nefarius/Domito
1
0
Fork 0
Code Issues Activity

Added function docs

Browse Source
This commit is contained in:
Benjamin Höglinger-Stelzer 2023-07-01 06:54:54 +02:00
parent 904ba57442
commit 2beb3c374a
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Domito.sln.DotSettings
View File

@ -1,4 +1,5 @@
<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
<s:Boolean x:Key="/Default/UserDictionary/Words/=Authenticode/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=BCRYPT/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=CALG/@EntryIndexedValue">True</s:Boolean>
<s:Boolean x:Key="/Default/UserDictionary/Words/=COFF/@EntryIndexedValue">True</s:Boolean>

18
include/Domito.h
View File

@ -8,7 +8,7 @@
********************************************************************************/
//
// Custom allocator for function that allocate pool memory
// Custom allocator for function that allocate pool memory.
//
typedef
_IRQL_requires_same_
@ -66,7 +66,7 @@ typedef struct _WIN_CERTIFICATE {
#endif
//
// Converts a WinCrypt CALG_ID to a BCRYPT_ALGORITHM identifier
// Converts a WinCrypt CALG_ID to a BCRYPT_ALGORITHM identifier.
//
PCWSTR
FORCEINLINE
@ -95,7 +95,7 @@ DOMITO_CALG_TO_BCRYPT_ALGORITHM(
********************************************************************************/
//
// Finds the base address of a driver module
// Finds the base address of a driver module.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
@ -109,7 +109,7 @@ DomitoFindModuleBaseAddress(
);
//
// Finds the address of an exported function by name
// Finds the address of an exported function by name.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
@ -123,7 +123,7 @@ DomitoFindExportedFunctionAddress(
);
//
// Scans a provided buffer for a memory pattern
// Scans a provided buffer for a memory pattern.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
@ -152,7 +152,7 @@ DomitoGetPortableExecutableDigestKind(
);
//
// Reads from the beginning of a file until the end or the buffer size is reached
// Reads from the beginning of a file until the end or the buffer size is reached.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
@ -165,6 +165,9 @@ DomitoReadFile(
_In_ ULONG BufferSize
);
//
// Extracts Authenticode signing information and calculates the file digest of a PE file.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
_IRQL_requires_max_(PASSIVE_LEVEL)
@ -181,6 +184,9 @@ DomitoCalculatePortableExecutableDigest(
_Out_ PULONG pSizeOfSecurityDirectory
);
//
// Gets the name of the main image of the process identified by PID.
//
_Success_(return == STATUS_SUCCESS)
_Must_inspect_result_
_IRQL_requires_max_(PASSIVE_LEVEL)