/// <summary>
/// Initialises an instances of the <see cref="LibraryMapper"/> class with the functionality to map a DLL from disk into a process
/// </summary>
public LibraryMapper(Process process, string dllFilePath, MappingFlags mappingFlags = MappingFlags.None)
{
if (process is null || process.HasExited)
{
throw new ArgumentException("The provided process is not currently running");
}
if (string.IsNullOrWhiteSpace(dllFilePath) || !File.Exists(dllFilePath))
{
throw new ArgumentException("The provided file path did not point to a valid file");
}
if (!Environment.Is64BitProcess && process.GetArchitecture() == Architecture.X64)
{
throw new NotSupportedException("The provided process cannot be mapped into from an x86 build");
}
_dllBytes = File.ReadAllBytes(dllFilePath);
_fileResolver = new FileResolver(process, Path.GetDirectoryName(dllFilePath));
_mappingFlags = mappingFlags;
_peImage = new PeImage(_dllBytes.ToArray());
_processContext = new ProcessContext(process);
}
/// <summary>
/// Initialises an instances of the <see cref="LibraryMapper"/> class with the functionality to map a DLL from memory into a process
/// </summary>
public LibraryMapper(Process process, Memory <byte> dllBytes, MappingFlags mappingFlags = MappingFlags.None)
{
if (process is null || process.HasExited)
{
throw new ArgumentException("The provided process is not currently running");
}
if (dllBytes.IsEmpty)
{
throw new ArgumentException("The provided DLL bytes were empty");
}
if (!Environment.Is64BitProcess && process.GetArchitecture() == Architecture.X64)
{
throw new NotSupportedException("The provided process cannot be mapped into from an x86 build");
}
_dllBytes = dllBytes.ToArray();
_fileResolver = new FileResolver(process, null);
_mappingFlags = mappingFlags;
_peImage = new PeImage(dllBytes);
_processContext = new ProcessContext(process);
}
/// <summary>
/// Provides the functionality to map a DLL from disk into a process
/// </summary>
public LibraryMapper(Process process, string dllFilePath, MappingFlags mappingFlags = MappingFlags.None)
{
if (process is null || process.HasExited)
{
throw new ArgumentException("The provided process is not currently running");
}
if (string.IsNullOrWhiteSpace(dllFilePath) || !File.Exists(dllFilePath))
{
throw new ArgumentException("The provided DLL file path did not point to a valid file");
}
EnterDebugMode();
_dllBlock = File.ReadAllBytes(dllFilePath);
_mappingFlags = mappingFlags;
_pdbParser = new PdbParser(ResolveNtdllFilePath(process), "LdrpInvertedFunctionTable");
_peImage = new PeImage(_dllBlock.ToArray());
_processManager = new ProcessManager(process);
}
/// <summary>
/// Provides the functionality to map a DLL from memory into a process
/// </summary>
public LibraryMapper(Process process, Memory <byte> dllBlock, MappingFlags mappingFlags = MappingFlags.None)
{
if (process is null || process.HasExited)
{
throw new ArgumentException("The provided process is not currently running");
}
if (dllBlock.IsEmpty)
{
throw new ArgumentException("The provided DLL buffer was empty");
}
EnterDebugMode();
_dllBlock = dllBlock.ToArray();
_mappingFlags = mappingFlags;
_pdbParser = new PdbParser(ResolveNtdllFilePath(process), "LdrpInvertedFunctionTable");
_peImage = new PeImage(dllBlock);
_processManager = new ProcessManager(process);
}