public static ThreadBasicInformation NtQueryInformationThread(SafeMemoryHandle threadHandle)
{
var info = new ThreadBasicInformation();
var ret = NativeMethods.NtQueryInformationThread(threadHandle, 0, ref info, MarshalType <ThreadBasicInformation> .Size, IntPtr.Zero);
if (ret == 0)
{
return(info);
}
throw new Win32Exception();
}
/// <summary>
/// Gets the thread's basic information.
/// </summary>
/// <returns>A THREAD_BASIC_INFORMATION structure.</returns>
public ThreadBasicInformation GetBasicInformation()
{
NtStatus status;
ThreadBasicInformation basicInfo = new ThreadBasicInformation();
int retLen;
if ((status = Win32.NtQueryInformationThread(this, ThreadInformationClass.ThreadBasicInformation,
ref basicInfo, Marshal.SizeOf(basicInfo), out retLen)) >= NtStatus.Error)
{
Win32.Throw(status);
}
return(basicInfo);
}
/// <summary>
/// Gets the thread's basic information.
/// </summary>
/// <returns>A THREAD_BASIC_INFORMATION structure.</returns>
public ThreadBasicInformation GetBasicInformation()
{
ThreadBasicInformation basicInfo = new ThreadBasicInformation();
int retLen;
Win32.NtQueryInformationThread(
this,
ThreadInformationClass.ThreadBasicInformation,
ref basicInfo,
ThreadBasicInformation.SizeOf,
out retLen
).ThrowIf();
return(basicInfo);
}
/// <summary>
/// Retrieves information about the specified thread.
/// </summary>
/// <param name="threadHandle">A handle to the thread to query.</param>
/// <returns>A <see cref="ThreadBasicInformation"/> structure containg thread information.</returns>
public static ThreadBasicInformation NtQueryInformationThread(SafeMemoryHandle threadHandle)
{
// Check if the handle is valid
HandleManipulator.ValidateAsArgument(threadHandle, "threadHandle");
// Create a structure to store thread info
var info = new ThreadBasicInformation();
// Get the thread info
var ret = NativeMethods.NtQueryInformationThread(threadHandle, 0, ref info, MarshalType <ThreadBasicInformation> .Size, IntPtr.Zero);
// If the function succeeded
if (ret == 0)
{
return(info);
}
// Else, couldn't get the thread info, throws an exception
throw new ApplicationException(string.Format("Couldn't get the information from the thread, error code '{0}'.", ret));
}
/// <summary>
/// Retrieves information about the specified thread.
/// </summary>
/// <param name="threadHandle">A handle to the thread to query.</param>
/// <returns>A <see cref="ThreadBasicInformation"/> structure containing thread information.</returns>
public static unsafe ThreadBasicInformation NtQueryInformationThread(SafeMemoryHandle threadHandle)
{
// Check if the handle is valid
HandleManipulator.ValidateAsArgument(threadHandle, "threadHandle");
// Create a structure to store thread info
var info = new ThreadBasicInformation();
// Get the thread info
void *infoPtr = &info; // info is already fixed
var ret = NativeMethods.NtQueryInformationThread(threadHandle, ThreadInformationClass.ThreadBasicInformation,
infoPtr, MarshalType <ThreadBasicInformation> .SizeAsPointer, out var returnLength);
// If the function succeeded
if (ret == 0)
{
return(info);
}
// Else, couldn't get the thread info, throws an exception
throw new ApplicationException($"The thread information cannot be queried; error code '{ret}'.");
}
public RemoteThread Create(IntPtr address, dynamic parameter, bool isStarted = true)
{
var marshalledParameter = MarshalValue.Marshal(m_Process, parameter);
ThreadBasicInformation tbi = ThreadHelper.NtQueryInformationThread(
ThreadHelper.CreateRemoteThread(m_Process.Handle, address, marshalledParameter.Reference, ThreadCreationFlags.Suspended)
);
ProcessThread nativeThread;
do
{
nativeThread = m_Process.Threads.NativeThreads.FirstOrDefault(t => t.Id == tbi.ThreadId.ToInt64());
} while (nativeThread == null);
var result = new RemoteThread(m_Process, nativeThread, marshalledParameter);
if (isStarted)
{
result.Resume();
}
return(result);
}
/// <summary>
/// Retrieves information about the specified thread.
/// </summary>
/// <param name="threadHandle">A handle to the thread to query.</param>
/// <returns>A <see cref="ThreadBasicInformation" /> structure containg thread information.</returns>
public static ThreadBasicInformation NtQueryInformationThread(SafeMemoryHandle threadHandle)
{
// Check if the handle is valid
HandleManipulationHelper.ValidateAsArgument(threadHandle, "threadHandle");
// Create a structure to store thread info
var info = new ThreadBasicInformation();
// Get the thread info
var ret = NativeMethods.NtQueryInformationThread(threadHandle, 0, ref info,
MarshalType<ThreadBasicInformation>.Size, IntPtr.Zero);
// If the function succeeded
if (ret == 0)
return info;
// Else, couldn't get the thread info, throws an exception
throw new ApplicationException($"Couldn't get the information from the thread, error code '{ret}'.");
}
public static extern uint NtQueryInformationThread(SafeMemoryHandle hwnd, uint infoclass,
ref ThreadBasicInformation threadinfo, int length, IntPtr bytesread);
public static extern uint NtQueryInformationThread(SafeMemoryHandle hwnd, uint infoclass,
ref ThreadBasicInformation threadinfo, int length, IntPtr bytesread);
public static extern NtStatus NtQueryInformationThread(
[In] IntPtr ThreadHandle,
[In] ThreadInformationClass ThreadInformationClass,
ref ThreadBasicInformation ThreadInformation,
[In] int ThreadInformationLength,
[Out] [Optional] out int ReturnLength
);
