internal IntPtr Invoke(SafeProcessHandle processHandle, Enumerations.ProcessInformationClass processInformationClass)
{
// Initialise a buffer to store the returned process information structure
var bufferSize = processInformationClass == Enumerations.ProcessInformationClass.BasicInformation ? Marshal.SizeOf <Structures.ProcessBasicInformation>() : sizeof(ulong);
var processInformationBuffer = LocalMemoryTools.AllocateMemoryForBuffer(bufferSize);
// Perform the syscall
var syscallResult = _ntQueryInformationProcessDelegate(processHandle, processInformationClass, processInformationBuffer, (ulong)bufferSize, IntPtr.Zero);
if (syscallResult != Enumerations.NtStatus.Success)
{
ExceptionHandler.ThrowWin32Exception("Failed to query the information of the target process", syscallResult);
}
return(processInformationBuffer);
}
internal static extern Enumerations.NtStatus NtQueryInformationProcess(SafeProcessHandle processHandle, Enumerations.ProcessInformationClass processInformationClass, IntPtr processInformationBuffer, int bufferSize, out int returnLength);
