_callstack_8c.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=11"/>
<meta name="generator" content="Doxygen 1.11.0"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>HyperDbg Debugger: hyperdbg/hyperkd/code/debugger/commands/Callstack.c File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<script type="text/javascript" src="clipboard.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="navtreedata.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="cookie.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
 <tbody>
 <tr id="projectrow">
  <td id="projectalign">
   <div id="projectname">HyperDbg Debugger
   </div>
  </td>
 </tr>
 </tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.11.0 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
var searchBox = new SearchBox("searchBox", "search/",'.html');
/* @license-end */
</script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
$(function() { codefold.init(0); });
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
$(function() {
  initMenu('',true,false,'search.php','Search',true);
  $(function() { init_search(); });
});
/* @license-end */
</script>
<div id="main-nav"></div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
  <div id="nav-tree">
    <div id="nav-tree-contents">
      <div id="nav-sync" class="sync"></div>
    </div>
  </div>
  <div id="splitbar" style="-moz-user-select:none;" 
       class="ui-resizable-handle">
  </div>
</div>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
$(function(){initNavTree('_callstack_8c.html',''); initResizable(true); });
/* @license-end */
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
     onmouseover="return searchBox.OnSearchSelectShow()"
     onmouseout="return searchBox.OnSearchSelectHide()"
     onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>

<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<div id="MSearchResults">
<div class="SRPage">
<div id="SRIndex">
<div id="SRResults"></div>
<div class="SRStatus" id="Loading">Loading...</div>
<div class="SRStatus" id="Searching">Searching...</div>
<div class="SRStatus" id="NoMatches">No Matches</div>
</div>
</div>
</div>
</div>

<div class="header">
  <div class="summary">
<a href="#func-members">Functions</a>  </div>
  <div class="headertitle"><div class="title">Callstack.c File Reference</div></div>
</div><!--header-->
<div class="contents">

<p>Kernel routines for callstack.  
<a href="#details">More...</a></p>
<div class="textblock"><code>#include &quot;pch.h&quot;</code><br />
</div><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a id="func-members" name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:a056b0d234bbcb1da0ffddb62cd5b9a59" id="r_a056b0d234bbcb1da0ffddb62cd5b9a59"><td class="memItemLeft" align="right" valign="top"><a class="el" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="#a056b0d234bbcb1da0ffddb62cd5b9a59">CallstackWalkthroughStack</a> (<a class="el" href="_request_structures_8h.html#a3d57e773e2a453bd6fe400c41cd27524">PDEBUGGER_SINGLE_CALLSTACK_FRAME</a> AddressToSaveFrames, <a class="el" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> StackBaseAddress, <a class="el" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> Size, <a class="el" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> Is32Bit)</td></tr>
<tr class="memdesc:a056b0d234bbcb1da0ffddb62cd5b9a59"><td class="mdescLeft">&#160;</td><td class="mdescRight">Walkthrough the stack.  <br /></td></tr>
<tr class="separator:a056b0d234bbcb1da0ffddb62cd5b9a59"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<div class="textblock"><p>Kernel routines for callstack. </p>
<dl class="section author"><dt>Author</dt><dd>Sina Karvandi (<a href="#" onclick="location.href='mai'+'lto:'+'sin'+'a@'+'hyp'+'er'+'dbg'+'.o'+'rg'; return false;">sina@<span class="obfuscator">.nosp@m.</span>hype<span class="obfuscator">.nosp@m.</span>rdbg.<span class="obfuscator">.nosp@m.</span>org</a>)</dd></dl>
<dl class="section version"><dt>Version</dt><dd>0.1 </dd></dl>
