Dangerous assignment

Line 32 in 3e79de1

PUNICODE_STRING pModuleName = ( PUNICODE_STRING )lpModuleName;

Line 66 in 3e79de1

PUNICODE_STRING pModuleName = ( PUNICODE_STRING )lpModuleName;

More better:

wchar_t lpModuleName[ MAX_PATH ];
status = ZwQueryVirtualMemory( NtCurrentProcess(), PsGetProcessSectionBaseAddress( Process ), static_cast<MEMORY_INFORMATION_CLASS>(2), lpModuleName, sizeof( lpModuleName ), nullptr );
if ( NT_SUCCESS( status ) )
{
	const auto unModuleNameSize = wcslen(lpModuleName);
	if (unModuleNameSize > 0 )
	{
		AllocateUnicodeString( ProcessImageName, static_cast<USHORT>(unModuleNameSize));
		wcscpy_s( ProcessImageName->Buffer, unModuleNameSize, lpModuleName );
		bReturn = true;
	}
}