#include "exceptions.h"

Data Structures
struct	_ALERT_CB_SIGNATURE

struct	_ALERT_IDT_SIGNATURE
	Describes an idt alert-signature. More...

struct	_ALERT_EXPORT_SIGNATURE

struct	_ALERT_PROCESS_CREATION_SIGNATURE
	Describe a process-creation alert-signature. More...

struct	_ALERT_KM_EXCEPTION
	Describes a kernel-mode alert-exception. More...

struct	_ALERT_KUM_EXCEPTION
	Describes a kernel-mode alert-exception. More...

struct	_ALERT_UM_EXCEPTION
	Describes a user-mode alert-exception. More...

Macros
#define	ALERT_HASH_COUNT 6u

#define	ALERT_CB_SIGNATURE_VERSION 1

#define	ALERT_IDT_SIGNATURE_VERSION 1

#define	ALERT_EXPORT_SIGNATURE_VERSION 1

#define	ALERT_PROCESS_CREATION_SIGNATURE_VERSION 1

#define	ALERT_KM_EXCEPTION_VERSION 1

#define	ALERT_KUM_EXCEPTION_VERSION 1

#define	ALERT_UM_EXCEPTION_VERSION 1

Typedefs
typedef struct _ALERT_CB_SIGNATURE	ALERT_CB_SIGNATURE

typedef struct _ALERT_IDT_SIGNATURE	ALERT_IDT_SIGNATURE
	Describes an idt alert-signature. More...

typedef struct _ALERT_EXPORT_SIGNATURE	ALERT_EXPORT_SIGNATURE

typedef struct _ALERT_PROCESS_CREATION_SIGNATURE	ALERT_PROCESS_CREATION_SIGNATURE
	Describe a process-creation alert-signature. More...

typedef struct _ALERT_KM_EXCEPTION	ALERT_KM_EXCEPTION
	Describes a kernel-mode alert-exception. More...

typedef struct _ALERT_KUM_EXCEPTION	ALERT_KUM_EXCEPTION
	Describes a kernel-mode alert-exception. More...

typedef struct _ALERT_UM_EXCEPTION	ALERT_UM_EXCEPTION
	Describes a user-mode alert-exception. More...

Functions
	STATIC_ASSERT (sizeof(ALERT_KM_EXCEPTION)<=ALERT_EXCEPTION_SIZE, "The ALERT_KM_EXCEPTION structure exceeds ALERT_EXCEPTION_SIZE, possible buffer overflow!")

	STATIC_ASSERT (sizeof(ALERT_UM_EXCEPTION)<=ALERT_EXCEPTION_SIZE, "The ALERT_UM_EXCEPTION structure exceeds ALERT_EXCEPTION_SIZE, possible buffer overflow!")

INTSTATUS	IntAlertCreateException (const void Event, INTRO_EVENT_TYPE Type, BOOLEAN LogErrors, void Exception)
	This function will dispatch the exception creation to the appropriate function, depending on the event type. More...

INTSTATUS	IntAlertCreateExceptionInEvent (void *Event, INTRO_EVENT_TYPE Type)
	This function creates an alert-exception for each alert sent to the integrator. More...

BOOLEAN	IntAlertIsEventTypeViolation (INTRO_EVENT_TYPE Type)

Macro Definition Documentation

◆ ALERT_CB_SIGNATURE_VERSION

#define ALERT_CB_SIGNATURE_VERSION 1

Definition at line 19 of file alert_exceptions.h.

Referenced by IntAlertCreateCbSignature(), and IntUpdateCreateCbSignatureFromAlert().

◆ ALERT_EXPORT_SIGNATURE_VERSION

#define ALERT_EXPORT_SIGNATURE_VERSION 1

Definition at line 54 of file alert_exceptions.h.

Referenced by IntAlertCreateExportSignature(), and IntUpdateCreateExportSignatureFromAlert().

