C# (CSharp) ProcessHacker.Native.Debugging DebugBuffer Examples

Programming Language: C# (CSharp)

Namespace/Package Name: ProcessHacker.Native.Debugging

Class/Type: DebugBuffer

Examples at hotexamples.com: 2

C# (CSharp) ProcessHacker.Native.Debugging DebugBuffer - 2 examples found. These are the top rated real world C# (CSharp) examples of ProcessHacker.Native.Debugging.DebugBuffer extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Query(2)

EnumModules(1)

GetHeaps(1)

Example #1

Show file

File: HackerWindow.cs Project: andyvand/ProcessHacker

        private void heapsProcessMenuItem_Click(object sender, EventArgs e)
        {
            try
            {
                HeapsWindow heapsWindow;

                using (DebugBuffer buffer = new DebugBuffer())
                {
                    this.Cursor = Cursors.WaitCursor;

                    try
                    {
                        buffer.Query(
                            processSelectedPid,
                            RtlQueryProcessDebugFlags.HeapSummary |
                            RtlQueryProcessDebugFlags.HeapEntries
                            );
                    }
                    finally
                    {
                        this.Cursor = Cursors.Default;
                    }

                    heapsWindow = new HeapsWindow(processSelectedPid, buffer.GetHeaps());
                }
                heapsWindow.ShowDialog();
            }
            catch (WindowsException ex)
            {
                PhUtils.ShowException("Unable to get heap information", ex);
            }
        }

Example #2

Show file

File: HandleFilter.cs Project: john-peterson/processhacker

        private void DoFilter()
        {
            // Stop if cancel
            if (!CancelRequested)
            {
                var handles = Windows.GetHandles();
                Dictionary<int, ProcessHandle> processHandles = new Dictionary<int, ProcessHandle>();

                // Find handles
                for (int i = 0; i < handles.Length; i++)
                {
                    // Check for cancellation here too,
                    // otherwise the user might have to wait for much time                    
                    if (CancelRequested) return;

                    if (i % 20 == 0)
                        OnMatchProgress(i, handles.Length);

                    var handle = handles[i];

                    CompareHandleBestNameWithFilter(processHandles, handle);
                    // test Exception 
                    //if (i > 2000) throw new Exception("test");
                }

                foreach (ProcessHandle phandle in processHandles.Values)
                    phandle.Dispose();

                // Find DLLs and mapped files
                Dictionary<int, SystemProcess> processes = Windows.GetProcesses();

                foreach (KeyValuePair<int, SystemProcess> process in processes)
                {
                    try
                    {
                        // Modules
                        using (ProcessHandle phandle = new ProcessHandle(process.Key, Program.MinProcessQueryRights | Program.MinProcessReadMemoryRights))
                        {
                            phandle.EnumModules(module =>
                            {
                                if (module.FileName.Contains(strFilterLower, StringComparison.OrdinalIgnoreCase))
                                    this.CallDllMatchListView(process.Key, module);
                                return true;
                            });
                        }

                        // Memory
                        using (ProcessHandle phandle = new ProcessHandle(process.Key, ProcessAccess.QueryInformation | Program.MinProcessReadMemoryRights))
                        {
                            phandle.EnumMemory(region =>
                            {
                                if (region.Type != MemoryType.Mapped)
                                    return true;

                                string name = phandle.GetMappedFileName(region.BaseAddress);

                                if (!string.IsNullOrEmpty(name) && name.Contains(strFilterLower, StringComparison.OrdinalIgnoreCase))
                                    this.CallMappedFileMatchListView(process.Key, region.BaseAddress, name);

                                return true;
                            });
                        }

                        // WOW64 Modules
                        if (OSVersion.Architecture == OSArch.Amd64)
                        {
                            using (DebugBuffer buffer = new DebugBuffer())
                            {
                                buffer.Query(
                                    process.Key,
                                    RtlQueryProcessDebugFlags.Modules32 |
                                    RtlQueryProcessDebugFlags.NonInvasive
                                    );

                                buffer.EnumModules(module =>
                                {
                                    if (module.FileName.Contains(strFilterLower, StringComparison.OrdinalIgnoreCase))
                                        this.CallDllMatchListView(process.Key, module);
                                    return true;
                                });
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        Logging.Log(ex);
                    }
                }

                OnMatchListView(null);
            }
        }