public static NTSTATUS NtFreeVirtualMemory10(IntPtr hProcess, ref IntPtr BaseAddress, ref uint RegionSize, ulong FreeType)
{
byte[] syscall = bNtFreeVirtualMemory10;
GCHandle pinnedArray = GCHandle.Alloc(syscall, GCHandleType.Pinned);
IntPtr memoryAddress = pinnedArray.AddrOfPinnedObject();
if (!Natives.VirtualProtect(memoryAddress,
(UIntPtr)syscall.Length, memoryPtrotection, out uint oldprotect))
{
throw new Win32Exception();
}
Delegates.NtFreeVirtualMemory myAssemblyFunction = (Delegates.NtFreeVirtualMemory)Marshal.GetDelegateForFunctionPointer(memoryAddress, typeof(Delegates.NtFreeVirtualMemory));
return((NTSTATUS)myAssemblyFunction(hProcess, ref BaseAddress, ref RegionSize, FreeType));
}
public static NTSTATUS NtFreeVirtualMemory10(IntPtr hProcess, ref IntPtr BaseAddress, ref uint RegionSize, ulong FreeType)
{
byte[] syscall = bNtFreeVirtualMemory10;
unsafe
{
fixed(byte *ptr = syscall)
{
IntPtr memoryAddress = (IntPtr)ptr;
if (!VirtualProtectEx(Process.GetCurrentProcess().Handle, memoryAddress,
(UIntPtr)syscall.Length, 0x40, out uint oldprotect))
{
throw new Win32Exception();
}
Delegates.NtFreeVirtualMemory myAssemblyFunction = (Delegates.NtFreeVirtualMemory)Marshal.GetDelegateForFunctionPointer(memoryAddress, typeof(Delegates.NtFreeVirtualMemory));
return((NTSTATUS)myAssemblyFunction(hProcess, ref BaseAddress, ref RegionSize, FreeType));
}
}
}