◆ ALERT_HASH_COUNT

#define ALERT_HASH_COUNT 6u

Definition at line 17 of file alert_exceptions.h.

Referenced by IntAlertCreateCbSignature(), and IntUpdateCreateCbSignatureFromAlert().

◆ ALERT_IDT_SIGNATURE_VERSION

#define ALERT_IDT_SIGNATURE_VERSION 1

Definition at line 37 of file alert_exceptions.h.

Referenced by IntAlertCreateIdtSignature(), and IntUpdateCreateIdtSignatureFromAlert().

◆ ALERT_KM_EXCEPTION_VERSION

#define ALERT_KM_EXCEPTION_VERSION 1

Definition at line 91 of file alert_exceptions.h.

Referenced by IntAlertCreateException(), IntUpdateAddKmException(), and IntUpdateAddKmUmException().

◆ ALERT_KUM_EXCEPTION_VERSION

#define ALERT_KUM_EXCEPTION_VERSION 1

Definition at line 112 of file alert_exceptions.h.

Referenced by IntAlertCreateException().

◆ ALERT_PROCESS_CREATION_SIGNATURE_VERSION

#define ALERT_PROCESS_CREATION_SIGNATURE_VERSION 1

Definition at line 73 of file alert_exceptions.h.

Referenced by IntAlertCreateProcessCreationSignature(), and IntUpdateCreateProcessCreationSignatureFromAlert().

◆ ALERT_UM_EXCEPTION_VERSION

#define ALERT_UM_EXCEPTION_VERSION 1

Definition at line 135 of file alert_exceptions.h.

Referenced by IntAlertCreateException(), and IntUpdateAddUmException().

Typedef Documentation

◆ ALERT_CB_SIGNATURE

typedef struct _ALERT_CB_SIGNATURE ALERT_CB_SIGNATURE

◆ ALERT_EXPORT_SIGNATURE

typedef struct _ALERT_EXPORT_SIGNATURE ALERT_EXPORT_SIGNATURE

◆ ALERT_IDT_SIGNATURE

typedef struct _ALERT_IDT_SIGNATURE ALERT_IDT_SIGNATURE

Describes an idt alert-signature.

◆ ALERT_KM_EXCEPTION

typedef struct _ALERT_KM_EXCEPTION ALERT_KM_EXCEPTION

Describes a kernel-mode alert-exception.

◆ ALERT_KUM_EXCEPTION

typedef struct _ALERT_KUM_EXCEPTION ALERT_KUM_EXCEPTION

Describes a kernel-mode alert-exception.

◆ ALERT_PROCESS_CREATION_SIGNATURE

typedef struct _ALERT_PROCESS_CREATION_SIGNATURE ALERT_PROCESS_CREATION_SIGNATURE

Describe a process-creation alert-signature.

◆ ALERT_UM_EXCEPTION

typedef struct _ALERT_UM_EXCEPTION ALERT_UM_EXCEPTION

Describes a user-mode alert-exception.

Function Documentation

◆ IntAlertCreateException()

INTSTATUS IntAlertCreateException	(	const void *	Event,
		INTRO_EVENT_TYPE	Type,
		BOOLEAN	LogErrors,
		void *	Exception
	)

This function will dispatch the exception creation to the appropriate function, depending on the event type.

Parameters

[in]	Event	The event structure for process-creation violation.
[in]	Type	The type of the event.
[in]	LogErrors	True if the function should log errors, otherwise False.
[in,out]	Exception	A raw buffer to store the alert-exception.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_NOT_SUPPORTED	If the provided type is not supported.

Definition at line 1430 of file alert_exceptions.c.

Referenced by IntAlertCreateExceptionInEvent(), and IntUpdateAddExceptionFromAlert().

◆ IntAlertCreateExceptionInEvent()

INTSTATUS IntAlertCreateExceptionInEvent	(	void *	Event,
		INTRO_EVENT_TYPE	Type
	)

This function creates an alert-exception for each alert sent to the integrator.