This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Classes | |
| struct | tagHEAPLIST32 |
| struct | tagHEAPENTRY32 |
| struct | tagPROCESSENTRY32W |
| struct | tagPROCESSENTRY32 |
| struct | tagTHREADENTRY32 |
| struct | tagMODULEENTRY32W |
| struct | tagMODULEENTRY32 |
Macros | |
| #define | HF32_DEFAULT 1 |
| #define | HF32_SHARED 2 |
| #define | LF32_FIXED 0x1 |
| #define | LF32_FREE 0x2 |
| #define | LF32_MOVEABLE 0x4 |
| #define | MAX_MODULE_NAME32 255 |
| #define | TH32CS_SNAPHEAPLIST 0x1 |
| #define | TH32CS_SNAPPROCESS 0x2 |
| #define | TH32CS_SNAPTHREAD 0x4 |
| #define | TH32CS_SNAPMODULE 0x8 |
| #define | TH32CS_SNAPALL (TH32CS_SNAPHEAPLIST|TH32CS_SNAPPROCESS|TH32CS_SNAPTHREAD|TH32CS_SNAPMODULE) |
| #define | TH32CS_INHERIT 0x80000000 |
Macro Definition Documentation
◆ HF32_DEFAULT
| #define HF32_DEFAULT 1 |
Definition at line 19 of file tlhelp32.h.
◆ HF32_SHARED
| #define HF32_SHARED 2 |
Definition at line 20 of file tlhelp32.h.
◆ LF32_FIXED
| #define LF32_FIXED 0x1 |
Definition at line 21 of file tlhelp32.h.
◆ LF32_FREE
| #define LF32_FREE 0x2 |
Definition at line 22 of file tlhelp32.h.
◆ LF32_MOVEABLE
| #define LF32_MOVEABLE 0x4 |
Definition at line 23 of file tlhelp32.h.
◆ MAX_MODULE_NAME32
| #define MAX_MODULE_NAME32 255 |
Definition at line 24 of file tlhelp32.h.
◆ TH32CS_INHERIT
| #define TH32CS_INHERIT 0x80000000 |
Definition at line 30 of file tlhelp32.h.
◆ TH32CS_SNAPALL
| #define TH32CS_SNAPALL (TH32CS_SNAPHEAPLIST|TH32CS_SNAPPROCESS|TH32CS_SNAPTHREAD|TH32CS_SNAPMODULE) |
Definition at line 29 of file tlhelp32.h.
◆ TH32CS_SNAPHEAPLIST
| #define TH32CS_SNAPHEAPLIST 0x1 |
Definition at line 25 of file tlhelp32.h.
◆ TH32CS_SNAPMODULE
| #define TH32CS_SNAPMODULE 0x8 |
Definition at line 28 of file tlhelp32.h.
◆ TH32CS_SNAPPROCESS
| #define TH32CS_SNAPPROCESS 0x2 |
Definition at line 26 of file tlhelp32.h.
◆ TH32CS_SNAPTHREAD
| #define TH32CS_SNAPTHREAD 0x4 |
Definition at line 27 of file tlhelp32.h.
Typedef Documentation
◆ HEAPENTRY32
| typedef struct tagHEAPENTRY32 HEAPENTRY32 |
◆ HEAPLIST32
| typedef struct tagHEAPLIST32 HEAPLIST32 |
◆ LPHEAPENTRY32
| typedef struct tagHEAPENTRY32* LPHEAPENTRY32 |
◆ LPHEAPLIST32
| typedef struct tagHEAPLIST32* LPHEAPLIST32 |
◆ LPMODULEENTRY32
| static LPMODULEENTRY32 |
Definition at line 36 of file toolhelp.c.
◆ LPMODULEENTRY32W
| typedef struct tagMODULEENTRY32W* LPMODULEENTRY32W |
◆ LPPROCESSENTRY32
| static LPPROCESSENTRY32 |
Definition at line 38 of file toolhelp.c.
◆ LPPROCESSENTRY32W
| typedef struct tagPROCESSENTRY32W* LPPROCESSENTRY32W |
◆ LPTHREADENTRY32
| static LPTHREADENTRY32 |
Definition at line 40 of file toolhelp.c.
