.EnumPwrSchemes(callbackinstance, 0)
(0, 34, 'Home/Office Desk', 190, 'This scheme is suited to most home
or desktop computers that are left plugged in all the time.',
<__main__.LP_PowerPolicy object at 0x01A84F80>, 0)
(1, 32, 'Portable/Laptop', 172, 'This scheme is designed for extended
battery life for portable computers on the road.',
<__main__.LP_PowerPolicy object at 0x01A84F80>, 0)
(2, 26, 'Presentation', 116, 'This scheme keeps the monitor on for
doing presentations.', <__main__.LP_PowerPolicy object at 0x01A84F80>,
0)
(3, 20, 'Always On', 290, 'This scheme keeps the computer running so
that it can be accessed from the network.  Use this scheme if you do
not have network wakeup hardware.', <__main__.LP_PowerPolicy object at
0x01A84F80>, 0)
(4, 50, 'Minimal Power Management', 146, 'This scheme keeps the
computer on and optimizes it for high performance.',
<__main__.LP_PowerPolicy object at 0x01A84F80>, 0)
(5, 24, 'Max Battery', 108, 'This scheme is extremely aggressive for
saving power.', <__main__.LP_PowerPolicy object at 0x01A84F80>, 0)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ValueError: Procedure probably called with not enough arguments (2226876 bytes m
issing)

I tried different return values of the callback function.

Thus I have declared the used structures.

>>> class PowerActionPolicy(ctypes.Structure):
...     _fields_ = [("Action", ctypes.c_int),
...                 ("Flags", ctypes.c_ulong),
...                 ("EventCode", ctypes.c_ulong)]
...
>>> class UserPowerPolicy(ctypes.Structure):
...     _fields_ = [("Revision", ctypes.c_ulong),
...                 ("IdleAc", PowerActionPolicy),
...                 ("IdleDc", PowerActionPolicy),
...                 ("IdleTimeoutAc", ctypes.c_ulong),
...                 ("IdleTimeoutDc", ctypes.c_ulong),
...                 ("IdleSensitivityAc", ctypes.c_char),
...                 ("IdleSensitivityDc", ctypes.c_char),
...                 ("ThrottlePolicyAc", ctypes.c_char),
...                 ("ThrottlePolicyDc", ctypes.c_char),
...                 ("MaxSleepAc", ctypes.c_int),
...                 ("MaxSleepDc", ctypes.c_int),
...                 ("Reserved", ctypes.c_ulong * 2),
...                 ("VideoTimeoutAc", ctypes.c_ulong),
...                 ("VideoTimeoutDc", ctypes.c_ulong),
...                 ("SpindownTimeoutAc", ctypes.c_ulong),
...                 ("SpindownTimeoutDc", ctypes.c_ulong),
...                 ("OptimizeForPowerAc", ctypes.c_bool),
...                 ("OptimizeForPowerDc", ctypes.c_bool),
...                 ("FanThrottleToleranceAc", ctypes.c_char),
...                 ("FanThrottleToleranceDc", ctypes.c_char),
...                 ("ForcedThrottleAc", ctypes.c_char),
...                 ("ForcedThrottleDc", ctypes.c_char)]
...
>>> class MachinePowerPolicy(ctypes.Structure):
...     _fields_ = [("Revision", ctypes.c_ulong),
...                 ("MinSleepAc", ctypes.c_int),
...                 ("MinSleepDc", ctypes.c_int),
...                 ("ReducedLatencySleepAc", ctypes.c_int),
...                 ("ReducedLatencySleepDc", ctypes.c_int),
...                 ("DozeTimeoutAc", ctypes.c_ulong),
...                 ("DozeTimeoutDc", ctypes.c_ulong),
...                 ("DozeS4TimeoutAc", ctypes.c_ulong),
...                 ("DozeS4TimeoutDc", ctypes.c_ulong),
...                 ("MinThrottleAc", ctypes.c_char),
...                 ("MinThrottleDc", ctypes.c_char),
...                 ("pad1", ctypes.c_char * 2),
...                 ("OverThrottledAc", PowerActionPolicy),
...                 ("OverThrottledDc", PowerActionPolicy)]
...
>>> class PowerPolicy(ctypes.Structure):
...     _fields_ = [("user", UserPowerPolicy),
...                 ("mach", MachinePowerPolicy)]
...

Thank you very much
--

-- 
Radek Holý
Czech republic

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/