ReadProcessMemory is a Windows API function that can read the memory of an external process into a local buffer. Use this tag if your question is in relation to errors when using this function or it's general usage.
ReadProcessMemory() is a commonly used Windows API function when interacting with the memory of another process running on the same system.
BOOL ReadProcessMemory(
HANDLE hProcess,
LPCVOID lpBaseAddress,
LPVOID lpBuffer,
SIZE_T nSize,
SIZE_T *lpNumberOfBytesRead
);
Function Arguments
hProcess is a handle to the target process, usually the return value from a call to OpenProcess()
lpBaseAddress is a pointer to the address you want to read from
lpBuffer is a pointer to your local buffer, where the read memory is stored
nSize is how many bytes you want to read
lpNumberOfBytesRead is a pointer to SIZE_T which will store the number of bytes which the function successfully read
Return Value
- If the function succeeds, it's return is nonzero, if it fails, it returns zero.
Remarks
nSize should be the same size as the buffer pointed to by lpBuffer.
lpNumberOfBytesRead is optional, you can pass in a zero but, this output variable is good for error checking
Run your program as administrator to ensure your have permissions
Your process handle must have the required process access rights, in this case PROCESS_VM_READ
Use the return value, the lpNumberofBytesRead and GetLastError() to help debug your problems
