CsrCaptureMessageBuffer

The CsrCaptureMessageBuffer function copies data to newly obtained space in a capture buffer such that the data is pointed to from within an API message.

Declaration 

ULONG 
CsrCaptureMessageBuffer (
    PVOID CaptureBuffer, 
    PVOID Data,
    ULONG Size, 
    PVOID *Pointer);

Parameters

The CaptureBuffer argument is the address of a capture buffer, as obtained from calling CsrAllocateCaptureBuffer.

The Data and Size arguments are respectively the address and size (in bytes) of data to copy to the capture buffer.

The Pointer argument is the address of a variable that is to receive a pointer to the data’s copy in the capture buffer. The intention is that this variable is in the API message.

Return Value

The function returns the size in bytes that has been obtained for the message, else it returns zero for failure.

Availability

The CsrCaptureMessageBuffer function is exported by name from NTDLL.DLL in all known Windows versions, i.e., starting from version 3.10.

Documentation Status

The CsrCaptureMessageBuffer function is not documented. Neither is Microsoft known to have disclosed a C-language declaration in any header from any publicly released kit for software development.

Behaviour

IN PROGRESS

This page was created on 25th June 2019 and was last modified on 26th June 2019.

Copyright © 2019. Geoff Chappell. All rights reserved. Conditions apply.