<dl class="section date"><dt>Date</dt><dd>2021-03-05</dd></dl>
<dl class="section copyright"><dt>Copyright</dt><dd>This project is released under the GNU Public License v3. </dd></dl>
</div><h2 class="groupheader">Function Documentation</h2>
<a id="a056b0d234bbcb1da0ffddb62cd5b9a59" name="a056b0d234bbcb1da0ffddb62cd5b9a59"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a056b0d234bbcb1da0ffddb62cd5b9a59">&#9670;&#160;</a></span>CallstackWalkthroughStack()</h2>

<div class="memitem">
<div class="memproto">
      <table class="memname">
        <tr>
          <td class="memname"><a class="el" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a> CallstackWalkthroughStack </td>
          <td>(</td>
          <td class="paramtype"><a class="el" href="_request_structures_8h.html#a3d57e773e2a453bd6fe400c41cd27524">PDEBUGGER_SINGLE_CALLSTACK_FRAME</a></td>          <td class="paramname"><span class="paramname"><em>AddressToSaveFrames</em></span>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a></td>          <td class="paramname"><span class="paramname"><em>StackBaseAddress</em></span>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a></td>          <td class="paramname"><span class="paramname"><em>Size</em></span>, </td>
        </tr>
        <tr>
          <td class="paramkey"></td>
          <td></td>
          <td class="paramtype"><a class="el" href="_basic_types_8h.html#a1cb18096b299d23458d3c7b85fd86555">BOOLEAN</a></td>          <td class="paramname"><span class="paramname"><em>Is32Bit</em></span>&#160;)</td>
        </tr>
      </table>
</div><div class="memdoc">

<p>Walkthrough the stack. </p>
<dl class="params"><dt>Parameters</dt><dd>
  <table class="params">
    <tr><td class="paramname">AddressToSaveFrames</td><td></td></tr>
    <tr><td class="paramname">StackBaseAddress</td><td></td></tr>
    <tr><td class="paramname">Size</td><td></td></tr>
    <tr><td class="paramname">Is32Bit</td><td></td></tr>
  </table>
  </dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>BOOLEAN </dd></dl>
<div class="fragment"><div class="line"><span class="lineno">   29</span>{</div>
<div class="line"><span class="lineno">   30</span>    <a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a> FrameIndex          = 0;</div>
<div class="line"><span class="lineno">   31</span>    <a class="code hl_typedef" href="_basic_types_8h.html#a09f1a1fb2293e33483cc8d44aefb1eb1">UINT16</a> AddressMode         = 0;</div>
<div class="line"><span class="lineno">   32</span>    <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> <a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a>               = (<a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a>)NULL;</div>
<div class="line"><span class="lineno">   33</span>    <a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a> CurrentStackAddress = (<a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a>)NULL;</div>
<div class="line"><span class="lineno">   34</span> </div>
<div class="line"><span class="lineno">   35</span>    <span class="keywordflow">if</span> (Size == 0)</div>
<div class="line"><span class="lineno">   36</span>    {</div>
<div class="line"><span class="lineno">   37</span>        <span class="keywordflow">return</span> <a class="code hl_define" href="_basic_types_8h.html#aa93f0eb578d23995850d61f7d61c55c1">FALSE</a>;</div>
<div class="line"><span class="lineno">   38</span>    }</div>
<div class="line"><span class="lineno">   39</span> </div>
<div class="line"><span class="lineno">   40</span>    <span class="keywordflow">if</span> (Is32Bit)</div>
<div class="line"><span class="lineno">   41</span>    {</div>
<div class="line"><span class="lineno">   42</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   43</span>        <span class="comment">// 32-bit interpretation</span></div>
<div class="line"><span class="lineno">   44</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   45</span>        AddressMode = <span class="keyword">sizeof</span>(<a class="code hl_typedef" href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a>);</div>
