/* * supFindModuleEntryByAddress * * Purpose: * * Find Module Name for given Address. * */ BOOL supFindModuleEntryByAddress( _In_ CONST PRTL_PROCESS_MODULES pModulesList, _In_ PVOID Address, _Inout_ LPWSTR Buffer, _In_ DWORD ccBuffer //size of buffer in chars ) { ULONG i, c; PRTL_PROCESS_MODULE_INFORMATION pModule; WCHAR szBuffer[MAX_PATH + 1]; if ( (Address == NULL) || (pModulesList == NULL) || (Buffer == NULL) || (ccBuffer == 0) ) { return FALSE; } c = pModulesList->NumberOfModules; if (c == 0) { return FALSE; } for (i = 0; i < c; i++) { if ( IN_REGION(Address, pModulesList->Modules[i].ImageBase, pModulesList->Modules[i].ImageSize) ) { pModule = &pModulesList->Modules[i]; RtlSecureZeroMemory(&szBuffer, sizeof(szBuffer)); if ( MultiByteToWideChar(CP_ACP, 0, (LPCSTR)&pModule->FullPathName[pModule->OffsetToFileName], sizeof(pModule->FullPathName), szBuffer, MAX_PATH) ) { _strncpy(Buffer, ccBuffer, szBuffer, _strlen(szBuffer)); return TRUE; } else { //MultiByteToWideChar error return FALSE; } } } return FALSE; }
char *cpString2(char *str, Region *oldr, Region *r) { if(!IN_REGION(str, oldr)) { return str; } else return cpStringExt(str, r); }
char *cpString(char *str, Region *r) { if(IN_REGION(str, r)) { return str; } else return cpStringExt(str, r); }