public static IEnumerator <FileHandleInfo> GetOpenFileHandleEnumerator(int processId, SmartPtr systemHandleInformationPointer, int handleCount)
{
//using (SmartPtr sptr = SystemInformation.GetSystemHandleInformation())
//{
//var information = (SystemHandlesInformation)Marshal.PtrToStructure(sptr.Pointer, typeof(SystemHandlesInformation));
//int handleCount = information.Count;
//int handleCount = Marshal.ReadInt32(sptr.Pointer);
int offset = FirstHandleOffset;
for (int i = 0; i < handleCount; i++, offset += SystemHandleEntrySize)
{
//var entry = (SystemHandleEntry)Marshal.PtrToStructure((IntPtr) ((long) sptr.Pointer + offset), typeof (SystemHandleEntry));
var entry = (SystemHandleEntry)Marshal.PtrToStructure((IntPtr)(systemHandleInformationPointer.Pointer + offset), typeof(SystemHandleEntry));
IntPtr handle = (IntPtr)entry.HandleValue;
SystemHandleType handleType;
string devicePath;
if (entry.OwnerPid != processId)
{
continue;
}
if (!HandleInformation.GetHandleType(handle, processId, out handleType))
{
continue;
}
if (handleType != SystemHandleType.File)
{
continue;
}
devicePath = null;
if (!GetFileNameFromHandle(handle, processId, out devicePath))
{
continue;
}
FileSystemInfo info = GetFileSystemInfo(devicePath);
if (info != null)
{
yield return(new FileHandleInfo(handle, info));
;
}
}
//}
}
internal static extern bool SetHandleInformation(IntPtr hObject, HandleInformation dwMask, HandleInformation dwFlags);
internal static extern bool SetHandleInformation(IntPtr hObject, HandleInformation dwMask, HandleInformation dwFlags);
public static List <HandleInformation> GetHandlesByType(string strHandleType = "Directory")
{
uint nStatus;
var nHandleInfoSize = 0x10000;
var ipHandlePointer = Marshal.AllocHGlobal(nHandleInfoSize);
var nLength = 0;
var ipHandle = IntPtr.Zero;
while ((nStatus = Native.NtQuerySystemInformation(CNST_SYSTEM_HANDLE_INFORMATION, ipHandlePointer,
nHandleInfoSize, ref nLength)) ==
STATUS_INFO_LENGTH_MISMATCH)
{
nHandleInfoSize = nLength;
Marshal.FreeHGlobal(ipHandlePointer);
ipHandlePointer = Marshal.AllocHGlobal(nLength);
}
var baTemp = new byte[nLength];
Marshal.Copy(ipHandlePointer, baTemp, 0, nLength);
long lHandleCount = 0;
if (Is64Bits())
{
lHandleCount = Marshal.ReadInt64(ipHandlePointer);
ipHandle = new IntPtr(ipHandlePointer.ToInt64() + 8);
}
else
{
lHandleCount = Marshal.ReadInt32(ipHandlePointer);
ipHandle = new IntPtr(ipHandlePointer.ToInt32() + 4);
}
List <HandleInformation> toReturn = new List <HandleInformation>();
for (long lIndex = 0; lIndex < lHandleCount; lIndex++)
{
var shHandle = new SYSTEM_HANDLE_INFORMATION();
var realInfo = new HandleInformation();
if (Is64Bits())
{
shHandle = (SYSTEM_HANDLE_INFORMATION)Marshal.PtrToStructure(ipHandle, shHandle.GetType());
ipHandle = new IntPtr(ipHandle.ToInt64() + Marshal.SizeOf(shHandle) + 8);
}
else
{
ipHandle = new IntPtr(ipHandle.ToInt64() + Marshal.SizeOf(shHandle));
shHandle = (SYSTEM_HANDLE_INFORMATION)Marshal.PtrToStructure(ipHandle, shHandle.GetType());
}
if (MiniMem.AttachedProcess.ProcessObject != null)
{
if (shHandle.ProcessID != MiniMem.AttachedProcess.ProcessObject.Id)
{
continue;
}
}
if (strHandleType != null)
{
var strObjectTypeName = getObjectTypeName(shHandle, Process.GetProcessById(shHandle.ProcessID));
if (strObjectTypeName != strHandleType)
{
continue;
}
}
realInfo.HandleName = getObjectName(shHandle, Process.GetProcessById(shHandle.ProcessID));
realInfo.Advanced = shHandle;
if (realInfo.HandleName == null)
{
continue;
}
toReturn.Add(realInfo);
}
return(toReturn);
}
