public void PersistObjectMap(ObjectTypeMap source, string fileName)
{
byte[] bytesToCompress = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(source));
using (FileStream fileToCompress = File.Create(fileName))
using (GZipStream compressionStream = new GZipStream(fileToCompress, CompressionMode.Compress))
{
compressionStream.Write(bytesToCompress, 0, bytesToCompress.Length);
}
}
public ObjectTypes(DataProviderBase dataProvider, Profile profile) : base(profile, dataProvider, 0)
{
_is64 = (_profile.Architecture == "AMD64");
_objectMap = new ObjectTypeMap();
_objectMap.ObjectTypeRecords = new List <ObjectTypeRecord>();
// first let's see if it already exists
FileInfo cachedFile = new FileInfo(_dataProvider.CacheFolder + "\\object_type_map.gz");
if (cachedFile.Exists && !dataProvider.IsLive)
{
ObjectTypeMap otm = RetrieveObjectMap(cachedFile);
if (otm != null)
{
_objectMap = otm;
return;
}
}
AddressBase kernelAS;
if (_is64)
{
kernelAS = _profile.KernelAddressSpace as AddressSpacex64;
}
else
{
kernelAS = _profile.KernelAddressSpace as AddressSpacex86Pae;
}
uint indexTableOffset = (uint)_profile.GetConstant("ObpObjectTypes");
ulong startOffset = _profile.KernelBaseAddress + indexTableOffset;
ulong pAddr = kernelAS.vtop(startOffset, _dataProvider.IsLive);
if (pAddr == 0)
{
return;
}
_buffer = _dataProvider.ReadMemory(pAddr & 0xfffffffff000, 1);
ulong ptr = 0;
if (_is64)
{
ptr = ReadUInt64((int)(pAddr & 0xfff));
}
else
{
ptr = ReadUInt32((int)(pAddr & 0xfff));
}
//ulong pAddress = kernelAS.vtop(ptr);
ObjectType ot = new ObjectType(_profile, _dataProvider, ptr);
int count = (int)ot.TotalNumberOfObjects;
for (int i = 0; i < count; i++)
{
if (_is64)
{
startOffset = _profile.KernelBaseAddress + indexTableOffset + (uint)(i * 8);
}
else
{
startOffset = _profile.KernelBaseAddress + indexTableOffset + (uint)(i * 4);
}
pAddr = kernelAS.vtop(startOffset, _dataProvider.IsLive);
_buffer = _dataProvider.ReadMemory(pAddr & 0xfffffffff000, 1);
if (_is64)
{
ptr = ReadUInt64((int)(pAddr & 0xfff));
}
else
{
ptr = ReadUInt32((int)(pAddr & 0xfff));
}
//pAddress = kernelAS.vtop(ptr);
ot = new ObjectType(_profile, _dataProvider, ptr);
ObjectTypeRecord otr = new ObjectTypeRecord();
otr.Name = ot.Name;
otr.Index = ot.Index;
if (otr.Index == 0 || otr.Name == "")
{
continue;
}
_objectMap.ObjectTypeRecords.Add(otr);
}
if (!dataProvider.IsLive)
{
PersistObjectMap(_objectMap, _dataProvider.CacheFolder + "\\object_type_map.gz");
}
}