public static Boolean ListHeap(uint dwPID)
{
HEAPLIST32 hl = new HEAPLIST32();
IntPtr INVALID_HANDLE_VALUE = new IntPtr(-1);
IntPtr hHeapSnap = INVALID_HANDLE_VALUE;
uint TH32CS_SNAPHEAPLIST = 0x00000001;
uint TH32CS_SNAPPROCESS = 0x00000002;
uint TH32CS_SNAPTHREAD = 0x00000004;
uint TH32CS_SNAPMODULE = 0x00000008;
uint TH32CS_SNAPMODULE32 = 0x00000010;
uint TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST |
TH32CS_SNAPPROCESS |
TH32CS_SNAPTHREAD |
TH32CS_SNAPMODULE);
hHeapSnap = CreateToolhelp32Snapshot(TH32CS_SNAPHEAPLIST, dwPID);
if (hHeapSnap == INVALID_HANDLE_VALUE)
{
return(false);
}
hl.dwSize = (UIntPtr)Marshal.SizeOf(typeof(HEAPENTRY32));
if (!Heap32ListFirst(hHeapSnap, ref hl))
{
do
{
// UIntPtr x = (UIntPtr)hl.th32HeapID;
HEAPENTRY32 he = new HEAPENTRY32();
// IntPtr he1 = INVALID_HANDLE_VALUE;
//try
//{
// ZeroMemory(he, (IntPtr)Marshal.SizeOf(typeof(HEAPENTRY32)));
//}
//catch (AccessViolationException ex)
//{
//}
he.dwSize = (UIntPtr)Marshal.SizeOf(typeof(HEAPENTRY32));
if (Heap32First(ref he, dwPID, hl.th32HeapID))
{
Console.WriteLine("\n Heap ID " + hl.th32HeapID);
do
{
Console.WriteLine("Block Size " + he.dwBlockSize);
he.dwSize = (UIntPtr)Marshal.SizeOf(typeof(HEAPENTRY32));
} while (Heap32Next(ref he));
}
hl.dwSize = (UIntPtr)Marshal.SizeOf(typeof(HEAPLIST32));
} while (Heap32ListNext(hHeapSnap, ref hl));
}
else
{
Console.WriteLine("CAnnot list heap");
}
CloseHandle(hHeapSnap);
return(true);
}
public HeapInfo(ProcessInfo info)
{
HeapProcess = info;
HEAPLIST32 firstHeapList = new HEAPLIST32();
firstHeapList.dwSize = (IntPtr)Marshal.SizeOf(typeof(HEAPLIST32));
IntPtr Handle = ErcCore.CreateToolhelp32Snapshot(SnapshotFlags.HeapList, (uint)info.ProcessID);
if ((int)Handle == -1)
{
throw new ERCException("CreateToolhelp32Snapshot returned an invalid handle value (-1)");
}
if (ErcCore.Heap32ListFirst(Handle, ref firstHeapList))
{
HeapLists.Add(firstHeapList);
bool moreHeaps = false;
do
{
HEAPLIST32 currentHeap = new HEAPLIST32();
currentHeap.dwSize = (IntPtr)Marshal.SizeOf(typeof(HEAPLIST32));
moreHeaps = ErcCore.Heap32ListNext(Handle, ref currentHeap);
if (HeapEntries.Count == 0)
{
currentHeap = firstHeapList;
}
if (moreHeaps)
{
HeapLists.Add(currentHeap);
HEAPENTRY32 heapentry32 = new HEAPENTRY32();
heapentry32.dwSize = (IntPtr)Marshal.SizeOf(typeof(HEAPENTRY32));
if (ErcCore.Heap32First(ref heapentry32, (uint)HeapProcess.ProcessID, currentHeap.th32HeapID))
{
bool moreheapblocks = false;
do
{
HeapEntries.Add(heapentry32);
moreheapblocks = ErcCore.Heap32Next(ref heapentry32);
}while (moreheapblocks);
}
}
}while (moreHeaps);
}
else
{
throw new ERCException("Heap32ListFirst returned an invalid response. Error: " + Utilities.Win32Errors.GetLastWin32Error());
}
}
internal static extern bool Heap32ListNext(IntPtr hSnapshot, ref HEAPLIST32 lphl);
static extern bool Heap32ListFirst(IntPtr hSnapshot, ref HEAPLIST32 lphl);
public static extern int Heap32ListNext(int hSnapshot,
[MarshalAs(UnmanagedType.Struct)] ref HEAPLIST32 lppe);
public static extern bool Heap32ListNext([System.Runtime.InteropServices.InAttribute()] System.IntPtr hSnapshot, ref HEAPLIST32 lphl);
public static extern bool Heap32ListNext(HSNAPSHOT hSnapshot, ref HEAPLIST32 lphl);