Homebrew Questions about QueryProcessMemory

Nanquitas

Nanquitas

Well-Known Member
OP
Member
Level 12
Joined
Sep 29, 2015
Messages
2,345
Trophies
0
Age
30
Location
South of France :)
XP
3,336
Country
France
Hello everyone !

I'm developing a NTR plugin as a project to understand the programming on 3DS and to practice C language as I'm learning it.

So, the plugin is a ram explorer, I choose a process to look into and I can read the process's memory as if I was reading it through an Hex Editor.

It's working great except that I found one little flaw and I don't know what is causing this.

For delimiting the range I can see, I use the svc_queryProcessMemory function.

I'm using it like this:
Code: 
MemInfo  region[3];
PageInfo pageInfo;
Handle   target;

/*
**(...) Doing stuff, get the target's handle etc...
*/

check(svc_queryProcessMemory(&region[0], &pageInfo, target, 0x00100000), "svc_queryProcessMemory");
check(svc_queryProcessMemory(&region[1], &pageInfo, target, 0x08000000), "svc_queryProcessMemory");
check(svc_queryProcessMemory(&region[2], &pageInfo, target, 0x14000000), "svc_queryProcessMemory");

With Check(Result result, char *info) a function which analyze the result of a function and send it to the ntr debugger, giving me:
Code: 
Check: svc_openProcess, Result: SUCCESS, R_Level: SUCCESS, R_Summary: SUCCESS, R_Description: SUCCESS.
Check: svc_queryProcessMemory, Result: SUCCESS, R_Level: SUCCESS, R_Summary: SUCCESS, R_Description: SUCCESS.
Check: svc_queryProcessMemory, Result: SUCCESS, R_Level: SUCCESS, R_Summary: SUCCESS, R_Description: SUCCESS.
Check: svc_queryProcessMemory, Result: SUCCESS, R_Level: SUCCESS, R_Summary: SUCCESS, R_Description: SUCCESS.

So it seems like everything is good.

But, on the debugger when I do a check region, it gives me:
Code: 
valid memregions:
00100000 - 0093cfff , size: 0083d000
08000000 - 095edfff , size: 015ee000
0ffc0000 - 10000fff , size: 00041000
10002000 - 10002fff , size: 00001000
14000000 - 160dcfff , size: 020dd000
end of memlayout.

and on my n3DS I have this:


As you can see, there's a difference between the size the debugger gave to me, and what i get from the svc_queryMemoryProcess.
Code: 
Debugger --> 00100000 - 0093cfff , size: 0083d000
svc 3DS  --> same region, size : 005F9000

It seems that the error is always appearing on the 0x0010000 region, the others are always similar to the debugger.

Oh and it's an error from the plugin, not the debugger as i've confirmed that there is still some data in the "missing parts".

So, question is: what's causing this ?

If anyone has a clue, i'll be really happy ! :)

Thank you for reading all this anyway ! ;)
 
  • Like
Reactions: ioritree
Nanquitas

Nanquitas

Well-Known Member
OP
Member
Level 12
Joined
Sep 29, 2015
Messages
2,345
Trophies
0
Age
30
Location
South of France :)
XP
3,336
Country
France
Thanks to @cell9, I have the answer.

For those who want to know, it's not a bug, it's cause there are others regions next to the one i retrieve, so I just have to loop svc_queryProcessMemory to get all the regions.

Thanks again to @cell9 for his answer !
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: By the power of Florida Man, I have the power!!! *Lifts up meth pipe* Meth Man!!! lol