internal IntPtr AllocateBuffer(int bufferSize)
{
var buffer = _processContext.CallRoutine <IntPtr>(_processContext.GetFunctionAddress("kernel32.dll", "HeapAlloc"), _heapAddress, HeapAllocationType.ZeroMemory, bufferSize);
if (buffer == IntPtr.Zero)
{
throw new ApplicationException("Failed to allocate a buffer in the process heap");
}
_bufferCache.Add(buffer);
return(buffer);
}
private void CallInitialisationRoutines(DllReason reason)
{
// Call the entry point of any TLS callbacks
foreach (var callbackAddress in _peImage.TlsDirectory.GetTlsCallbacks().Select(callBack => DllBaseAddress + callBack.RelativeAddress))
{
_processContext.CallRoutine(callbackAddress, DllBaseAddress, reason, 0);
}
if (_peImage.Headers.PEHeader !.AddressOfEntryPoint == 0)
{
return;
}
// Call the entry point of the DLL
var entryPointAddress = DllBaseAddress + _peImage.Headers.PEHeader !.AddressOfEntryPoint;
if (!_processContext.CallRoutine <bool>(entryPointAddress, DllBaseAddress, reason, 0))
{
throw new ApplicationException($"Failed to call the entry point of the DLL with {reason:G}");
}
}
internal SafePebLock(ProcessContext processContext)
{
_processContext = processContext;
processContext.CallRoutine(processContext.GetFunctionAddress("ntdll.dll", "RtlAcquirePebLock"));
}
public void Dispose()
{
Executor.IgnoreExceptions(() => _processContext.CallRoutine(_processContext.GetFunctionAddress("ntdll.dll", "RtlReleasePebLock")));
}
public void Dispose()
{
_processContext.CallRoutine(_processContext.GetFunctionAddress("ntdll.dll", "RtlReleasePebLock"));
}
