; ---------------------------------------------------------------------------
; FILE: SomeCode.Asm
; DATE: August 28, 2013
; ---------------------------------------------------------------------------
align 16
SomeCode_GrowBuffer:
; ---------------------------------------------------------------------------
; OUTPUT:
;   CF = 1 - buffer is OK to use
; ---------------------------------------------------------------------------
    mov       ebx, [mbi.RegionSize]
    cmp       ebx, [bufRoom]
    jbe       .ret_true
    ;
    ; Region exceeds buffer room
    ;
    invoke    VirtualAlloc, 0, ebx, MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE
    test      eax, eax
    jz        .no_memory

    xchg      [bufer], eax
    mov       [bufRoom], ebx
    invoke    VirtualFree, eax, 0, MEM_RELEASE

.ret_true:
    stc
    ret

.no_memory:
    clc
    ret

align 16
SomeCode_DumpMBI:
; ---------------------------------------------------------------------------
    pusha
    mov       esi, mbi

    sub       esp, 256
    mov       edi, esp

    cinvoke   wsprintfA, edi, fmtDumpMBI,\
              [esi + MEMORY_BASIC_INFORMATION.State],\
              [esi + MEMORY_BASIC_INFORMATION.BaseAddress],\
              [esi + MEMORY_BASIC_INFORMATION.AllocationBase],\
              [esi + MEMORY_BASIC_INFORMATION.RegionSize]

    invoke    _lwrite, [hMBIfile], edi, eax
    add       esp, 256
    popa
    ret

align 16
SomeCode_AppendLogText:
; ---------------------------------------------------------------------------
; INPUT:
;   ESI = text to write into diagnostics file
; ---------------------------------------------------------------------------
    pusha
    invoke    lstrlenA, esi
    invoke    _lwrite, [hMBIfile], esi, eax
    popa
    ret

align 16
SomeCode_Root:
    ;
    ; Allocate 1Mb for a buffer (for now)
    ;
    invoke    VirtualAlloc, 0, [bufRoom], MEM_RESERVE or MEM_COMMIT, PAGE_READWRITE
    mov       [bufer], eax
    ;
    ; Create files
    ;
    invoke    _lcreat, SzFile, 0
    mov       [hfile], eax

    invoke    _lcreat, mbiFile, 0
    mov       [hMBIfile], eax
    ;
    ; Open process handle
    ;
    invoke    OpenProcess, PROCESS_VM_READ or PROCESS_QUERY_INFORMATION, FALSE, [dwPID]
    mov       [hProc], eax
    mov       [shagMemory], 0

.gogogo:
    invoke    VirtualQueryEx, [hProc], [shagMemory], mbi, sizeof.MEMORY_BASIC_INFORMATION
    cmp       eax, sizeof.MEMORY_BASIC_INFORMATION
    jne       .stopeee
    ;
    ; Dump MBI into a LOG file
    ;
    call      SomeCode_DumpMBI
    ;
    ; Only pages with state = MEM_COMMIT can be read (MEM_RESERVE and MEM_FREE can't be read)
    ;
    test      [mbi.State], MEM_COMMIT
    jz        .not_commited

    call      SomeCode_GrowBuffer
    jnc       .memory_low

    xor       eax, eax
    mov       [BytesRead], eax
    invoke    SetLastError, eax

    invoke    ReadProcessMemory, [hProc], [shagMemory], [bufer], [mbi.RegionSize], BytesRead
    test      eax, eax
    jz        .not_loaded

    invoke    _lwrite, [hfile], [bufer], [BytesRead]

    mov       esi, szReadOK
    jmp       .report

.not_commited:
    mov       esi, szNoCommit
    jmp       .report

.memory_low:
    mov       esi, szNoMem
    jmp       .report

.not_loaded:
    mov       esi, szReadERR

.report:
    call      SomeCode_AppendLogText

    mov       eax, [mbi.RegionSize]
    add       [shagMemory], eax
    jmp       .gogogo

.stopeee:
    invoke    CloseHandle, [hMBIfile]
    invoke    CloseHandle, [hfile]
    invoke    CloseHandle, [hProc]
    invoke    MessageBoxA, NULL, mbText, mbTitle, NULL
    invoke    VirtualFree, [bufer], 0, MEM_RELEASE
    ret