Flag: Tornado! Hurricane!

OpenRCE IDA SDK >> invalidate_dbgmem_contents

invalidate_dbgmem_contents
Category: Debugging

idaman void ida_export
invalidate_dbgmem_contents(ea_t ea, asize_t size)
Invalidate size bytes of memory, starting at ea. If you want to invalidate the whole of a processes memory, set ea to BADADDR and size to 0.

Invalidating memory contents is essentially flushing the IDA kernel's memory cache for a process, which ensures you are accessing the latest memory contents from a processes memory. You should call this function after a process is suspended, or if you suspect the memory contents have changed.

Examples:
#include <dbg.hpp>
#include <bytes.hpp>

// Process must be suspended for this to work
// Get the address stored in the ESP register
regval_t esp;
get_reg_val("ESP", &esp);

// Get the value at the address stored in the ESP reg.
uchar before = get_byte(esp.ival);

// Invalidate memory contents
invalidate_dbgmem_contents(BADADDR, 0);

// Re-fetch contents of the address stored in ESP
uchar after = get_byte(esp.ival);
msg("%08a: Before: %a, After: %a\n",
esp.ival, before, after);


Related: attach_process, continue_process, detach_process, exit_process, get_process_info, get_process_qty, get_process_state, get_reg_val, get_thread_qty, invalidate_dbgmem_config, invalidate_dbgmem_contents, run_requests, run_to, set_reg_val, start_process, step_into, step_over, step_until_ret, suspend_process

Note: You must be logged in to add notes to the IDA SDK reference manual.

There are 31,056 total registered users.


Recently Created Topics
Ultimate Hacking Cha...
Jun/21
CreateMutex
May/31
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Immunity Debugger Re...
Aug/03


Recent Forum Posts
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack


Recent Blog Entries
crystalwade
Jul/20
test

nieo
Mar/22
Android Application Reversing

halsten
Mar/14
Breaking IonCUBE VM

oleavr
Oct/24
Anatomy of a code tracer

hasherezade
Sep/24
IAT Patcher - new tool for ...

More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...

djnemo on:
Nov/17
Kernel debugger vs user mod...

acel on:
Nov/14
Kernel debugger vs user mod...

pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit