private static ModuleInfo[] GetModuleInfos(int processId, bool firstModuleOnly)
{
ModuleInfo[] infoArray2;
if ((processId == SystemProcessID) || (processId == 0))
{
throw new Win32Exception(-2147467259, SR.GetString("EnumProcessModuleFailed"));
}
Microsoft.Win32.SafeHandles.SafeProcessHandle invalidHandle = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle;
try
{
bool flag;
invalidHandle = ProcessManager.OpenProcess(processId, 0x410, true);
IntPtr[] ptrArray = new IntPtr[0x40];
GCHandle handle2 = new GCHandle();
int needed = 0;
Label_0045:
flag = false;
try
{
handle2 = GCHandle.Alloc(ptrArray, GCHandleType.Pinned);
flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed);
if (!flag)
{
bool flag2 = false;
bool flag3 = false;
if (!ProcessManager.IsOSOlderThanXP)
{
Microsoft.Win32.SafeHandles.SafeProcessHandle hProcess = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle;
try
{
hProcess = ProcessManager.OpenProcess(Microsoft.Win32.NativeMethods.GetCurrentProcessId(), 0x400, true);
if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(hProcess, ref flag2))
{
throw new Win32Exception();
}
if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(invalidHandle, ref flag3))
{
throw new Win32Exception();
}
if (flag2 && !flag3)
{
throw new Win32Exception(0x12b, SR.GetString("EnumProcessModuleFailedDueToWow"));
}
}
finally
{
if (hProcess != Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle)
{
hProcess.Close();
}
}
}
for (int j = 0; j < 50; j++)
{
flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed);
if (flag)
{
goto Label_012F;
}
Thread.Sleep(1);
}
}
}
finally
{
handle2.Free();
}
Label_012F:
if (!flag)
{
throw new Win32Exception();
}
needed /= IntPtr.Size;
if (needed > ptrArray.Length)
{
ptrArray = new IntPtr[ptrArray.Length * 2];
goto Label_0045;
}
ArrayList list = new ArrayList();
for (int i = 0; i < needed; i++)
{
ModuleInfo info = new ModuleInfo();
IntPtr handle = ptrArray[i];
Microsoft.Win32.NativeMethods.NtModuleInfo ntModuleInfo = new Microsoft.Win32.NativeMethods.NtModuleInfo();
if (!Microsoft.Win32.NativeMethods.GetModuleInformation(invalidHandle, new HandleRef(null, handle), ntModuleInfo, Marshal.SizeOf(ntModuleInfo)))
{
throw new Win32Exception();
}
info.sizeOfImage = ntModuleInfo.SizeOfImage;
info.entryPoint = ntModuleInfo.EntryPoint;
info.baseOfDll = ntModuleInfo.BaseOfDll;
StringBuilder baseName = new StringBuilder(0x400);
if (Microsoft.Win32.NativeMethods.GetModuleBaseName(invalidHandle, new HandleRef(null, handle), baseName, baseName.Capacity * 2) == 0)
{
throw new Win32Exception();
}
info.baseName = baseName.ToString();
StringBuilder builder2 = new StringBuilder(0x400);
if (Microsoft.Win32.NativeMethods.GetModuleFileNameEx(invalidHandle, new HandleRef(null, handle), builder2, builder2.Capacity * 2) == 0)
{
throw new Win32Exception();
}
info.fileName = builder2.ToString();
if (string.Compare(info.fileName, @"\SystemRoot\System32\smss.exe", StringComparison.OrdinalIgnoreCase) == 0)
{
info.fileName = Path.Combine(Environment.SystemDirectory, "smss.exe");
}
if (((info.fileName != null) && (info.fileName.Length >= 4)) && info.fileName.StartsWith(@"\\?\", StringComparison.Ordinal))
{
info.fileName = info.fileName.Substring(4);
}
list.Add(info);
if (firstModuleOnly)
{
break;
}
}
ModuleInfo[] array = new ModuleInfo[list.Count];
list.CopyTo(array, 0);
infoArray2 = array;
}
finally
{
if (!invalidHandle.IsInvalid)
{
invalidHandle.Close();
}
}
return infoArray2;
}
