CsrAllocateMessagePointer

The CsrAllocateMessagePointer function obtains space in a capture buffer such that the allocated space is pointed to from within an API message.

Declaration 

ULONG 
CsrAllocateMessagePointer (
    PVOID CaptureBuffer, 
    ULONG Size, 
    PVOID *Pointer);

Parameters

The CaptureBuffer argument is the address of a capture buffer, as obtained from calling CsrAllocateCaptureBuffer.

The Size argument tells how many bytes are required from free space in the capture buffer.

The Pointer argument is the address of a variable that is to receive a pointer to the allocated space. The intention is that this variable is in the API message.

Return Value

The function returns the size in bytes that has been obtained for the message, else it returns zero for failure.

Availability

The CsrAllocateMessagePointer function is exported by name from NTDLL.DLL in all known Windows versions, i.e., starting from version 3.10.

Documentation Status

The CsrAllocateMessagePointer function is not documented. Neither is Microsoft known to have disclosed a C-language declaration in any header from any publicly released kit for software development.

Behaviour

IN PROGRESS

This page was created on 25th June 2019.

Copyright © 2019. Geoff Chappell. All rights reserved. Conditions apply.