RtlCaptureContext - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTRTL_H

/**
 * The RtlCaptureContext routine retrieves a context record in the context of the caller.
 *
 * \param ContextRecord A pointer to a CONTEXT structure.
 * \return This function does not return a value.
 * \sa https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-rtlcapturecontext
 */
NTSYSAPI
VOID
NTAPI
RtlCaptureContext(
    _Out_ PCONTEXT ContextRecord
    );

#endif

View code on GitHub
// ntifs.h

NTSYSAPI VOID RtlCaptureContext(
  [out] PCONTEXT ContextRecord
);
View the official Windows Driver Kit DDI reference
// winnt.h

NTSYSAPI VOID RtlCaptureContext(
  [out] PCONTEXT ContextRecord
);
View the official Win32 API reference

NtDoc

No description available.

Edit description on GitHub

Windows Driver Kit DDI reference (nf-ntifs-rtlcapturecontext)

RtlCaptureContext function

Description

The RtlCaptureContext function retrieves a context record in the context of the caller.

Parameters

ContextRecord [out]

A pointer to a CONTEXT structure.

Return value

This function does not return a value.

Remarks

The captured ContextRecord contains processor-specific register data.

For kernel-mode code, the CONTEXT structure is defined in Ntddk.h. For more information, see the CONTEXT structure topic in the SDK documentation.

See also

CONTEXT

View the official Windows Driver Kit DDI reference

Edit description on GitHub

Win32 API reference (nf-winnt-rtlcapturecontext)

RtlCaptureContext function

Description

Retrieves a context record in the context of the caller.

Parameters

ContextRecord [out]

A pointer to a CONTEXT structure.

Return value

This function does not return a value.

See also

CONTEXT

RtlRestoreContext

Vertdll APIs available in VBS enclaves

View the official Win32 API reference

Edit description on GitHub