- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include "introcore.h"Go to the source code of this file.
Data Structures | |
| struct | _INT_STRUCT_INVARIANT |
Macros | |
| #define | INT_OFFSET_NOT_INITIALIZED ((size_t) -1) |
| Specifies that an offset value is yet to be searched for. More... | |
| #define | INT_STRUCT_MAX_SEARCH_SIZE ((size_t) PAGE_SIZE) |
| Maximum size of a buffer in which to search for fields/structures. More... | |
| #define | INT_STRUCT_MAX_INVARIANT_CNT ((size_t) 64) |
| Upper limit of the number of invariants to be applied to a bufffer. More... | |
Typedefs | |
| typedef INTSTATUS(* | PFUNC_IntStructGetter) (const void *Buffer, size_t Size, size_t *Offset, void *Context) |
| Structure getter callback. More... | |
| typedef struct _INT_STRUCT_INVARIANT | INT_STRUCT_INVARIANT |
Functions | |
| INTSTATUS | IntStructFill (const void *Buffer, size_t Size, INT_STRUCT_INVARIANT *Invariants, size_t Count, BOOLEAN LogErrors, void *Context) |
| Fill an internal structure with information gathered from the guest by applying a list of invariants on buffer. More... | |
| #define INT_OFFSET_NOT_INITIALIZED ((size_t) -1) |
Specifies that an offset value is yet to be searched for.
Definition at line 50 of file structs.h.
Referenced by IntStructFill(), IntWinNetGetTcpEndpoint(), and IntWinNetGetTcpListener().
| #define INT_STRUCT_MAX_INVARIANT_CNT ((size_t) 64) |
Upper limit of the number of invariants to be applied to a bufffer.
Definition at line 56 of file structs.h.
Referenced by IntStructFill(), and IntWinNetFillTcpStruct().
| #define INT_STRUCT_MAX_SEARCH_SIZE ((size_t) PAGE_SIZE) |
Maximum size of a buffer in which to search for fields/structures.
Definition at line 53 of file structs.h.
Referenced by IntStructFill().
| typedef struct _INT_STRUCT_INVARIANT INT_STRUCT_INVARIANT |
Describe an invariant with which a guest structure/field is extracted from the guest
| typedef INTSTATUS(* PFUNC_IntStructGetter) (const void *Buffer, size_t Size, size_t *Offset, void *Context) |
Structure getter callback.
Structure getter callback. Will be called on each offset inside a map in order to fill an internal structure with elements from a guest structure. Responsible for incrementing the offsets with which the guest structure is iterated and performing any sanity checks.
| [in] | Buffer | Buffer in which the search is performed. |
| [in] | Size | The size of the buffer. |
| [in,out] | Offset | Offset in the buffer where the current search is begin performed. The callback should increment this offset accordingly. |
| [in,out] | Context | Context given by the caller, can be anything. |
| INTSTATUS IntStructFill | ( | const void * | Buffer, |
| size_t | Size, | ||
| INT_STRUCT_INVARIANT * | Invariants, | ||
| size_t | Count, | ||
| BOOLEAN | LogErrors, | ||
| void * | Context | ||
| ) |
Fill an internal structure with information gathered from the guest by applying a list of invariants on buffer.
Will simply iterate through the buffer, letting the invariants increment the offsets where they are applied and set each invariants' known offset to the one where it was successful, then go to the next one.
| [in] | Buffer | The buffer in which to perform the search. |
| [in] | Size | The size of the buffer. |
| [in,out] | Invariants | List of invariants that are to be applied on the buffer. |
| [in] | Count | The number of invariants to be applied. |
| [in] | LogErrors | Set to TRUE if this function should log any errors on failure. |
| [in,out] | Context | Context to be given to each invariant callback, can be anything. |
Definition at line 8 of file structs.c.
Referenced by IntWinNetFillTcpStruct().
1.8.13