private static ModuleInfo[] GetModuleInfos(int processId, bool firstModuleOnly)
{
ModuleInfo[] infoArray2;
if ((processId == SystemProcessID) || (processId == 0))
{
throw new Win32Exception(-2147467259, SR.GetString("EnumProcessModuleFailed"));
}
Microsoft.Win32.SafeHandles.SafeProcessHandle invalidHandle = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle;
try
{
bool flag;
invalidHandle = ProcessManager.OpenProcess(processId, 0x410, true);
IntPtr[] ptrArray = new IntPtr[0x40];
GCHandle handle2 = new GCHandle();
int needed = 0;
Label_0045:
flag = false;
try
{
handle2 = GCHandle.Alloc(ptrArray, GCHandleType.Pinned);
flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed);
if (!flag)
{
bool flag2 = false;
bool flag3 = false;
if (!ProcessManager.IsOSOlderThanXP)
{
Microsoft.Win32.SafeHandles.SafeProcessHandle hProcess = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle;
try
{
hProcess = ProcessManager.OpenProcess(Microsoft.Win32.NativeMethods.GetCurrentProcessId(), 0x400, true);
if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(hProcess, ref flag2))
{
throw new Win32Exception();
}
if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(invalidHandle, ref flag3))
{
throw new Win32Exception();
}
if (flag2 && !flag3)
{
throw new Win32Exception(0x12b, SR.GetString("EnumProcessModuleFailedDueToWow"));
}
}
finally
{
if (hProcess != Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle)
{
hProcess.Close();
}
}
}
for (int j = 0; j < 50; j++)
{
flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed);
if (flag)
{
goto Label_012F;
}
Thread.Sleep(1);
}
}
}
finally
{
handle2.Free();
}
Label_012F:
if (!flag)
{
throw new Win32Exception();
}
needed /= IntPtr.Size;
if (needed > ptrArray.Length)
{
ptrArray = new IntPtr[ptrArray.Length * 2];
goto Label_0045;
}
ArrayList list = new ArrayList();
for (int i = 0; i < needed; i++)
{
ModuleInfo info = new ModuleInfo();
IntPtr handle = ptrArray[i];
Microsoft.Win32.NativeMethods.NtModuleInfo ntModuleInfo = new Microsoft.Win32.NativeMethods.NtModuleInfo();
if (!Microsoft.Win32.NativeMethods.GetModuleInformation(invalidHandle, new HandleRef(null, handle), ntModuleInfo, Marshal.SizeOf(ntModuleInfo)))
{
throw new Win32Exception();
}
info.sizeOfImage = ntModuleInfo.SizeOfImage;
info.entryPoint = ntModuleInfo.EntryPoint;
info.baseOfDll = ntModuleInfo.BaseOfDll;
StringBuilder baseName = new StringBuilder(0x400);
if (Microsoft.Win32.NativeMethods.GetModuleBaseName(invalidHandle, new HandleRef(null, handle), baseName, baseName.Capacity * 2) == 0)
{
throw new Win32Exception();
}
info.baseName = baseName.ToString();
StringBuilder builder2 = new StringBuilder(0x400);
if (Microsoft.Win32.NativeMethods.GetModuleFileNameEx(invalidHandle, new HandleRef(null, handle), builder2, builder2.Capacity * 2) == 0)
{
throw new Win32Exception();
}
info.fileName = builder2.ToString();
if (string.Compare(info.fileName, @"\SystemRoot\System32\smss.exe", StringComparison.OrdinalIgnoreCase) == 0)
{
info.fileName = Path.Combine(Environment.SystemDirectory, "smss.exe");
}
if (((info.fileName != null) && (info.fileName.Length >= 4)) && info.fileName.StartsWith(@"\\?\", StringComparison.Ordinal))
{
info.fileName = info.fileName.Substring(4);
}
list.Add(info);
if (firstModuleOnly)
{
break;
}
}
ModuleInfo[] array = new ModuleInfo[list.Count];
list.CopyTo(array, 0);
infoArray2 = array;
}
finally
{
if (!invalidHandle.IsInvalid)
{
invalidHandle.Close();
}
}
return(infoArray2);
}
