Module Base Addr Size?

[JaiPe]

Hi. Firstly, excellent library here, thank you so much for your work on it.

I've been retrieving the first module for a process, in both robot-js and memoryjs and I noticed the base address seems to be different in both. I'm not sure if it's something I'm doing wrong, or if it's an issue with offset values, or maybe the data type is too small in the C code. You can see the precision is greater in robotjs, but even the lower precision values seem different too.

The szExePath matches in both, but the modBaseAddr varies.

In memoryjs:
require("memoryjs").getModules(targetProcess.th32ProcessID)[0].modBaseAddr
Value: 1407975424

In robotjs:
targetProcess.getModules()[0].getBase()
Value: 140695946657792

I tried changing some of the types to long in the C code, but I'm a JS dev and am useless with C :D

Thanks!

[Rob--]

Is the target process 32 bit or 64 bit? Use something like process hacker to find the actual base address of the application so you can see if memoryjs or robotjs are actually providing the correct base address.

[JaiPe]

Thanks for the super-quick response! The target is 64 bit. And I built the memoryjs binaries in 64 bit mode.

I'm actually migrating an old robotjs application, which does seem to be returning the correct address. I'm also noticing that most of the modules I'm getting have minus numbers for their base addresses in memoryjs, but not robotjs. So I assume robotjs is returning absolute addresses, whereas memoryjs is returning them relative to something?

e.g.

robotjs:

  Module {
    _valid: true,
    _name: 'mswsock.dll',
    _path: 'C:/WINDOWS/system32/mswsock.dll',
    _base: 140719668068352,
    _size: 417792,
    _proc: Process {},
    _segments: null },

memoryjs:

 { modBaseAddr: -640417792,
    modBaseSize: 417792,
    szExePath: 'C:\\WINDOWS\\system32\\mswsock.dll',
    szModule: 'mswsock.dll',
    th32ModuleID: 5448 },

Thanks!

[Rob--]

Is your Node version 32 bit or 64 bit?

[JaiPe]

Sorry for the delay.
I'm using node 8, 64-bit version.

[JaiPe]

I do get the following errors when compiling the 64 bit version:

..\lib\memoryjs.cc(538): warning C4244: 'initializing': conversion from 'double'                                                                        to 'float', possible loss of data [node_modules\memoryjs                                                                       \build\memoryjs.vcxproj]
..\lib\memoryjs.cc(604): warning C4244: 'argument': conversion from 'uintptr_t'                                                                        to 'double', possible loss of data [node_modules\memoryjs                                                                       \build\memoryjs.vcxproj]
..\lib\memoryjs.cc(609): warning C4244: 'argument': conversion from 'uintptr_t'                                                                        to 'double', possible loss of data

[JaiPe]

After this PR, everything seems to be behaving correctly on Windows x64 and memory reads are returning the correct addresses/values.

[JaiPe]

I have also added a commit to flip around the callback arguments. They seem to be (result, error) for memory reads, but everywhere else is using (error, result) (including the docs and examples).

[JaiPe]

And another commit, to add a pointer type for intptr_t address return values, which weren't working with long (since they're long long). Updated docs also.

Feel free to cherry-pick accordingly, if there's any problems with some of these commits.

[Rob--]

Thanks for your contribution!