public static Boolean TryNtQueryObject(IntPtr objectHandle, ObjectInfoamtionClass informationClass, out AllocatedMemoryHandle informationPtr, Int32 startSize = 0)
{
informationPtr = new AllocatedMemoryHandle(startSize);
var info = NtQueryObject(objectHandle, informationClass, informationPtr.DangerousGetHandle(), informationPtr.Size, out var actualSize);
if (info == NtStatus.InvalidHandle)
{
if (informationPtr.IsInvalid)
{
informationPtr.Close();
}
informationPtr = null;
return(false);
}
while (info == NtStatus.InfoLengthMismatch)
{
informationPtr.ChangeMemorySize(actualSize);
info = NtQueryObject(objectHandle, informationClass, informationPtr.DangerousGetHandle(), informationPtr.Size, out actualSize);
}
if (info != NtStatus.Success)
{
if (informationPtr.IsInvalid)
{
informationPtr.Close();
}
informationPtr = null;
return(false);
}
return(true);
}
private static extern NtStatus NtQueryObject(IntPtr objectHandle, ObjectInfoamtionClass informationClass, [Out] IntPtr informationPtr, Int32 informationLength, out Int32 Length);
