Skip to content

Commit

Permalink
Fix reading/writing non-debugged process memory
Browse files Browse the repository at this point in the history
  • Loading branch information
@mrexodia
mrexodia committed Feb 22, 2023
1 parent e0348b3 commit 9676c96
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 3 deletions.
2 changes: 1 addition & 1 deletion StaticEngine/ntdll.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,7 @@ typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION

typedef struct _PROCESS_BASIC_INFORMATION
{
PVOID Reserved1;
NTSTATUS ExitStatus;
PVOID PebBaseAddress;
PVOID Reserved2[2];
ULONG_PTR UniqueProcessId;
Expand Down
10 changes: 8 additions & 2 deletions TitanEngineEmulator/Emulator.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,15 +98,21 @@ class Emulator : public Debugger
{
auto process = processFromHandle(hProcess);
if(!process)
return false;
{
// This happens when reading from a process not being debugged
return !!ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead);
}
return process->MemReadSafe(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesRead);
}

bool MemoryWriteSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesWritten)
{
auto process = processFromHandle(hProcess);
if(!process)
return false;
{
// This happens when writing to a process not being debugged
return !!WriteProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten);
}
return process->MemWriteSafe(ptr(lpBaseAddress), lpBuffer, nSize, (ptr*)lpNumberOfBytesWritten);
}

Expand Down

0 comments on commit 9676c96

Please sign in to comment.