12#define PECONV_FORCEINLINE __forceinline
13#define PECONV_TRY_EXCEPT_BLOCK_START __try {
14#define PECONV_TRY_EXCEPT_BLOCK_END __except (EXCEPTION_EXECUTE_HANDLER) {
16#define PECONV_FORCEINLINE __attribute__((always_inline)) inline
17#define PECONV_TRY_EXCEPT_BLOCK_START try {
18#define PECONV_TRY_EXCEPT_BLOCK_END catch (...) {
29 bool is_padding(
const BYTE* cave_ptr,
size_t cave_size,
const BYTE padding_char);
55 template <
typename CHAR_T>
56 bool is_valid_string(LPVOID modulePtr,
const size_t moduleSize,
const CHAR_T* name_ptr,
const size_t max_len = 260)
58 bool is_terminated =
false;
60 for (; i < max_len; i++) {
64 if (name_ptr[i] == 0) {
69 return is_terminated && (i != 0);
Functions related to operations on files. Wrappers for read/write.
DWORD get_process_id(HANDLE hProcess)
bool is_valid_string(LPVOID modulePtr, const size_t moduleSize, const CHAR_T *name_ptr, const size_t max_len=260)
bool is_mem_accessible(LPCVOID areaStart, SIZE_T areaSize, DWORD accessRights)
bool validate_ptr(IN const void *buffer_bgn, IN size_t buffer_size, IN const void *field_bgn, IN size_t field_size)
bool is_padding(const BYTE *cave_ptr, size_t cave_size, const BYTE padding_char)
bool is_bad_read_ptr(LPCVOID areaStart, SIZE_T areaSize)
Functions related to manual retrieving of PE resources.
