void
frida_agent_auto_ignorer_intercept_thread_creation (FridaAgentAutoIgnorer * self,
GumInvocationContext * ic)
{
NativeThreadFunc thread_func;
thread_func = GUM_POINTER_TO_FUNCPTR (NativeThreadFunc, gum_invocation_context_get_nth_argument (ic, 2));
if (GUM_MEMORY_RANGE_INCLUDES (&self->agent_range, GUM_ADDRESS (thread_func)))
{
FridaAutoInterceptContext * ctx;
ctx = g_slice_new (FridaAutoInterceptContext);
ctx->interceptor = g_object_ref (self->interceptor);
ctx->thread_func = thread_func;
ctx->thread_data = gum_invocation_context_get_nth_argument (ic, 3);
gum_invocation_context_replace_nth_argument (ic, 2, GUM_FUNCPTR_TO_POINTER (frida_agent_auto_ignorer_thread_create_proxy));
gum_invocation_context_replace_nth_argument (ic, 3, ctx);
}
}
static gboolean
gum_push_range_if_containing_address (const GumRangeDetails * details,
gpointer user_data)
{
GumDukFindRangeByAddressContext * fc = user_data;
gboolean proceed = TRUE;
if (GUM_MEMORY_RANGE_INCLUDES (details->range, fc->address))
{
GumDukScope scope = GUM_DUK_SCOPE_INIT (fc->core);
duk_context * ctx = scope.ctx;
duk_pop (ctx);
_gum_duk_push_range (ctx, details, fc->core);
proceed = FALSE;
}
return proceed;
}
static gboolean
gum_clear_guard_flag (const GumLiveRangeDetails * details,
gpointer user_data)
{
DWORD old_prot;
GumMemoryAccessMonitor * self = GUM_MEMORY_ACCESS_MONITOR (user_data);
GumMemoryAccessMonitorPrivate * priv = self->priv;
guint i;
for (i = 0; i != priv->num_pages; i++)
{
const GumPageDetails * page = &priv->pages_details[i];
const GumMemoryRange * r = &priv->ranges[page->range_index];
if (GUM_MEMORY_RANGE_INCLUDES (r, details->range->base_address))
{
return VirtualProtect ((void *) details->range->base_address,
details->range->size, page->original_protection, &old_prot);
}
}
return FALSE;
}
