/// <summary>
/// Read a number of bytes from a processes memory into a byte array
/// </summary>
/// <param name="pInfo"></param>
/// <param name="address"></param>
/// <param name="bytes"></param>
/// <returns>bytes read</returns>
public static byte[] ReadBytesFromMemory(ProcessInfo pInfo, IntPtr address, int bytes)
{
int bytesRead = 0;
byte[] buf = new byte[bytes];
switch (Environment.OSVersion.Platform)
{
case PlatformID.MacOSX:
case PlatformID.Unix:
IntPtr ptr;
int ret = MacOSAPI.vm_read_wrapper(pInfo.Task, (ulong)address, (ulong)bytes, out ptr, out bytesRead);
//Logger.Log(bytes.ToString() + " " + bytesRead.ToString() + " " + ret.ToString());
if (ret == 0)
{
Marshal.Copy(ptr, buf, 0, bytesRead);
MacOSAPI.vm_deallocate_wrapper(pInfo.Task, (ulong)ptr, (ulong)bytesRead);
}
MacOSAPI.free_wrapper(ptr);
break;
default:
Win32API.ReadProcessMemory((int)pInfo.rsProcessHandle, (int)address, buf, bytes, ref bytesRead);
break;
}
return(buf);
}
/// <summary>
/// Read a number of bytes from a processes memory into given byte array buffer
/// </summary>
/// <param name="processHandle"></param>
/// <param name="address"></param>
/// <param name="bytes"></param>
/// <returns>bytes read</returns>
public static int ReadBytesFromMemory(ProcessInfo pInfo, IntPtr address, int bytes, ref byte[] buffer)
{
int bytesRead = 0;
switch (Environment.OSVersion.Platform)
{
case PlatformID.MacOSX:
case PlatformID.Unix:
IntPtr ptr;
int ret = MacOSAPI.vm_read_wrapper(pInfo.Task, (ulong)address, (ulong)bytes, out ptr, out bytesRead);
if (ret == 0)
{
Marshal.Copy(ptr, buffer, 0, bytesRead);
MacOSAPI.vm_deallocate_wrapper(pInfo.Task, (ulong)ptr, (ulong)bytesRead);
}
break;
default:
Win32API.ReadProcessMemory((int)pInfo.rsProcessHandle, (int)address, buffer, bytes, ref bytesRead);
break;
}
return(bytesRead);
}