private static ModuleInfo[] GetModuleInfos(int processId, bool firstModuleOnly) { ModuleInfo[] infoArray2; if ((processId == SystemProcessID) || (processId == 0)) { throw new Win32Exception(-2147467259, SR.GetString("EnumProcessModuleFailed")); } Microsoft.Win32.SafeHandles.SafeProcessHandle invalidHandle = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle; try { bool flag; invalidHandle = ProcessManager.OpenProcess(processId, 0x410, true); IntPtr[] ptrArray = new IntPtr[0x40]; GCHandle handle2 = new GCHandle(); int needed = 0; Label_0045: flag = false; try { handle2 = GCHandle.Alloc(ptrArray, GCHandleType.Pinned); flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed); if (!flag) { bool flag2 = false; bool flag3 = false; if (!ProcessManager.IsOSOlderThanXP) { Microsoft.Win32.SafeHandles.SafeProcessHandle hProcess = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle; try { hProcess = ProcessManager.OpenProcess(Microsoft.Win32.NativeMethods.GetCurrentProcessId(), 0x400, true); if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(hProcess, ref flag2)) { throw new Win32Exception(); } if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(invalidHandle, ref flag3)) { throw new Win32Exception(); } if (flag2 && !flag3) { throw new Win32Exception(0x12b, SR.GetString("EnumProcessModuleFailedDueToWow")); } } finally { if (hProcess != Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle) { hProcess.Close(); } } } for (int j = 0; j < 50; j++) { flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed); if (flag) { goto Label_012F; } Thread.Sleep(1); } } } finally { handle2.Free(); } Label_012F: if (!flag) { throw new Win32Exception(); } needed /= IntPtr.Size; if (needed > ptrArray.Length) { ptrArray = new IntPtr[ptrArray.Length * 2]; goto Label_0045; } ArrayList list = new ArrayList(); for (int i = 0; i < needed; i++) { ModuleInfo info = new ModuleInfo(); IntPtr handle = ptrArray[i]; Microsoft.Win32.NativeMethods.NtModuleInfo ntModuleInfo = new Microsoft.Win32.NativeMethods.NtModuleInfo(); if (!Microsoft.Win32.NativeMethods.GetModuleInformation(invalidHandle, new HandleRef(null, handle), ntModuleInfo, Marshal.SizeOf(ntModuleInfo))) { throw new Win32Exception(); } info.sizeOfImage = ntModuleInfo.SizeOfImage; info.entryPoint = ntModuleInfo.EntryPoint; info.baseOfDll = ntModuleInfo.BaseOfDll; StringBuilder baseName = new StringBuilder(0x400); if (Microsoft.Win32.NativeMethods.GetModuleBaseName(invalidHandle, new HandleRef(null, handle), baseName, baseName.Capacity * 2) == 0) { throw new Win32Exception(); } info.baseName = baseName.ToString(); StringBuilder builder2 = new StringBuilder(0x400); if (Microsoft.Win32.NativeMethods.GetModuleFileNameEx(invalidHandle, new HandleRef(null, handle), builder2, builder2.Capacity * 2) == 0) { throw new Win32Exception(); } info.fileName = builder2.ToString(); if (string.Compare(info.fileName, @"\SystemRoot\System32\smss.exe", StringComparison.OrdinalIgnoreCase) == 0) { info.fileName = Path.Combine(Environment.SystemDirectory, "smss.exe"); } if (((info.fileName != null) && (info.fileName.Length >= 4)) && info.fileName.StartsWith(@"\\?\", StringComparison.Ordinal)) { info.fileName = info.fileName.Substring(4); } list.Add(info); if (firstModuleOnly) { break; } } ModuleInfo[] array = new ModuleInfo[list.Count]; list.CopyTo(array, 0); infoArray2 = array; } finally { if (!invalidHandle.IsInvalid) { invalidHandle.Close(); } } return infoArray2; }
