ports//sysutils/memgrep/work/memgrep-0.8.0/examples/simple.c

#include <stdlib.h>
#include <stdio.h>

#include "memgrep.h"

int main(int argc, char **argv)
{
	MEM_CTX        ctx;
	MEMGREP_RESULT result;
	MEMGREP_RESULT_ROW_DUMP *dump;
	unsigned long  replace[1];
	unsigned char  failed = 0;
	unsigned long  x;
	char           data[] = "Blah";

	if (argc == 1)
	{
		fprintf(stdout, "Must specify pid.\n");
		return 0;
	}

	memset(&ctx, 0, sizeof(ctx));

	do
	{
		if (!memgrep(&ctx, MEMGREP_CMD_INITIALIZE, NULL, MEMORY_MEDIUM_PID, atoi(argv[1]) & 0xFFFF))
		{
			fprintf(stdout, "MEMGREP_CMD_INITIALIZE failed.\n");
			break;
		}
	
		if (!memgrep(&ctx, MEMGREP_CMD_POPULATE, NULL, (unsigned long)"rodata", 0))
		{
			fprintf(stdout, "MEMGREP_CMD_POPULATE failed.\n");
			break;
		}
	
		if (!memgrep(&ctx, MEMGREP_CMD_SEARCH, &result, (unsigned long)"s,Test", 0))
		{
			fprintf(stdout, "MEMGREP_CMD_SEARCH found no matches.\n");
			break;
		}

		fprintf(stdout, "%lu matches were found.\n", result.numRows);

		for (x = 0; x < result.numRows; x++)
		{
			MEMGREP_RESULT_ROW_SEARCH *search = (MEMGREP_RESULT_ROW_SEARCH *)result.rows[x];

			fprintf(stdout, "  match found at %.8x\n", (unsigned int)search->addr);

			if (x == 0)
				replace[0] = search->addr;
		}

		memgrep(&ctx, MEMGREP_CMD_DESTROYRESULT, NULL, (unsigned long)&result, 0);

		fprintf(stdout, "Going to replace 'Test' at %.8x with 'Blah'.\n", (unsigned int)replace[0]);

		if (!memgrep(&ctx, MEMGREP_CMD_POPULATE, NULL, (unsigned long)replace, 1))
		{
			fprintf(stdout, "MEMGREP_CMD_POPULATE failed.\n");
			break;
		}

		if (!memgrep(&ctx, MEMGREP_CMD_REPLACE, NULL, (unsigned long)"s,Blah", 0))
		{
			fprintf(stdout, "MEMGREP_CMD_REPLACE replaced 0 addresses.\n");
			break;
		}

		fprintf(stdout, "Replace was successful!  Double-checking memory...\n");

		memgrep(&ctx, MEMGREP_CMD_SET, NULL, MEMGREP_PARAM_LENGTH, 4);

		if (!memgrep(&ctx, MEMGREP_CMD_DUMP, &result, 0, 0) || !result.numRows)
		{
			fprintf(stdout, "MEMGREP_CMD_DUMP failed.\n");
			break;
		}

		dump = (MEMGREP_RESULT_ROW_DUMP *)result.rows[0];

		for (x = 0; x < sizeof(data)-1 && !failed; x++)
		{
			if (data[x] != dump->buf[x])
				failed = 1;
		}

		if (!failed)
			fprintf(stdout, "Replace was successful.\n");
		else
			fprintf(stdout, "Replace was NOT successful.\n");

		memgrep(&ctx, MEMGREP_CMD_DESTROYRESULT, NULL, (unsigned long)&result, 0);

	} while (0);

	memgrep(&ctx, MEMGREP_CMD_DEINITIALIZE, NULL, 0, 0);
	
	return 1;
}
syntax highlighted by Code2HTML, v. 0.9.1