patching memory in another process

Hi /prog/

I am writing a program to patch a memory location in another running process. Unfortunately it doesn't work as ReadProcessMemory gets an error 6 ("The handle is invalid."), even though the process ID passed on the command line is valid.

Has anyone here done this sort of thing before, and if so d'you know what I may be doing wrong?

Code is below:

#define PATCH_LOCATION 0x0013A142

void error(char *msg)
{
    printf("Error (%s) [0x%08x]\n", msg, GetLastError());
    ExitProcess (0);
};

void main(int argc, char* argv[])
{
    int patch_int;
    HANDLE process_id;
    HANDLE hToken;

    // get process id from command line
    if (argc<2)
        error ("args");
    sscanf(argv[1],"%u",&process_id);
    printf("process_id = %u\n", process_id);

    // attach to process as debugger
    if (DebugActiveProcess((DWORD)process_id)==FALSE)
        error ("DebugActiveProcess()");

    // read patch location
    if (ReadProcessMemory(process_id, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
        error ("ReadProcessMemory()");

    printf("patch_int = 0x%08x\n", patch_int);

    // check if patch location contains expected value
    if (patch_int==250)
    {
        // if so, overwrite with patch value
        patch_int=0xFFFFFFFF;
        if(WriteProcessMemory (process_id, (LPVOID)PATCH_LOCATION, &patch_int, 4, NULL)==FALSE)
            error ("WriteProcessMemory()");
    }
    else
    {
        // or fail
        error("patch_int");
    }

    printf("success!\n");
};

You don't need DebugActiveProcess / DebugActiveProcessStop to read & write process memory. If you omit these then it can run on earlier NT-based systems that don't support DebugActiveProcessStop.