My P/Invoke WriteProcessMemory method currently looks like this:
[DllImport("kernel32", SetLastError = true)]
[return : MarshalAs(UnmanagedType.Bool)]
static extern bool WriteProcessMemory(
IntPtr hProcess,
IntPtr baseAddress,
byte[] bufferToWrite,
uint numBytesToWrite,
out IntPtr numBytesWritten
);
I need to send a string to the bufferToWrite parameter, but it takes a byte[] so I'm converting it to a byte[] before passing it in.
My issue is that as .NET strings aren't null terminated, it won't write a terminating null to the remote memory. If I was doing this in unmanaged code I'd allocate the length of the string + terminating null, and put all that in the allocated memory since the "string" I'm reading includes the null. But the managed string doesn't include it.
Maybe I could allocate a buffer large enough to include a terminating null, then do another call to WriteProcessMemory to write the null; or I could create a byte[] large enough to hold the string + null, write both to the array, and pass it in like that.
But is there a more elegant solution to this problem?
Declare an overload like this:
[DllImport("kernel32", SetLastError = true)]
[return : MarshalAs(UnmanagedType.Bool)]
static extern bool WriteProcessMemory(
IntPtr hProcess,
IntPtr baseAddress,
string bufferToWrite,
uint numBytesToWrite,
out uint numBytesWritten
);
That way you force the marshaller to null terminate the string.
You could pass the data as IntPtr and use Marshal.StringToPtrAnsi. But then you'd need to manage the memory.
If the text is Unicode, use the CharSet.Unicode option.