<div class="line"><span class="lineno">   46</span>        FrameIndex  = Size / AddressMode;</div>
<div class="line"><span class="lineno">   47</span>    }</div>
<div class="line"><span class="lineno">   48</span>    <span class="keywordflow">else</span></div>
<div class="line"><span class="lineno">   49</span>    {</div>
<div class="line"><span class="lineno">   50</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   51</span>        <span class="comment">// 64-bit interpretation</span></div>
<div class="line"><span class="lineno">   52</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   53</span>        AddressMode = <span class="keyword">sizeof</span>(<a class="code hl_typedef" href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a>);</div>
<div class="line"><span class="lineno">   54</span>        FrameIndex  = Size / AddressMode;</div>
<div class="line"><span class="lineno">   55</span>    }</div>
<div class="line"><span class="lineno">   56</span> </div>
<div class="line"><span class="lineno">   57</span>    <span class="comment">//</span></div>
<div class="line"><span class="lineno">   58</span>    <span class="comment">// Walkthrough the stack</span></div>
<div class="line"><span class="lineno">   59</span>    <span class="comment">//</span></div>
<div class="line"><span class="lineno">   60</span>    <span class="keywordflow">for</span> (<span class="keywordtype">size_t</span> i = 0; i &lt; FrameIndex; i++)</div>
<div class="line"><span class="lineno">   61</span>    {</div>
<div class="line"><span class="lineno">   62</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   63</span>        <span class="comment">// Compute the current stack position address</span></div>
<div class="line"><span class="lineno">   64</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   65</span>        CurrentStackAddress = StackBaseAddress + (i * AddressMode);</div>
<div class="line"><span class="lineno">   66</span> </div>
<div class="line"><span class="lineno">   67</span>        <span class="keywordflow">if</span> (!<a class="code hl_function" href="_address_check_8c.html#aec71cec56c29db61a23b2997ee8e2059">CheckAccessValidityAndSafety</a>(CurrentStackAddress, AddressMode))</div>
<div class="line"><span class="lineno">   68</span>        {</div>
<div class="line"><span class="lineno">   69</span>            AddressToSaveFrames[i].<a class="code hl_variable" href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a3f626b571de1c1ecae3837e5ce5e9e79">IsStackAddressValid</a> = <a class="code hl_define" href="_basic_types_8h.html#aa93f0eb578d23995850d61f7d61c55c1">FALSE</a>;</div>
<div class="line"><span class="lineno">   70</span> </div>
<div class="line"><span class="lineno">   71</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">   72</span>            <span class="comment">// Stack is no longer valid or available to access from here</span></div>
<div class="line"><span class="lineno">   73</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">   74</span>            <span class="keywordflow">return</span> <a class="code hl_define" href="_basic_types_8h.html#aa93f0eb578d23995850d61f7d61c55c1">FALSE</a>;</div>
<div class="line"><span class="lineno">   75</span>        }</div>
<div class="line"><span class="lineno">   76</span> </div>
<div class="line"><span class="lineno">   77</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   78</span>        <span class="comment">// Stack address is valid</span></div>
<div class="line"><span class="lineno">   79</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   80</span>        AddressToSaveFrames[i].<a class="code hl_variable" href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a3f626b571de1c1ecae3837e5ce5e9e79">IsStackAddressValid</a> = <a class="code hl_define" href="_basic_types_8h.html#aa8cecfc5c5c054d2875c03e77b7be15d">TRUE</a>;</div>
<div class="line"><span class="lineno">   81</span> </div>
