public void PersistHandleMap(HandleEntryMap source, string fileName)
{
byte[] bytesToCompress = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(source));
using (FileStream fileToCompress = File.Create(fileName))
using (GZipStream compressionStream = new GZipStream(fileToCompress, CompressionMode.Compress))
{
compressionStream.Write(bytesToCompress, 0, bytesToCompress.Length);
}
}
public List <HandleTableEntry> Run()
{
List <HandleTableEntry> results = new List <HandleTableEntry>();
// first let's see if it already exists
string filename = "handles_" + _pid.ToString() + ".gz";
FileInfo cachedFile = new FileInfo(_dataProvider.CacheFolder + "\\" + filename);
if (cachedFile.Exists && !_dataProvider.IsLive)
{
HandleEntryMap hem = RetrieveHandleMap(cachedFile);
if (hem != null)
{
_handleEntryMap = hem;
return(_handleEntryMap.HandleRecords);
}
}
try
{
Debug.WriteLine("Handle Table Address: 0x" + _handleTableAddress.ToString("X"));
HandleTable ht = new HandleTable(_profile, _dataProvider, _handleTableAddress);
List <HandleTableEntry> records = EnumerateHandles(ht.TableStartAddress, ht.Level);
foreach (HandleTableEntry e in records)
{
ulong pa = _dataProvider.ActiveAddressSpace.vtop(e.ObjectPointer);
if (pa == 0)
{
continue;
}
results.Add(e);
}
}
catch (Exception)
{
return(null);
}
if (!_dataProvider.IsLive && results.Count > 0)
{
_handleEntryMap = new HandleEntryMap();
_handleEntryMap.HandleRecords = results;
PersistHandleMap(_handleEntryMap, _dataProvider.CacheFolder + "\\" + filename);
}
return(results);
}
