Home       Trees       Indices       Help   
WinAppDbg - Windows application debugging engine
Package winappdbg :: Module event :: Class LoadDLLEvent
[hide private]
[frames] | no frames]

Class LoadDLLEvent

Module load event.

Instance Methods [hide private]
int
get_module_base(self)
Returns: Base address for the newly loaded DLL.
Module
get_module(self)
Returns: Module object for the newly loaded DLL.
FileHandle
get_file_handle(self)
Returns: File handle to the newly loaded DLL.
str, None
get_filename(self)
Returns: This method does it's best to retrieve the filename to the newly loaded module.
 
__init__(self, debug, raw)
x.__init__(...) initializes x; see x.__class__.__doc__ for signature (Inherited from winappdbg.event.Event)
int
get_code(self)
Returns: Debug event code as defined in the Win32 API. (Inherited from winappdbg.event.Event)
int
get_event_code(self)
Returns: Debug event code as defined in the Win32 API. (Inherited from winappdbg.event.Event)
str
get_event_description(self)
Returns: User-friendly description of the event. (Inherited from winappdbg.event.Event)
str
get_event_name(self)
Returns: User-friendly name of the event. (Inherited from winappdbg.event.Event)
int
get_pid(self)
Returns: Process global ID where the event occured. (Inherited from winappdbg.event.Event)
Process
get_process(self)
Returns: Process where the event occured. (Inherited from winappdbg.event.Event)
Thread
get_thread(self)
Returns: Thread where the event occured. (Inherited from winappdbg.event.Event)
int
get_tid(self)
Returns: Thread global ID where the event occured. (Inherited from winappdbg.event.Event)

Inherited from object: __delattr__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __str__

Class Variables [hide private]
str eventName = 'Module load event'
User-friendly name of the event.
str eventDescription = 'A new DLL library was loaded by the debugee.'
User-friendly description of the event.
Instance Variables [hide private]
int continueStatus
Continue status to pass to win32.ContinueDebugEvent. (Inherited from winappdbg.event.Event)
Debug debug
Debug object that received the event. (Inherited from winappdbg.event.Event)
DEBUG_EVENT raw
Raw DEBUG_EVENT structure as used by the Win32 API. (Inherited from winappdbg.event.Event)
Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

get_module_base(self)

 
Returns: int
Base address for the newly loaded DLL.

get_module(self)

 
Returns: Module
Module object for the newly loaded DLL.

get_file_handle(self)

 
Returns: FileHandle
File handle to the newly loaded DLL. If it's a valid handle, a new FileHandle object is created. Otherwise, the method returns INVALID_HANDLE_VALUE.

Note: This method never returns NULL.

get_filename(self)

 
Returns: str, None
This method does it's best to retrieve the filename to the newly loaded module. However, sometimes that's not possible, and None is returned instead.

   Home       Trees       Indices       Help   
WinAppDbg - Windows application debugging engine
Generated by Epydoc 3.0.1 on Fri May 15 21:56:34 2009 http://epydoc.sourceforge.net