<div class="line"><span class="lineno">   82</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   83</span>        <span class="comment">// Read the 4 or 8 byte from the target stack</span></div>
<div class="line"><span class="lineno">   84</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   85</span>        <a class="code hl_function" href="_memory_mapper_8c.html#a4b9c8387e09821a8668975ec6119782e">MemoryMapperReadMemorySafeOnTargetProcess</a>(CurrentStackAddress, &amp;<a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a>, AddressMode);</div>
<div class="line"><span class="lineno">   86</span> </div>
<div class="line"><span class="lineno">   87</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   88</span>        <span class="comment">// Set the value</span></div>
<div class="line"><span class="lineno">   89</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   90</span>        AddressToSaveFrames[i].<a class="code hl_variable" href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a4daedd4de87609e7e3ccc60167affbe6">Value</a> = <a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a>;</div>
<div class="line"><span class="lineno">   91</span> </div>
<div class="line"><span class="lineno">   92</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   93</span>        <span class="comment">// This implementation has a problem, if the target jump is between two page were the second</span></div>
<div class="line"><span class="lineno">   94</span>        <span class="comment">// page is not available, it fails to set it as the valid address,</span></div>
<div class="line"><span class="lineno">   95</span>        <span class="comment">// We should check it for this page attribute (check boundary) but for now, i&#39;m lazy enough</span></div>
<div class="line"><span class="lineno">   96</span>        <span class="comment">// to let it unimplemented</span></div>
<div class="line"><span class="lineno">   97</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">   98</span>        <span class="comment">// Check if value is a valid address</span></div>
<div class="line"><span class="lineno">   99</span>        <span class="comment">//</span></div>
<div class="line"><span class="lineno">  100</span>        <span class="keywordflow">if</span> (<a class="code hl_function" href="_address_check_8c.html#aec71cec56c29db61a23b2997ee8e2059">CheckAccessValidityAndSafety</a>(<a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a>, <a class="code hl_define" href="_constants_8h.html#a69514be69d3aae8e6973c14f92c363c4">MAXIMUM_CALL_INSTR_SIZE</a>))</div>
<div class="line"><span class="lineno">  101</span>        {</div>
<div class="line"><span class="lineno">  102</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  103</span>            <span class="comment">// It&#39;s a valid address</span></div>
<div class="line"><span class="lineno">  104</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  105</span>            AddressToSaveFrames[i].<a class="code hl_variable" href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#ad904bc870052e8344722a2169a30ff32">IsValidAddress</a> = <a class="code hl_define" href="_basic_types_8h.html#aa8cecfc5c5c054d2875c03e77b7be15d">TRUE</a>;</div>
<div class="line"><span class="lineno">  106</span> </div>
<div class="line"><span class="lineno">  107</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  108</span>            <span class="comment">// Check if the target page has NX bit (executable page)</span></div>
<div class="line"><span class="lineno">  109</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  110</span>            AddressToSaveFrames[i].<a class="code hl_variable" href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a1c3e2634d66fca15c223cf5a337ba7a6">IsExecutable</a> = <a class="code hl_function" href="_memory_mapper_8c.html#aa1fb900db142d2d24222e62a4bef6504">MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess</a>((PVOID)<a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a>);</div>
