Bitdefender Hypervisor Memory Introspection
|
Exposes the function used to perform initialization checks on Windows processes. More...
#include "exceptions.h"
Go to the source code of this file.
Functions | |
INTSTATUS | IntWinUmCheckInitializationInjection (PEXCEPTION_VICTIM_ZONE Victim, PEXCEPTION_UM_ORIGINATOR Originator) |
This function is used by the exception mechanism in order to verify the initialization state of a process (during initialization some legitimate injections take place and have to be excepted). More... | |
Exposes the function used to perform initialization checks on Windows processes.
Definition in file winuser_checks.h.
INTSTATUS IntWinUmCheckInitializationInjection | ( | PEXCEPTION_VICTIM_ZONE | Victim, |
PEXCEPTION_UM_ORIGINATOR | Originator | ||
) |
This function is used by the exception mechanism in order to verify the initialization state of a process (during initialization some legitimate injections take place and have to be excepted).
[in] | Victim | The victim object. |
[in] | Originator | The originator object. |
INT_STATUS_EXCEPTION_CHECKS_OK | On success. |
INT_STATUS_INVALID_PARAMETER_1 | The Victim is NULL. |
INT_STATUS_INVALID_PARAMETER_2 | The Originator is NULL. |
INT_STATUS_INVALID_INTERNAL_STATE | The Victim object must contain a process (EXCEPTION_VICTIM_ZONE.Object). |
INT_STATUS_EXCEPTION_CHECKS_FAILED | If the given process did not start initializing (WIN_PROCESS_OBJECT.StartInitializing is not set) or the process is fully initialized (WIN_PROCESS_OBJECT.Initialized and WIN_PROCESS_OBJECT.LastPebWriteDone are both set). |
Definition at line 260 of file winuser_checks.c.
Referenced by IntExceptUserVerifyExtra(), and IntExceptUserVerifyExtraGlobMatch().