如何访问一个进程的内存空间[2]

    s:=extractfilename(fprocessentry32.szexefile);
    if s='kernel32.dll' then
    begin
      processid:=fprocessentry32.th32processid;
      s:='';
      break;
    end;
    ret:=process32next(fsnapshothandle,fprocessentry32);
  end;
   //循环枚举出系统开启的所有进程，找出“kernel32.dll”
  closehandle(fsnapshothandle);
  memo1.lines.clear ;
  memo1.lines.add('process id '+inttohex(fprocessentry32.th32processid,8));
  memo1.lines.add('file name '+fprocessentry32.szexefile);
    ////输出进程的一些信息
  nsize:=4;
  lpbuffer:=allocmem(nsize);
  processhndle:=openprocess(process_vm_read,false,processid);
  memo1.lines.add ('process handle '+inttohex(processhndle,8));
  for i:=$00800001 to $0080005f do
  begin
    readprocessmemory(
                     processhndle,
                     pointer(i),
                     lpbuffer,
                     nsize,
                     lpnumberofbytesread
                     );
    s:=s+inttohex(lpbuffer^,2)+' ';
      //读取内容
    if (i mod 16) =0 then
    begin
      memo1.lines.add(s);
      s:='';
    end;
      //格式化输出
  end;
  freemem(lpbuffer,nsize);
  closehandle(processhndle);
   //关闭句柄，释放内存
end;