TechQA.

C++ regular expression from ReadProcessMemory output

234 views Asked by At

I want to match some strings from notepad process memory, but i have no success. Here is the code:

int bytes_to_read = (int)info.RegionSize;
char *buffer;
buffer = (char*)malloc(bytes_to_read+1);
ReadProcessMemory(hProcess, info.BaseAddress, buffer, bytes_to_read, NULL);
const char *t1re = ";\\d{0,19}";
regex ret1(t1re);
cmatch match;

if(regex_search(buffer, match, ret1))
{
    cout << "Found: " << pe32.szExeFile << "\n";
    system("pause");
}
c++ regex tr1 readprocessmemory
Original Q&A
1

There are 1 answers

3
Zan Lynx On

notepad, being a Windows program, probably uses UCS-2 or I guess these days UTF-16. Which means you need a Unicode regex.

And are you sure that regex_search even works on binary data? It might exit at the first zero byte believing it is the end of string.

Related Questions in C++

Related Questions in REGEX

Related Questions in TR1

Related Questions in READPROCESSMEMORY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions