/// <summary>
/// Will load all the memory region information of the program into a list for faster scanning
/// </summary>
private void LoadMemoryRegions()
{
// the current address being scanned
var address = new IntPtr();
_memoryRegionsSortedIndices = new SortedList <Int32, int>();
var count = 0;
while (true)
{
// get the memory information for the first region
var memInfo = new MemoryApi.MemoryBasicInformation();
int result = MemoryApi.VirtualQueryEx(_process.Handle, address, out memInfo,
(uint)Marshal.SizeOf(memInfo));
// virtualqueryex will return 0 when we're out of range of the application
if (0 == result)
{
break;
}
// filter out any that don't have commit or aren't writable
if (0 != (memInfo.State & MemCommit) && 0 != (memInfo.Protect & Writable) &&
0 == (memInfo.Protect & PageGuard))
{
// store the information
MemoryRegions.Add(memInfo);
_memoryRegionsSortedIndices.Add(memInfo.BaseAddress.ToInt32(), count++);
}
// move to the next memory region
address = new IntPtr(memInfo.BaseAddress.ToInt32() + memInfo.RegionSize);
}
}
public void VirtualQuery()
{
const long maxAddress = 0x7fffffff;
long address = 0;
do
{
MemoryApi.MemoryBasicInformation m;
int result = MemoryApi.VirtualQueryEx(Process.GetCurrentProcess().Handle, (IntPtr)address, out m,
(uint)Marshal.SizeOf(typeof(MemoryApi.MemoryBasicInformation)));
Console.WriteLine(@"{0}-{1} : {2} bytes result={3}", m.BaseAddress,
(uint)m.BaseAddress + m.RegionSize - 1, m.RegionSize, result);
if (address == (long)m.BaseAddress + m.RegionSize)
{
break;
}
address = (long)m.BaseAddress + m.RegionSize;
} while (address <= maxAddress);
}