◆ MODULEENTRY32
| typedef struct tagMODULEENTRY32 MODULEENTRY32 |
◆ MODULEENTRY32W
| typedef struct tagMODULEENTRY32W MODULEENTRY32W |
◆ PHEAPENTRY32
| typedef struct tagHEAPENTRY32* PHEAPENTRY32 |
◆ PHEAPLIST32
| typedef struct tagHEAPLIST32* PHEAPLIST32 |
◆ PMODULEENTRY32
| typedef struct tagMODULEENTRY32* PMODULEENTRY32 |
◆ PMODULEENTRY32W
| typedef struct tagMODULEENTRY32W* PMODULEENTRY32W |
◆ PPROCESSENTRY32
| typedef struct tagPROCESSENTRY32* PPROCESSENTRY32 |
◆ PPROCESSENTRY32W
| typedef struct tagPROCESSENTRY32W* PPROCESSENTRY32W |
◆ PROCESSENTRY32
| typedef struct tagPROCESSENTRY32 PROCESSENTRY32 |
◆ PROCESSENTRY32W
| typedef struct tagPROCESSENTRY32W PROCESSENTRY32W |
◆ PTHREADENTRY32
| typedef struct tagTHREADENTRY32* PTHREADENTRY32 |
◆ THREADENTRY32
| typedef struct tagTHREADENTRY32 THREADENTRY32 |
Function Documentation
◆ CreateToolhelp32Snapshot()
Definition at line 1255 of file toolhelp.c.
1256{
1257 PRTL_DEBUG_INFORMATION HeapDebug, ModuleDebug;
1258 PVOID ProcThrdInfo;
1259 SIZE_T ProcThrdInfoSize;
1262
1263 if(th32ProcessID == 0)
1264 {
1265 th32ProcessID = GetCurrentProcessId();
1266 }
1267
1268 /*
1269 * Get all information required for the snapshot
1270 */
1272 th32ProcessID,
1273 &HeapDebug,
1274 &ModuleDebug,
1275 &ProcThrdInfo,
1276 &ProcThrdInfoSize);
1278 {
1281 }
1282
1283 /*
1284 * Create a section handle and initialize the collected information
1285 */
1287 th32ProcessID,
1288 HeapDebug,
1289 ModuleDebug,
1290 ProcThrdInfo,
1291 &hSnapShotSection);
1292
1293 /*
1294 * Free the temporarily allocated memory which is no longer needed
1295 */
1296 TH32FreeAllocatedResources(HeapDebug,
1297 ModuleDebug,
1298 ProcThrdInfo,
1299 ProcThrdInfoSize);
1300
1302 {
1305 }
1306
1307 return hSnapShotSection;
1308}
static NTSTATUS TH32CreateSnapshot(DWORD dwFlags, DWORD th32ProcessID, PRTL_DEBUG_INFORMATION *HeapDebug, PRTL_DEBUG_INFORMATION *ModuleDebug, PVOID *ProcThrdInfo, SIZE_T *ProcThrdInfoSize)
Definition: toolhelp.c:105
static NTSTATUS TH32CreateSnapshotSectionInitialize(DWORD dwFlags, DWORD th32ProcessID, PRTL_DEBUG_INFORMATION HeapDebug, PRTL_DEBUG_INFORMATION ModuleDebug, PVOID ProcThrdInfo, HANDLE *SectionHandle)
Definition: toolhelp.c:208
static VOID TH32FreeAllocatedResources(PRTL_DEBUG_INFORMATION HeapDebug, PRTL_DEBUG_INFORMATION ModuleDebug, PVOID ProcThrdInfo, SIZE_T ProcThrdInfoSize)
Definition: toolhelp.c:81
Definition: nsiface.idl:2307
Definition: rtltypes.h:1181
Referenced by _DoDLLInjection(), enumerate_processes(), fill_process(), GetProcessID(), IntGetImageBase(), IsBlockFromHeap(), PrintBugreport(), and ShutdownProcessTree().
◆ Heap32First()
| BOOL WINAPI Heap32First | ( | LPHEAPENTRY32 | lphe, |
| DWORD | th32ProcessID, | ||
| DWORD | th32HeapID | ||
| ) |
Definition at line 489 of file toolhelp.c.
490{
491 PRTL_DEBUG_INFORMATION DebugInfo;
492 PRTL_HEAP_INFORMATION Heap;
493 PRTLP_HEAP_ENTRY Block, LastBlock;
496
498
499 DebugInfo = RtlCreateQueryDebugBuffer(0,
500 FALSE);
502 {
505 }
506
509 DebugInfo);
510
512 {
514
517 i++)
518 {
520
522 {
524 lphe->dwAddress = 0;
525 lphe->dwBlockSize = 0;
526 lphe->dwFlags = 0;
527 lphe->dwLockCount = 0;
528 lphe->dwResvd = 0;
529 lphe->th32ProcessID = th32ProcessID;
531
533 LastBlock = Block + Heap->NumberOfEntries;
534
536 {
537 lphe->dwResvd++;
539 Block++;
540 }
541
543 {
545
552
554 }
555
556 break;
557 }
558 }
559 }
560
561 RtlDestroyQueryDebugBuffer(DebugInfo);
562
564 {
567 }
568
570}
while(CdLookupNextInitialFileDirent(IrpContext, Fcb, FileContext))
struct _RTLP_HEAP_ENTRY * PRTLP_HEAP_ENTRY
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
NTSYSAPI NTSTATUS NTAPI RtlDestroyQueryDebugBuffer(IN PRTL_DEBUG_INFORMATION DebugBuffer)
NTSYSAPI NTSTATUS NTAPI RtlQueryProcessDebugInformation(_In_ ULONG ProcessId, _In_ ULONG DebugInfoClassMask, _Inout_ PRTL_DEBUG_INFORMATION DebugBuffer)
NTSYSAPI PRTL_DEBUG_INFORMATION NTAPI RtlCreateQueryDebugBuffer(_In_ ULONG Size, _In_ BOOLEAN EventPair)
Definition: dbgbuffer.c:66
Definition: toolhelp.c:26
Definition: rtltypes.h:1110
Definition: tlhelp32.h:37
Referenced by IsBlockFromHeap().
◆ Heap32ListFirst()
| BOOL WINAPI Heap32ListFirst | ( | HANDLE | hSnapshot, |
| LPHEAPLIST32 | lphl | ||
| ) |
Definition at line 669 of file toolhelp.c.
670{
671 PTH32SNAPSHOT Snapshot;
672 LARGE_INTEGER SOffset;
675
677
678 SOffset.QuadPart = 0;
679 ViewSize = 0;
680 Snapshot = NULL;
681
683 NtCurrentProcess(),
684 (PVOID*)&Snapshot,
685 0,
686 0,
687 &SOffset,
688 &ViewSize,
689 ViewShare,
690 0,
691 PAGE_READWRITE);
693 {
694 BOOL Ret;
695
697 {
699 Snapshot->HeapListIndex = 1;
701 Ret = TRUE;
702 }
703 else
704 {
706 Ret = FALSE;
707 }
708
710 return Ret;
711 }
712
715}
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3483
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3257
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:408
Definition: toolhelp.c:59
Definition: tlhelp32.h:31
struct tagHEAPLIST32 * LPHEAPLIST32
Definition: typedefs.h:103
◆ Heap32ListNext()
| BOOL WINAPI Heap32ListNext | ( | HANDLE | hSnapshot, |
| LPHEAPLIST32 | lphl | ||
| ) |
Definition at line 723 of file toolhelp.c.
724{
725 PTH32SNAPSHOT Snapshot;
726 LARGE_INTEGER SOffset;
729
731
732 SOffset.QuadPart = 0;
733 ViewSize = 0;
734 Snapshot = NULL;
735
737 NtCurrentProcess(),
738 (PVOID*)&Snapshot,
739 0,
740 0,
741 &SOffset,
742 &ViewSize,
743 ViewShare,
744 0,
745 PAGE_READWRITE);
747 {
748 BOOL Ret;
749
752 {
755 Ret = TRUE;
756 }
757 else
758 {
760 Ret = FALSE;
761 }
762
764 return Ret;
765 }
766
769}
◆ Heap32Next()
| BOOL WINAPI Heap32Next | ( | LPHEAPENTRY32 | lphe | ) |
Definition at line 578 of file toolhelp.c.
579{
580 PRTL_DEBUG_INFORMATION DebugInfo;
581 PRTL_HEAP_INFORMATION Heap;
582 PRTLP_HEAP_ENTRY Block, LastBlock;
586
588
589 DebugInfo = RtlCreateQueryDebugBuffer(0,
590 FALSE);
592 {
595 }
596
599 DebugInfo);
600
602 {
604
607 i++)
608 {
610
612 {
614 {
615 lphe->dwFlags = 0;
616
619
621 {
622 lphe->dwResvd++;
624 FoundUncommitted = TRUE;
625 Block++;
626 }
627
628 if (Block < LastBlock)
629 {
630 if (!FoundUncommitted)
632
634
641
643 }
644 }
645
646 break;
647 }
648 }
649 }
650
651 RtlDestroyQueryDebugBuffer(DebugInfo);
652
654 {
657 }
658
660
661}
Referenced by IsBlockFromHeap().
◆ Module32First()
| BOOL WINAPI Module32First | ( | HANDLE | hSnapshot, |
| LPMODULEENTRY32 | lpme | ||
| ) |
Definition at line 777 of file toolhelp.c.
778{
779 MODULEENTRY32W me;
780 BOOL Ret;
781
783
785
786 Ret = Module32FirstW(hSnapshot, &me);
787 if(Ret)
788 {
796
798 WideCharToMultiByte(CP_ACP, 0, me.szExePath, -1, lpme->szExePath, sizeof(lpme->szExePath), 0, 0);
799 }
800
801 return Ret;
802}
BOOL WINAPI Module32FirstW(HANDLE hSnapshot, LPMODULEENTRY32W lpme)
Definition: toolhelp.c:810
Definition: tlhelp32.h:81
Definition: tlhelp32.h:93
struct tagMODULEENTRY32W MODULEENTRY32W
Referenced by IntGetImageBase().
