Reading raw memory

[Dan Nelson]

In the last episode (Aug 28), Steve Bertrand said:
> I'm wondering if FreeBSD allows direct access to memory.
> 
> What I'd like to do is try to force a Perl application to leak memory by
> simulating a dangling pointer that it's garbage collection system can't
> clean up.
> 
> I'd then like to look at the raw memory address to find out if the data is
> in a state where it could later be retrieved.

>From within the perl process itself, it's easy.  Just read the memory
address directly.  From another process, you will need to use the ptrace()
function to attach to your target process as a debugger (PT_ATTACH).  Then
read its memory, using either PT_READ_D if you just want to read one int, or
PT_IO, which will let you copy an arbitrary block of memory.
 
> Is accessing memory like this permitted within the OS? If so, what type of
> editor would be used to do such a thing?  Perhaps a snip of C code that
> one could pass in the address as a parameter?

/usr/src/usr.bin/truss/syscalls.c has some examples of how to do this.  See
the get_struct() function.

-- 
	Dan Nelson
	dnelson at allantgroup.com