private SuspendedProcess(Win32ProcessInformation processInformation, bool resumeOnDispose)
{
this.IsSuspended = true; // Suspended by default
this.processHandle = new Win32ProcessSafeHandle(processInformation.ProcessHandle);
this.threadHandle = new Win32ThreadSafeHandle(processInformation.ThreadHandle);
this.ProcessId = processInformation.ProcessId;
this.ThreadId = processInformation.ThreadId;
this.resumeOnDispose = resumeOnDispose;
}
public static extern bool WriteProcessMemory(Win32ProcessSafeHandle processHandle,
IntPtr baseAddress,
byte[] buffer,
int count,
out int numberOfBytesWritten);
public ProcessMemoryStream(int processId, ProcessAccess desiredAccess = ProcessAccess.ReadWrite, int bufferSize = 4096, bool leaveOpen = false)
{
if (processId < 0)
throw new ArgumentOutOfRangeException("Process ID must be a positive value");
if (bufferSize < 1)
throw new ArgumentOutOfRangeException("Buffer size must be at least 1 byte");
var win32Flags = Win32ProcessAccess.VmOperation;
// If read mode was requested, bitwise OR the flag
if (desiredAccess.HasFlag(ProcessAccess.Read))
win32Flags |= Win32ProcessAccess.VmRead;
// If write mode was requested, bitwise OR the flag
if (desiredAccess.HasFlag(ProcessAccess.Write))
win32Flags |= Win32ProcessAccess.VmWrite;
// Open the process and check if the handle is valid
this.processAccess = desiredAccess;
this.processHandle = NativeMethods.OpenProcess(win32Flags, false, processId);
this.leaveOpen = leaveOpen;
// Check if handle is valid
if (this.processHandle.IsInvalid)
{
var errorCode = NativeMethods.GetLastError();
throw new IOException("Unable to open process", errorCode);
}
// Allocate read and write buffers
this.readBuffer = new byte[bufferSize];
this.writeBuffer = new byte[bufferSize];
}
public static extern bool WriteProcessMemory(Win32ProcessSafeHandle processHandle,
IntPtr baseAddress,
byte[] buffer,
int count,
out int numberOfBytesWritten);
