Bitdefender Hypervisor Memory Introspection
Data Fields
_IMAGE_SECTION_HEADER Struct Reference

#include <winpe.h>

Data Fields

UINT8 Name [IMAGE_SIZEOF_SHORT_NAME]
 
union {
   UINT32   PhysicalAddress
 
   UINT32   VirtualSize
 
Misc
 
UINT32 VirtualAddress
 
UINT32 SizeOfRawData
 
UINT32 PointerToRawData
 
UINT32 PointerToRelocations
 
UINT32 PointerToLinenumbers
 
UINT16 NumberOfRelocations
 
UINT16 NumberOfLinenumbers
 
UINT32 Characteristics
 

Detailed Description

Definition at line 77 of file winpe.h.

Field Documentation

◆ Characteristics

UINT32 _IMAGE_SECTION_HEADER::Characteristics

Definition at line 92 of file winpe.h.

Referenced by IntExceptGetVictimEpt(), IntExceptWinGetVictimDriver(), IntExceptWinKernelGetOriginator(), IntModBlockHandleBlockModHeadersInMemory(), IntPeFindFunctionStart(), IntPeFindFunctionStartInBuffer(), IntPtiHookPtDriver(), IntPtiIsPtrInAgent(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocWindows(), IntSwapgsStartMitigation(), IntVeEnableDisableDriverAccessInProtectedView(), IntVeHookVeDriver(), IntWinDagentHandleSuspModHeaders(), IntWinDrvHeadersInMemory(), IntWinGuestReadKernel(), IntWinHalReadHal(), IntWinModHookModule(), IntWinModHookPoly(), IntWinStackTraceGet64(), IntWinStackTraceGetUser32(), and IntWinStackTraceGetUser64().

◆ Misc

union { ... } _IMAGE_SECTION_HEADER::Misc

Referenced by IntModBlockHandleBlockModHeadersInMemory(), IntPeFindFunctionByPattern(), IntPeFindFunctionByPatternInBuffer(), IntPeValidateHeader(), IntPtiDeliverDriverForLoad(), IntPtiHookPtDriver(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocWindows(), IntSwapgsStartMitigation(), IntVeEnableDisableDriverAccessInProtectedView(), IntVeHookVeDriver(), IntWinDagentHandleSuspModHeaders(), IntWinDrvHeadersInMemory(), IntWinGuestFindDriversNamespace(), IntWinGuestFindDriversNamespaceNoBuffer(), IntWinGuestFindKernelObjectsInternal(), IntWinGuestReadKernel(), IntWinGuestValidateKernel(), IntWinHalFindHalHeapAndInterruptController(), IntWinHalFindInterruptController(), IntWinHalReadHal(), IntWinModHookModule(), IntWinModHookPoly(), and IntWinNetFindTcpObjects().

◆ Name

UINT8 _IMAGE_SECTION_HEADER::Name[IMAGE_SIZEOF_SHORT_NAME]

Definition at line 79 of file winpe.h.

Referenced by IntExceptGetVictimEpt(), IntExceptWinGetVictimDriver(), IntExceptWinKernelGetOriginator(), IntLdrGetImageSizeAndEntryPoint(), IntModBlockHandleBlockModHeadersInMemory(), IntPeFindFunctionByPattern(), IntPeFindFunctionByPatternInBuffer(), IntPeValidateHeader(), IntPtiHookPtDriver(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocWindows(), IntSwapgsStartMitigation(), IntVeEnableDisableDriverAccessInProtectedView(), IntVeHookVeDriver(), IntWinDagentSendDoubleAgentAlert(), IntWinDrvHeadersInMemory(), IntWinGuestFindKernelObjectsInternal(), IntWinGuestReadKernel(), IntWinHalReadHal(), IntWinModFillDriverInjectionData(), and IntWinModHookModule().

◆ NumberOfLinenumbers

UINT16 _IMAGE_SECTION_HEADER::NumberOfLinenumbers

Definition at line 91 of file winpe.h.

◆ NumberOfRelocations

UINT16 _IMAGE_SECTION_HEADER::NumberOfRelocations

Definition at line 90 of file winpe.h.

◆ PhysicalAddress

UINT32 _IMAGE_SECTION_HEADER::PhysicalAddress

Definition at line 82 of file winpe.h.

◆ PointerToLinenumbers

UINT32 _IMAGE_SECTION_HEADER::PointerToLinenumbers

Definition at line 89 of file winpe.h.

◆ PointerToRawData

UINT32 _IMAGE_SECTION_HEADER::PointerToRawData

Definition at line 87 of file winpe.h.

◆ PointerToRelocations

UINT32 _IMAGE_SECTION_HEADER::PointerToRelocations

Definition at line 88 of file winpe.h.

◆ SizeOfRawData

UINT32 _IMAGE_SECTION_HEADER::SizeOfRawData

Definition at line 86 of file winpe.h.

Referenced by IntPeValidateHeader().

◆ VirtualAddress

UINT32 _IMAGE_SECTION_HEADER::VirtualAddress

Definition at line 85 of file winpe.h.

Referenced by IntLdrGetImageSizeAndEntryPoint(), IntModBlockHandleBlockModHeadersInMemory(), IntPeFindFunctionByPattern(), IntPeFindFunctionByPatternInBuffer(), IntPeFindFunctionStart(), IntPeFindFunctionStartInBuffer(), IntPeGetSectionHeaderByRva(), IntPeValidateHeader(), IntPtiDeliverDriverForLoad(), IntPtiHookPtDriver(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocWindows(), IntSwapgsStartMitigation(), IntVeEnableDisableDriverAccessInProtectedView(), IntVeHookVeDriver(), IntWinDagentHandleSuspModHeaders(), IntWinDrvHeadersInMemory(), IntWinGuestFindDriversNamespace(), IntWinGuestFindDriversNamespaceNoBuffer(), IntWinGuestFindKernelObjectsInternal(), IntWinGuestReadKernel(), IntWinGuestValidateKernel(), IntWinHalFindHalHeapAndInterruptController(), IntWinHalFindInterruptController(), IntWinHalReadHal(), IntWinModHookModule(), IntWinModHookPoly(), and IntWinNetFindTcpObjects().

◆ VirtualSize

UINT32 _IMAGE_SECTION_HEADER::VirtualSize

Definition at line 83 of file winpe.h.

Referenced by IntModBlockHandleBlockModHeadersInMemory(), IntPeFindFunctionByPattern(), IntPeFindFunctionByPatternInBuffer(), IntPeGetSectionHeaderByRva(), IntPeValidateHeader(), IntPtiDeliverDriverForLoad(), IntPtiHookPtDriver(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocWindows(), IntSwapgsStartMitigation(), IntVeEnableDisableDriverAccessInProtectedView(), IntVeHookVeDriver(), IntWinDagentHandleSuspModHeaders(), IntWinDrvHeadersInMemory(), IntWinGuestFindDriversNamespace(), IntWinGuestFindDriversNamespaceNoBuffer(), IntWinGuestFindKernelObjectsInternal(), IntWinGuestReadKernel(), IntWinGuestValidateKernel(), IntWinHalFindHalHeapAndInterruptController(), IntWinHalFindInterruptController(), IntWinHalReadHal(), IntWinModHookModule(), IntWinModHookPoly(), and IntWinNetFindTcpObjects().

The documentation for this struct was generated from the following file: