Loading...
Searching...
No Matches
introvirt::windows::nt::NtQueryVirtualMemory Class Referenceabstract
Handler class for the NtQueryVirtualMemory system call. More...
#include <NtQueryVirtualMemory.hh>
Inheritance diagram for introvirt::windows::nt::NtQueryVirtualMemory:
Collaboration diagram for introvirt::windows::nt::NtQueryVirtualMemory:
Public Member Functions | |
| virtual uint64_t | ProcessHandle () const =0 |
| Getter for ProcessHandle. | |
| virtual guest_ptr< void > | BaseAddressPtr () const =0 |
| Getter for BaseAddressPtr. | |
| virtual MEMORY_INFORMATION_CLASS | MemoryInformationClass () const =0 |
| Getter for MemoryInformationClass. | |
| virtual guest_ptr< void > | MemoryInformationPtr () const =0 |
| Getter for MemoryInformationPtr. | |
| virtual uint64_t | MemoryInformationLength () const =0 |
| Getter for MemoryInformationLength. | |
| virtual guest_ptr< void > | ResultLengthPtr () const =0 |
| Getter for ResultLengthPtr. | |
| virtual void | ProcessHandle (uint64_t ProcessHandle)=0 |
| Setter for ProcessHandle. | |
| virtual void | BaseAddressPtr (const guest_ptr< void > &pBaseAddress)=0 |
| Setter for BaseAddressPtr. | |
| virtual void | MemoryInformationClass (MEMORY_INFORMATION_CLASS MemoryInformationClass)=0 |
| Setter for MemoryInformationClass. | |
| virtual void | MemoryInformationPtr (const guest_ptr< void > &pMemoryInformation)=0 |
| Setter for MemoryInformationPtr. | |
| virtual void | MemoryInformationLength (uint64_t MemoryInformationLength)=0 |
| Setter for MemoryInformationLength. | |
| virtual void | ResultLengthPtr (const guest_ptr< void > &pResultLength)=0 |
| Setter for ResultLengthPtr. | |
| virtual const MEMORY_INFORMATION * | MemoryInformation () const =0 |
| virtual MEMORY_INFORMATION * | MemoryInformation ()=0 |
| virtual size_t | ResultLength () const =0 |
| virtual void | ResultLength (size_t ResultLength)=0 |
 Public Member Functions inherited from introvirt::windows::nt::NtSystemCall | |
| virtual NTSTATUS | result () const =0 |
| Get the result code. | |
| virtual void | result (NTSTATUS_CODE code)=0 |
| Set the result code. | |
| Public Member Functions inherited from introvirt::windows::WindowsSystemCall | |
| virtual SystemCallIndex | index () const =0 |
| Get the system call number. | |
| Public Member Functions inherited from introvirt::SystemCall | |
| virtual const std::string & | name () const =0 |
| Get the name of the system call. | |
| virtual void | write (std::ostream &os=std::cout) const =0 |
| Write a human-readable description of this system call. | |
| virtual Json::Value | json () const =0 |
| virtual bool | will_return () const =0 |
| virtual void | data (const std::string &key, const std::shared_ptr< void > &value)=0 |
| Store arbitrary data with the SystemCall. | |
| virtual void | data (const std::string &key, std::shared_ptr< void > &&value)=0 |
| Store arbitrary data with the SystemCall. | |
| virtual std::shared_ptr< void > | data (const std::string &key)=0 |
| Retrieve arbitrary data stored with the SystemCall. | |
| virtual std::shared_ptr< const void > | data (const std::string &key) const =0 |
| Retrieve arbitrary data stored with the SystemCall. | |
| virtual bool | supported () const =0 |
| Check if this system call is supported by a more specific handler. | |
| virtual void | handle_return_event (Event &event)=0 |
| Handle a system call return event. | |
| virtual | ~SystemCall ()=default |
| Destroy the instance. | |
Static Public Member Functions | |
| static NTSTATUS | inject (uint64_t ProcessHandle, const guest_ptr< void > &pBaseAddress, MEMORY_INFORMATION_CLASS MemoryInformationClass, const guest_ptr< void > &pMemoryInformation, uint64_t MemoryInformationLength, size_t *ResultLength) |
Detailed Description
Handler class for the NtQueryVirtualMemory system call.
Member Function Documentation
◆ BaseAddressPtr() [1/2]
|
pure virtual |
Getter for BaseAddressPtr.
- Returns
- The address pointed to by the the BaseAddressPtr parameter
◆ BaseAddressPtr() [2/2]
|
pure virtual |
Setter for BaseAddressPtr.
- Parameters
-
pBaseAddress The address to set for the BaseAddressPtr parameter
◆ inject()
|
static |
◆ MemoryInformation() [1/2]
|
pure virtual |
◆ MemoryInformation() [2/2]
|
pure virtual |
◆ MemoryInformationClass() [1/2]
|
pure virtual |
Getter for MemoryInformationClass.
- Returns
- The value of the MemoryInformationClass parameter
◆ MemoryInformationClass() [2/2]
|
pure virtual |
Setter for MemoryInformationClass.
- Parameters
-
MemoryInformationClass The value to set for the MemoryInformationClass parameter
◆ MemoryInformationLength() [1/2]
|
pure virtual |
Getter for MemoryInformationLength.
- Returns
- The value of the MemoryInformationLength parameter
◆ MemoryInformationLength() [2/2]
|
pure virtual |
Setter for MemoryInformationLength.
- Parameters
-
MemoryInformationLength The value to set for the MemoryInformationLength parameter
◆ MemoryInformationPtr() [1/2]
|
pure virtual |
Getter for MemoryInformationPtr.
- Returns
- The address pointed to by the the MemoryInformationPtr parameter
◆ MemoryInformationPtr() [2/2]
|
pure virtual |
Setter for MemoryInformationPtr.
- Parameters
-
pMemoryInformation The address to set for the MemoryInformationPtr parameter
◆ ProcessHandle() [1/2]
|
pure virtual |
Getter for ProcessHandle.
- Returns
- The value of the ProcessHandle parameter
◆ ProcessHandle() [2/2]
|
pure virtual |
Setter for ProcessHandle.
- Parameters
-
ProcessHandle The value to set for the ProcessHandle parameter
◆ ResultLength() [1/2]
|
pure virtual |
◆ ResultLength() [2/2]
|
pure virtual |
◆ ResultLengthPtr() [1/2]
|
pure virtual |
Getter for ResultLengthPtr.
- Returns
- The address pointed to by the the ResultLengthPtr parameter
◆ ResultLengthPtr() [2/2]
|
pure virtual |
Setter for ResultLengthPtr.
- Parameters
-
pResultLength The address to set for the ResultLengthPtr parameter
The documentation for this class was generated from the following file:
- /home/runner/work/IntroVirt/IntroVirt/include/introvirt/windows/kernel/nt/syscall/NtQueryVirtualMemory.hh