19 bool is_padding(
const BYTE* cave_ptr,
size_t cave_size,
const BYTE padding_char);
42 template <
typename INT_TYPE>
45 if (unit == 0)
return size;
47 INT_TYPE rem = size % unit;
48 if (rem == 0)
return size;
50 const INT_TYPE addend = unit - rem;
51 if (size > (std::numeric_limits<INT_TYPE>::max)() - addend) {
60 template <
typename CHAR_T>
61 bool is_valid_string(LPVOID modulePtr,
const size_t moduleSize,
const CHAR_T* name_ptr,
const size_t max_len = 260)
63 bool is_terminated =
false;
65 for (; i < max_len; i++) {
69 if (name_ptr[i] == 0) {
74 return is_terminated && (i != 0);
77 template <
typename CHAR_T>
80 if (c1 <= CHAR_T(
'Z') && c1 >= CHAR_T(
'A')) {
81 c1 = (c1 - CHAR_T(
'A')) + CHAR_T(
'a');
Functions related to operations on files. Wrappers for read/write.
DWORD get_process_id(HANDLE hProcess)
bool is_valid_string(LPVOID modulePtr, const size_t moduleSize, const CHAR_T *name_ptr, const size_t max_len=260)
bool is_mem_accessible(LPCVOID areaStart, SIZE_T areaSize, DWORD accessRights)
CHAR_T to_lowercase(CHAR_T c1)
bool validate_ptr(IN const void *buffer_bgn, IN size_t buffer_size, IN const void *field_bgn, IN size_t field_size)
bool is_padding(const BYTE *cave_ptr, size_t cave_size, const BYTE padding_char)
INT_TYPE round_up_to_unit(const INT_TYPE size, const INT_TYPE unit)
bool is_bad_read_ptr(LPCVOID areaStart, SIZE_T areaSize)
Functions related to manual retrieving of PE resources.
