Bitdefender Hypervisor Memory Introspection
|
#include "introtypes.h"
Go to the source code of this file.
Data Structures | |
struct | _PATTERN_SIGNATURE |
Describes a signature that can be used for searching or matching guest contents. More... | |
Macros | |
#define | SIG_MAX_PATTERN 128u |
The maximum size of a pattern. More... | |
#define | SIG_NOT_FOUND 0xFFFFFFFF |
Signals that a signature was not matched. More... | |
#define | SIG_FOUND 0 |
Signals that a signature matched. More... | |
Typedefs | |
typedef struct _PATTERN_SIGNATURE | PATTERN_SIGNATURE |
Describes a signature that can be used for searching or matching guest contents. More... | |
typedef struct _PATTERN_SIGNATURE * | PPATTERN_SIGNATURE |
Functions | |
DWORD | IntPatternMatch (const BYTE *Buffer, DWORD SigCount, const PATTERN_SIGNATURE *Sigs) |
Matches one of the given signatures on the given buffer. More... | |
DWORD | IntPatternMatchAllOffsets (const BYTE *Buffer, const DWORD BufferSize, DWORD SigCount, const PATTERN_SIGNATURE *Sigs) |
Matches one of the given signatures on the given buffer at any offset inside the given buffer. More... | |
#define SIG_FOUND 0 |
Signals that a signature matched.
Definition at line 15 of file patsig.h.
Referenced by IntExceptExtendedPatternMatch().
#define SIG_MAX_PATTERN 128u |
The maximum size of a pattern.
Definition at line 11 of file patsig.h.
Referenced by IntCamiLoadWindows(), and IntGuestDetectOsSysCall().
#define SIG_NOT_FOUND 0xFFFFFFFF |
Signals that a signature was not matched.
Definition at line 13 of file patsig.h.
Referenced by IntExceptExtendedPatternMatch(), IntExceptVerifyValueCodeSig(), IntLixGuestFindKernelBase(), IntPatternMatch(), and IntPatternMatchAllOffsets().
typedef struct _PATTERN_SIGNATURE PATTERN_SIGNATURE |
Describes a signature that can be used for searching or matching guest contents.
typedef struct _PATTERN_SIGNATURE * PPATTERN_SIGNATURE |
DWORD IntPatternMatch | ( | const BYTE * | Buffer, |
DWORD | SigCount, | ||
const PATTERN_SIGNATURE * | Sigs | ||
) |
Matches one of the given signatures on the given buffer.
[in] | Buffer | The buffer to be checked. The caller must ensure that the buffer is large enough to properly check all the signatures. |
[in] | SigCount | The number of entries in the Sigs array. |
[in] | Sigs | The array of signatures to check. |
Definition at line 9 of file patsig.c.
Referenced by IntLixGuestFindKernelBase(), and IntPatternMatchAllOffsets().
DWORD IntPatternMatchAllOffsets | ( | const BYTE * | Buffer, |
const DWORD | BufferSize, | ||
DWORD | SigCount, | ||
const PATTERN_SIGNATURE * | Sigs | ||
) |
Matches one of the given signatures on the given buffer at any offset inside the given buffer.
[in] | Buffer | The buffer to be checked. |
[in] | BufferSize | The size of the buffer. |
[in] | SigCount | The number of entries in the Sigs array. |
[in] | Sigs | The array of signatures to check. |