<div class="line"><span class="lineno">  111</span> </div>
<div class="line"><span class="lineno">  112</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  113</span>            <span class="comment">// Read the memory at the target address</span></div>
<div class="line"><span class="lineno">  114</span>            <span class="comment">//</span></div>
<div class="line"><span class="lineno">  115</span>            <a class="code hl_function" href="_memory_mapper_8c.html#a4b9c8387e09821a8668975ec6119782e">MemoryMapperReadMemorySafeOnTargetProcess</a>(<a class="code hl_function" href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a> - <a class="code hl_define" href="_constants_8h.html#a69514be69d3aae8e6973c14f92c363c4">MAXIMUM_CALL_INSTR_SIZE</a>,</div>
<div class="line"><span class="lineno">  116</span>                                                      AddressToSaveFrames[i].InstructionBytesOnRip,</div>
<div class="line"><span class="lineno">  117</span>                                                      <a class="code hl_define" href="_constants_8h.html#a69514be69d3aae8e6973c14f92c363c4">MAXIMUM_CALL_INSTR_SIZE</a>);</div>
<div class="line"><span class="lineno">  118</span>        }</div>
<div class="line"><span class="lineno">  119</span>    }</div>
<div class="line"><span class="lineno">  120</span> </div>
<div class="line"><span class="lineno">  121</span>    <span class="comment">//</span></div>
<div class="line"><span class="lineno">  122</span>    <span class="comment">// Stack walk is finished</span></div>
<div class="line"><span class="lineno">  123</span>    <span class="comment">//</span></div>
<div class="line"><span class="lineno">  124</span>    <span class="keywordflow">return</span> <a class="code hl_define" href="_basic_types_8h.html#aa8cecfc5c5c054d2875c03e77b7be15d">TRUE</a>;</div>
<div class="line"><span class="lineno">  125</span>}</div>
<div class="ttc" id="a_address_check_8c_html_aec71cec56c29db61a23b2997ee8e2059"><div class="ttname"><a href="_address_check_8c.html#aec71cec56c29db61a23b2997ee8e2059">CheckAccessValidityAndSafety</a></div><div class="ttdeci">BOOLEAN CheckAccessValidityAndSafety(UINT64 TargetAddress, UINT32 Size)</div><div class="ttdoc">Check the safety to access the memory.</div><div class="ttdef"><b>Definition</b> AddressCheck.c:156</div></div>
<div class="ttc" id="a_basic_types_8h_html_a09f1a1fb2293e33483cc8d44aefb1eb1"><div class="ttname"><a href="_basic_types_8h.html#a09f1a1fb2293e33483cc8d44aefb1eb1">UINT16</a></div><div class="ttdeci">unsigned short UINT16</div><div class="ttdef"><b>Definition</b> BasicTypes.h:47</div></div>
<div class="ttc" id="a_basic_types_8h_html_aa8cecfc5c5c054d2875c03e77b7be15d"><div class="ttname"><a href="_basic_types_8h.html#aa8cecfc5c5c054d2875c03e77b7be15d">TRUE</a></div><div class="ttdeci">#define TRUE</div><div class="ttdef"><b>Definition</b> BasicTypes.h:55</div></div>
<div class="ttc" id="a_basic_types_8h_html_aa93f0eb578d23995850d61f7d61c55c1"><div class="ttname"><a href="_basic_types_8h.html#aa93f0eb578d23995850d61f7d61c55c1">FALSE</a></div><div class="ttdeci">#define FALSE</div><div class="ttdef"><b>Definition</b> BasicTypes.h:54</div></div>
<div class="ttc" id="a_basic_types_8h_html_aae17ebb9ef7279d026817fb22f8aebe9"><div class="ttname"><a href="_basic_types_8h.html#aae17ebb9ef7279d026817fb22f8aebe9">UINT64</a></div><div class="ttdeci">unsigned __int64 UINT64</div><div class="ttdef"><b>Definition</b> BasicTypes.h:21</div></div>
<div class="ttc" id="a_basic_types_8h_html_ae1e6edbbc26d6fbc71a90190d0266018"><div class="ttname"><a href="_basic_types_8h.html#ae1e6edbbc26d6fbc71a90190d0266018">UINT32</a></div><div class="ttdeci">unsigned int UINT32</div><div class="ttdef"><b>Definition</b> BasicTypes.h:48</div></div>
<div class="ttc" id="a_constants_8h_html_a69514be69d3aae8e6973c14f92c363c4"><div class="ttname"><a href="_constants_8h.html#a69514be69d3aae8e6973c14f92c363c4">MAXIMUM_CALL_INSTR_SIZE</a></div><div class="ttdeci">#define MAXIMUM_CALL_INSTR_SIZE</div><div class="ttdoc">maximum size for call instruction in Intel</div><div class="ttdef"><b>Definition</b> Constants.h:473</div></div>