private static ModuleInfo[] GetModuleInfos(int processId, bool firstModuleOnly) { ModuleInfo[] infoArray2; if ((processId == SystemProcessID) || (processId == 0)) { throw new Win32Exception(-2147467259, SR.GetString("EnumProcessModuleFailed")); } Microsoft.Win32.SafeHandles.SafeProcessHandle invalidHandle = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle; try { bool flag; invalidHandle = ProcessManager.OpenProcess(processId, 0x410, true); IntPtr[] ptrArray = new IntPtr[0x40]; GCHandle handle2 = new GCHandle(); int needed = 0; Label_0045: flag = false; try { handle2 = GCHandle.Alloc(ptrArray, GCHandleType.Pinned); flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed); if (!flag) { bool flag2 = false; bool flag3 = false; if (!ProcessManager.IsOSOlderThanXP) { Microsoft.Win32.SafeHandles.SafeProcessHandle hProcess = Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle; try { hProcess = ProcessManager.OpenProcess(Microsoft.Win32.NativeMethods.GetCurrentProcessId(), 0x400, true); if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(hProcess, ref flag2)) { throw new Win32Exception(); } if (!Microsoft.Win32.SafeNativeMethods.IsWow64Process(invalidHandle, ref flag3)) { throw new Win32Exception(); } if (flag2 && !flag3) { throw new Win32Exception(0x12b, SR.GetString("EnumProcessModuleFailedDueToWow")); } } finally { if (hProcess != Microsoft.Win32.SafeHandles.SafeProcessHandle.InvalidHandle) { hProcess.Close(); } } } for (int j = 0; j < 50; j++) { flag = Microsoft.Win32.NativeMethods.EnumProcessModules(invalidHandle, handle2.AddrOfPinnedObject(), ptrArray.Length * IntPtr.Size, ref needed); if (flag) { goto Label_012F; } Thread.Sleep(1); } } } finally { handle2.Free(); } Label_012F: if (!flag) { throw new Win32Exception(); } needed /= IntPtr.Size; if (needed > ptrArray.Length) { ptrArray = new IntPtr[ptrArray.Length * 2]; goto Label_0045; } ArrayList list = new ArrayList(); for (int i = 0; i < needed; i++) { ModuleInfo info = new ModuleInfo(); IntPtr handle = ptrArray[i]; Microsoft.Win32.NativeMethods.NtModuleInfo ntModuleInfo = new Microsoft.Win32.NativeMethods.NtModuleInfo(); if (!Microsoft.Win32.NativeMethods.GetModuleInformation(invalidHandle, new HandleRef(null, handle), ntModuleInfo, Marshal.SizeOf(ntModuleInfo))) { throw new Win32Exception(); } info.sizeOfImage = ntModuleInfo.SizeOfImage; info.entryPoint = ntModuleInfo.EntryPoint; info.baseOfDll = ntModuleInfo.BaseOfDll; StringBuilder baseName = new StringBuilder(0x400); if (Microsoft.Win32.NativeMethods.GetModuleBaseName(invalidHandle, new HandleRef(null, handle), baseName, baseName.Capacity * 2) == 0) { throw new Win32Exception(); } info.baseName = baseName.ToString(); StringBuilder builder2 = new StringBuilder(0x400); if (Microsoft.Win32.NativeMethods.GetModuleFileNameEx(invalidHandle, new HandleRef(null, handle), builder2, builder2.Capacity * 2) == 0) { throw new Win32Exception(); } info.fileName = builder2.ToString(); if (string.Compare(info.fileName, @"\SystemRoot\System32\smss.exe", StringComparison.OrdinalIgnoreCase) == 0) { info.fileName = Path.Combine(Environment.SystemDirectory, "smss.exe"); } if (((info.fileName != null) && (info.fileName.Length >= 4)) && info.fileName.StartsWith(@"\\?\", StringComparison.Ordinal)) { info.fileName = info.fileName.Substring(4); } list.Add(info); if (firstModuleOnly) { break; } } ModuleInfo[] array = new ModuleInfo[list.Count]; list.CopyTo(array, 0); infoArray2 = array; } finally { if (!invalidHandle.IsInvalid) { invalidHandle.Close(); } } return(infoArray2); }