C# (CSharp) CONTEXT_X86示例

编程语言: C# (CSharp)

类/类型: CONTEXT_X86

hotexamples.com的示例: 4

C# (CSharp) CONTEXT_X86 - 已找到4个示例。这些是从开源项目中提取的最受好评的CONTEXT_X86现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

文件： ThreadContext.cs 项目： leculver/WinDbgCs

        /// <summary>
        /// Reads the X86 structure.
        /// </summary>
        /// <param name="pointer">The pointer.</param>
        private static ThreadContext ReadX86Structure(IntPtr pointer)
        {
            CONTEXT_X86 structure = (CONTEXT_X86)Marshal.PtrToStructure(pointer, typeof(CONTEXT_X86));

            return(new ThreadContext()
            {
                InstructionPointer = structure.Eip,
                StackPointer = structure.Esp,
                FramePointer = structure.Ebp,
                Bytes = ReadBytes(pointer, typeof(CONTEXT_X86)),
            });
        }

示例#2

显示文件

        internal static nuint GetInstructionPointer(Win32Thread thread)
        {
            var arch = RuntimeInformation.ProcessArchitecture;

            unsafe
            {
                if (arch == Architecture.X86)
                {
                    var context = new CONTEXT_X86();
                    context.ContextFlags = CONTEXT_CONTROL;
                    var success = GetThreadContext_X86(thread.Handle, &context);
                    ErrorOnFalse(success);
                    return(context.Eip);
                }
                else
                {
                    throw new NotImplementedException($"Architecture {arch} does not support thread context querying");
                }
            }
        }

示例#3

显示文件

        private static void ModifyThreadContext(IntPtr threadHandle, int?instructionPointerOffset, bool?trapFlag)
        {
            var arch = RuntimeInformation.ProcessArchitecture;

            unsafe
            {
                if (arch == Architecture.X86)
                {
                    var context = new CONTEXT_X86();
                    context.ContextFlags = CONTEXT_CONTROL;
                    var success = GetThreadContext_X86(threadHandle, &context);
                    ErrorOnFalse(success);
                    if (instructionPointerOffset != null)
                    {
                        context.Eip = (uint)((int)context.Eip + instructionPointerOffset.Value);
                    }
                    if (trapFlag != null)
                    {
                        if (trapFlag.Value)
                        {
                            context.EFlags |= TRAP_FLAG_X86;
                        }
                        else
                        {
                            context.EFlags &= ~TRAP_FLAG_X86;
                        }
                    }
                    success = SetThreadContext_X86(threadHandle, &context);
                    ErrorOnFalse(success);
                }
                else
                {
                    throw new NotImplementedException($"Architecture {arch} does not support thread context modification");
                }
            }
        }

示例#4

显示文件

        /// <summary>
        /// Reads the X86 structure.
        /// </summary>
        /// <param name="pointer">The pointer.</param>
        private static ThreadContext ReadX86Structure(IntPtr pointer)
        {
            CONTEXT_X86 structure = (CONTEXT_X86)Marshal.PtrToStructure(pointer, typeof(CONTEXT_X86));

            return(new WindowsThreadContext(structure.Eip, structure.Esp, structure.Ebp, ReadBytes(pointer, typeof(CONTEXT_X86))));
        }