/// <summary>
/// Get all process information for the system.
/// </summary>
/// <returns>The list of process information.</returns>
public static IEnumerable <NtProcessInformation> GetProcessInformation()
{
using (var process_info = QueryBuffer <SystemProcessInformation>(SystemInformationClass.SystemProcessInformation))
{
int offset = 0;
while (true)
{
var process_buffer = process_info.GetStructAtOffset <SystemProcessInformation>(offset);
var process_entry = process_buffer.Result;
SystemThreadInformation[] thread_info = new SystemThreadInformation[process_entry.NumberOfThreads];
process_buffer.Data.ReadArray(0, thread_info, 0, thread_info.Length);
yield return(new NtProcessInformation(process_entry, thread_info
.Select(t => new NtThreadInformation(process_entry.UniqueProcessId == IntPtr.Zero ? "Idle"
: process_entry.ImageName.ToString(), t))));
if (process_entry.NextEntryOffset == 0)
{
break;
}
offset += process_entry.NextEntryOffset;
}
}
}
/// <summary>
/// Get all process information for the system.
/// </summary>
/// <returns>The list of process information.</returns>
public static IEnumerable <NtProcessInformation> GetProcessInformation()
{
using (SafeHGlobalBuffer process_info = new SafeHGlobalBuffer(0x10000))
{
AllocateSafeBuffer(process_info, SystemInformationClass.SystemProcessInformation);
int offset = 0;
while (true)
{
var process_buffer = process_info.GetStructAtOffset <SystemProcessInformation>(offset);
var process_entry = process_buffer.Result;
SystemThreadInformation[] thread_info = new SystemThreadInformation[process_entry.NumberOfThreads];
process_buffer.Data.ReadArray(0, thread_info, 0, thread_info.Length);
yield return(new NtProcessInformation(process_entry, thread_info.Select(t => new NtThreadInformation(process_entry.ImageName.ToString(), t))));
if (process_entry.NextEntryOffset == 0)
{
break;
}
offset += process_entry.NextEntryOffset;
}
}
}