getSizeOfImageProcessNative() not work

[fobricia]

so, this function always not work, struct MEMORY_REGION_INFORMATION invalid (sizeof)

I fixed this structure as

typedef struct _MEMORY_REGION_INFORMATION { PVOID AllocationBase; //Imagebase ULONG AllocationProtect; ULONG RegionType; SIZE_T RegionSize; //Size of image SIZE_T CommitSize; ULONG_PTR PartitionId; // 19H1 ULONG_PTR NodePreference; // 20H1 } MEMORY_REGION_INFORMATION, *PMEMORY_REGION_INFORMATION;

and function getSizeOfImageProcessNative() worked correct after this changle

SIZE_T ProcessAccessHelp::getSizeOfImageProcessNative( HANDLE processHandle, DWORD_PTR moduleBase ) { MEMORY_REGION_INFORMATION memRegion = {0}; SIZE_T retLen = 0; if (NativeWinApi::NtQueryVirtualMemory(processHandle, (PVOID)moduleBase, MemoryRegionInformation, &memRegion, sizeof(MEMORY_REGION_INFORMATION), &retLen) == STATUS_SUCCESS) { return memRegion.RegionSize; } return 0; }