<div class="ttc" id="a_memory_mapper_8c_html_a4b9c8387e09821a8668975ec6119782e"><div class="ttname"><a href="_memory_mapper_8c.html#a4b9c8387e09821a8668975ec6119782e">MemoryMapperReadMemorySafeOnTargetProcess</a></div><div class="ttdeci">_Use_decl_annotations_ BOOLEAN MemoryMapperReadMemorySafeOnTargetProcess(UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)</div><div class="ttdoc">Read memory safely by mapping the buffer on the target process memory (It's a wrapper)</div><div class="ttdef"><b>Definition</b> MemoryMapper.c:1120</div></div>
<div class="ttc" id="a_memory_mapper_8c_html_aa1fb900db142d2d24222e62a4bef6504"><div class="ttname"><a href="_memory_mapper_8c.html#aa1fb900db142d2d24222e62a4bef6504">MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess</a></div><div class="ttdeci">_Use_decl_annotations_ BOOLEAN MemoryMapperCheckIfPageIsNxBitSetOnTargetProcess(PVOID Va)</div><div class="ttdoc">This function checks target process to see if the page has NX bit or not.</div><div class="ttdef"><b>Definition</b> MemoryMapper.c:475</div></div>
<div class="ttc" id="ainstance__info_8hex_8txt_html_a1068e3543230ebb8ef661f6f6cce7f8f"><div class="ttname"><a href="instance__info_8hex_8txt.html#a1068e3543230ebb8ef661f6f6cce7f8f">Value</a></div><div class="ttdeci">RequestedActionOfThePacket Value(0x1) 00000000</div></div>
<div class="ttc" id="astruct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e_html_a1c3e2634d66fca15c223cf5a337ba7a6"><div class="ttname"><a href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a1c3e2634d66fca15c223cf5a337ba7a6">_DEBUGGER_SINGLE_CALLSTACK_FRAME::IsExecutable</a></div><div class="ttdeci">BOOLEAN IsExecutable</div><div class="ttdef"><b>Definition</b> RequestStructures.h:764</div></div>
<div class="ttc" id="astruct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e_html_a3f626b571de1c1ecae3837e5ce5e9e79"><div class="ttname"><a href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a3f626b571de1c1ecae3837e5ce5e9e79">_DEBUGGER_SINGLE_CALLSTACK_FRAME::IsStackAddressValid</a></div><div class="ttdeci">BOOLEAN IsStackAddressValid</div><div class="ttdef"><b>Definition</b> RequestStructures.h:762</div></div>
<div class="ttc" id="astruct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e_html_a4daedd4de87609e7e3ccc60167affbe6"><div class="ttname"><a href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#a4daedd4de87609e7e3ccc60167affbe6">_DEBUGGER_SINGLE_CALLSTACK_FRAME::Value</a></div><div class="ttdeci">UINT64 Value</div><div class="ttdef"><b>Definition</b> RequestStructures.h:765</div></div>
<div class="ttc" id="astruct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e_html_ad904bc870052e8344722a2169a30ff32"><div class="ttname"><a href="struct___d_e_b_u_g_g_e_r___s_i_n_g_l_e___c_a_l_l_s_t_a_c_k___f_r_a_m_e.html#ad904bc870052e8344722a2169a30ff32">_DEBUGGER_SINGLE_CALLSTACK_FRAME::IsValidAddress</a></div><div class="ttdeci">BOOLEAN IsValidAddress</div><div class="ttdef"><b>Definition</b> RequestStructures.h:763</div></div>
</div><!-- fragment -->
</div>
</div>
</div><!-- contents -->
</div><!-- doc-content -->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
  <ul>
    <li class="navelem"><a class="el" href="dir_53a6cdbae347618e9ee76d4be5c6ea96.html">hyperdbg</a></li><li class="navelem"><a class="el" href="dir_fd401680aa8c7ceffc479e97f6bdc4df.html">hyperkd</a></li><li class="navelem"><a class="el" href="dir_587853473f29459994cc5353647295ff.html">code</a></li><li class="navelem"><a class="el" href="dir_366222a910cb7e5dbd8918e7b8c2300f.html">debugger</a></li><li class="navelem"><a class="el" href="dir_0fc101762e08047bdc63959491aca858.html">commands</a></li><li class="navelem"><a class="el" href="_callstack_8c.html">Callstack.c</a></li>
    <li class="footer">Generated by <a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.11.0 </li>
  </ul>
</div>
</body>
</html>