/*
* supFindModuleEntryByAddress
*
* Purpose:
*
* Find Module Name for given Address.
*
*/
BOOL supFindModuleEntryByAddress(
_In_ CONST PRTL_PROCESS_MODULES pModulesList,
_In_ PVOID Address,
_Inout_ LPWSTR Buffer,
_In_ DWORD ccBuffer //size of buffer in chars
)
{
ULONG i, c;
PRTL_PROCESS_MODULE_INFORMATION pModule;
WCHAR szBuffer[MAX_PATH + 1];
if (
(Address == NULL) ||
(pModulesList == NULL) ||
(Buffer == NULL) ||
(ccBuffer == 0)
)
{
return FALSE;
}
c = pModulesList->NumberOfModules;
if (c == 0) {
return FALSE;
}
for (i = 0; i < c; i++) {
if (
IN_REGION(Address,
pModulesList->Modules[i].ImageBase,
pModulesList->Modules[i].ImageSize)
)
{
pModule = &pModulesList->Modules[i];
RtlSecureZeroMemory(&szBuffer, sizeof(szBuffer));
if (
MultiByteToWideChar(CP_ACP, 0,
(LPCSTR)&pModule->FullPathName[pModule->OffsetToFileName],
sizeof(pModule->FullPathName),
szBuffer,
MAX_PATH)
)
{
_strncpy(Buffer, ccBuffer, szBuffer, _strlen(szBuffer));
return TRUE;
}
else { //MultiByteToWideChar error
return FALSE;
}
}
}
return FALSE;
}
char *cpString2(char *str, Region *oldr, Region *r) {
if(!IN_REGION(str, oldr)) {
return str;
} else
return cpStringExt(str, r);
}
char *cpString(char *str, Region *r) {
if(IN_REGION(str, r)) {
return str;
} else
return cpStringExt(str, r);
}
