Debugging Tools for Windows

SearchVirtual2

The SearchVirtual2 method searches the process's virtual memory for a specified pattern of bytes.

HRESULT
  IDebugDataSpaces4::SearchVirtual2(
    IN ULONG64  Offset,
    IN ULONG64  Length,
    IN ULONG  Flags,
    IN PVOID  Pattern,
    IN ULONG  PatternSize,
    IN ULONG  PatternGranularity,
    OUT PULONG64  MatchOffset
    );

Parameters

Offset
Specifies the location in the process's virtual address space to start searching for the pattern.
Length
Specifies how far to search for the pattern. A successful match requires the entire pattern to be found before Length bytes have been examined.
Flags
Specifies a bit field of flags for the search. Currently, the only bit-flag that can be set is DEBUG_VSEARCH_WRITABLE_ONLY, which restricts the search to writable memory.
Pattern
Specifies the pattern to search for.
PatternSize
Specifies the size, in bytes, of the pattern. This must be a multiple of the granularity of the pattern.
PatternGranularity
Specifies the granularity of the pattern. For a successful match, the difference between the location of the found pattern and Offset must be a multiple of PatternGranularity.
MatchOffset
Receives the location in the process's virtual address space of the pattern, if it was found.

Return Value

S_OK
The method was successful.
HRESULT_FROM_NT(STATUS_NO_MORE_ENTRIES)
After examining Length bytes, the pattern was not found.

This method can also return error values. See Return Values for more details.

Interface Version

SearchVirtual2 is available in IDebugDataSpaces4 and later versions.

Comments

This method searches the target's virtual memory for the first occurrence, subject to granularity, of the pattern that is entirely contained in the Length bytes of the target's memory, starting at the Offset location.

PatternGranularity can be used to ensure the alignment of the match relative to Offset. For example, a value of 0x4 can be used to require alignment to a DWORD. A value of 0x1 can be used to allow the pattern to start anywhere.

Requirements

Headers: Defined in Dbgeng.h. Include Dbgeng.h.

See Also

SearchVirtual


© 2008 Microsoft Corporation
Send feedback on this topic
Debugging Tools for Windows
August 24, 2008
Build machine: CAPEBUILD