/// <summary> /// Gets a dictionary containing the currently running processes. /// </summary> /// <param name="getThreads">Whether to get thread information.</param> /// <returns>A dictionary, indexed by process ID.</returns> public static Dictionary <int, SystemProcess> GetProcesses(bool getThreads) { int retLength; Dictionary <int, SystemProcess> returnProcesses; if (_processesBuffer == null) { _processesBuffer = new MemoryAlloc(0x10000); } MemoryAlloc data = _processesBuffer; NtStatus status; int attempts = 0; while (true) { attempts++; if ((status = Win32.NtQuerySystemInformation( SystemInformationClass.SystemProcessInformation, data, data.Size, out retLength )) >= NtStatus.Error) { if (attempts > 3) { Win32.Throw(status); } data.ResizeNew(retLength); } else { break; } } returnProcesses = new Dictionary <int, SystemProcess>(32); // 32 processes on a computer? int i = 0; SystemProcess currentProcess = new SystemProcess(); do { //currentProcess.Process = data.ReadStruct<SystemProcessInformation>(i, 0); unsafe { currentProcess.Process = *(SystemProcessInformation *)((byte *)data.Memory + i); } currentProcess.Name = currentProcess.Process.ImageName.Read(); if (getThreads && currentProcess.Process.ProcessId != 0) { currentProcess.Threads = new Dictionary <int, SystemThreadInformation>(); for (int j = 0; j < currentProcess.Process.NumberOfThreads; j++) { var thread = data.ReadStruct <SystemThreadInformation>(i + Marshal.SizeOf(typeof(SystemProcessInformation)), j); currentProcess.Threads.Add(thread.ClientId.ThreadId, thread); } } returnProcesses.Add(currentProcess.Process.ProcessId, currentProcess); i += currentProcess.Process.NextEntryOffset; } while (currentProcess.Process.NextEntryOffset != 0); return(returnProcesses); }
/// <summary> /// Gets a dictionary containing the currently running processes. /// </summary> /// <param name="getThreads">Whether to get thread information.</param> /// <returns>A dictionary, indexed by process ID.</returns> public static Dictionary<int, SystemProcess> GetProcesses(bool getThreads) { int retLength; if (_processesBuffer == null) _processesBuffer = new MemoryAlloc(0x10000); MemoryAlloc data = _processesBuffer; NtStatus status; int attempts = 0; while (true) { attempts++; if ((status = Win32.NtQuerySystemInformation( SystemInformationClass.SystemProcessInformation, data, data.Size, out retLength )).IsError()) { if (attempts > 3) Win32.Throw(status); data.ResizeNew(retLength); } else { break; } } Dictionary<int, SystemProcess> returnProcesses = new Dictionary<int, SystemProcess>(32); int i = 0; SystemProcess currentProcess = new SystemProcess(); do { //currentProcess.Process = data.ReadStruct<SystemProcessInformation>(i, 0); unsafe { currentProcess.Process = *(SystemProcessInformation*)((byte*)data.Memory + i); } currentProcess.Name = currentProcess.Process.ImageName.Text; if (getThreads && currentProcess.Process.ProcessId != 0) { currentProcess.Threads = new Dictionary<int, SystemThreadInformation>(); for (int j = 0; j < currentProcess.Process.NumberOfThreads; j++) { var thread = data.ReadStruct<SystemThreadInformation>(i + SystemProcessInformation.SizeOf, SystemThreadInformation.SizeOf, j); currentProcess.Threads.Add(thread.ClientId.ThreadId, thread); } } returnProcesses.Add(currentProcess.Process.ProcessId, currentProcess); i += currentProcess.Process.NextEntryOffset; } while (currentProcess.Process.NextEntryOffset != 0); return returnProcesses; }
/// <summary> /// Gets a dictionary containing the currently running processes. /// </summary> /// <param name="getThreads">Whether to get thread information.</param> /// <returns>A dictionary, indexed by process ID.</returns> public static Dictionary<int, SystemProcess> GetProcesses(bool getThreads) { int retLength; Dictionary<int, SystemProcess> returnProcesses; if (_processesBuffer == null) _processesBuffer = new MemoryAlloc(0x10000); MemoryAlloc data = _processesBuffer; NtStatus status; int attempts = 0; while (true) { attempts++; if ((status = Win32.NtQuerySystemInformation( SystemInformationClass.SystemProcessInformation, data, data.Size, out retLength )) >= NtStatus.Error) { if (attempts > 3) Win32.ThrowLastError(status); data.Resize(retLength); } else { break; } } returnProcesses = new Dictionary<int, SystemProcess>(32); // 32 processes on a computer? int i = 0; SystemProcess currentProcess = new SystemProcess(); do { currentProcess.Process = data.ReadStruct<SystemProcessInformation>(i, 0); currentProcess.Name = currentProcess.Process.ImageName.Read(); if (getThreads && currentProcess.Process.ProcessId != 0) { currentProcess.Threads = new Dictionary<int, SystemThreadInformation>(); for (int j = 0; j < currentProcess.Process.NumberOfThreads; j++) { var thread = data.ReadStruct<SystemThreadInformation>(i + Marshal.SizeOf(typeof(SystemProcessInformation)), j); currentProcess.Threads.Add(thread.ClientId.ThreadId, thread); } } returnProcesses.Add(currentProcess.Process.ProcessId, currentProcess); i += currentProcess.Process.NextEntryOffset; } while (currentProcess.Process.NextEntryOffset != 0); return returnProcesses; }