#ifndef _NTPSAPI_H
//
// Threads
//
#if (PHNT_MODE != PHNT_MODE_KERNEL)

/**
 * Retrieves the context of the specified thread.
 *
 * @param ThreadHandle A handle to the thread.
 * @param ThreadContext A pointer to a CONTEXT structure that receives the thread context.
 * @return NTSTATUS Successful or errant status.
 */
NTSYSCALLAPI
NTSTATUS
NTAPI
NtGetContextThread(
    _In_ HANDLE ThreadHandle,
    _Inout_ PCONTEXT ThreadContext
    );

#endif
#endif
View code on GitHub

#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwGetContextThread(
    _In_ HANDLE ThreadHandle,
    _Inout_ PCONTEXT ThreadContext
    );

#endif
View code on GitHub

Retrieves the context (set of registers) of the specified thread.

Parameters

ThreadHandle - a handle to a thread granting THREAD_GET_CONTEXT access.
ThreadContext - a pointer to a CONTEXT structure that receives the state of registers. Note: make sure to initialize the ContextFlags field of the structure with the bit mask defining which portion of the context to query.

GetThreadContext

NtGetContextThread - NtDoc

Parameters

See also

Parameters

Related Win32 API

See also