◆ Module32FirstW()
| BOOL WINAPI Module32FirstW | ( | HANDLE | hSnapshot, |
| LPMODULEENTRY32W | lpme | ||
| ) |
Definition at line 810 of file toolhelp.c.
811{
812 PTH32SNAPSHOT Snapshot;
813 LARGE_INTEGER SOffset;
816
818
819 SOffset.QuadPart = 0;
820 ViewSize = 0;
821 Snapshot = NULL;
822
824 NtCurrentProcess(),
825 (PVOID*)&Snapshot,
826 0,
827 0,
828 &SOffset,
829 &ViewSize,
830 ViewShare,
831 0,
832 PAGE_READWRITE);
834 {
835 BOOL Ret;
836
838 {
840 Snapshot->ModuleListIndex = 1;
842 Ret = TRUE;
843 }
844 else
845 {
847 Ret = FALSE;
848 }
849
851 return Ret;
852 }
853
856}
struct tagMODULEENTRY32W * LPMODULEENTRY32W
Referenced by Module32First().
◆ Module32Next()
| BOOL WINAPI Module32Next | ( | HANDLE | hSnapshot, |
| LPMODULEENTRY32 | lpme | ||
| ) |
Definition at line 864 of file toolhelp.c.
865{
866 MODULEENTRY32W me;
867 BOOL Ret;
868
870
872
873 Ret = Module32NextW(hSnapshot, &me);
874 if(Ret)
875 {
883
885 WideCharToMultiByte(CP_ACP, 0, me.szExePath, -1, lpme->szExePath, sizeof(lpme->szExePath), 0, 0);
886 }
887
888 return Ret;
889}
BOOL WINAPI Module32NextW(HANDLE hSnapshot, LPMODULEENTRY32W lpme)
Definition: toolhelp.c:897
Referenced by IntGetImageBase().
◆ Module32NextW()
| BOOL WINAPI Module32NextW | ( | HANDLE | hSnapshot, |
| LPMODULEENTRY32W | lpme | ||
| ) |
Definition at line 897 of file toolhelp.c.
898{
899 PTH32SNAPSHOT Snapshot;
900 LARGE_INTEGER SOffset;
903
905
906 SOffset.QuadPart = 0;
907 ViewSize = 0;
908 Snapshot = NULL;
909
911 NtCurrentProcess(),
912 (PVOID*)&Snapshot,
913 0,
914 0,
915 &SOffset,
916 &ViewSize,
917 ViewShare,
918 0,
919 PAGE_READWRITE);
921 {
922 BOOL Ret;
923
926 {
929 Ret = TRUE;
930 }
931 else
932 {
934 Ret = FALSE;
935 }
936
938 return Ret;
939 }
940
943}
Referenced by Module32Next().
◆ Process32First()
| BOOL WINAPI Process32First | ( | HANDLE | hSnapshot, |
| LPPROCESSENTRY32 | lppe | ||
| ) |
Definition at line 951 of file toolhelp.c.
952{
953 PROCESSENTRY32W pe;
954 BOOL Ret;
955
957
959
960 Ret = Process32FirstW(hSnapshot, &pe);
961 if(Ret)
962 {
971
972 WideCharToMultiByte(CP_ACP, 0, pe.szExeFile, -1, lppe->szExeFile, sizeof(lppe->szExeFile), 0, 0);
973 }
974
975 return Ret;
976}
BOOL WINAPI Process32FirstW(HANDLE hSnapshot, LPPROCESSENTRY32W lppe)
Definition: toolhelp.c:984
Definition: tlhelp32.h:48
Definition: tlhelp32.h:60
struct tagPROCESSENTRY32W PROCESSENTRY32W
Referenced by PrintBugreport().
◆ Process32FirstW()
| BOOL WINAPI Process32FirstW | ( | HANDLE | hSnapshot, |
| LPPROCESSENTRY32W | lppe | ||
| ) |
Definition at line 984 of file toolhelp.c.
985{
986 PTH32SNAPSHOT Snapshot;
987 LARGE_INTEGER SOffset;
990
992
993 SOffset.QuadPart = 0;
994 ViewSize = 0;
995 Snapshot = NULL;
996
998 NtCurrentProcess(),
999 (PVOID*)&Snapshot,
1000 0,
1001 0,
1002 &SOffset,
1003 &ViewSize,
1004 ViewShare,
1005 0,
1006 PAGE_READWRITE);
1008 {
1009 BOOL Ret;
1010
1012 {
1013 LPPROCESSENTRY32W Entries = (LPPROCESSENTRY32W)OffsetToPtr(Snapshot, Snapshot->ProcessListOffset);
1014
1015 Snapshot->ProcessListIndex = 1;
1017 Ret = TRUE;
1018 }
1019 else
1020 {
1021
1023 Ret = FALSE;
1024 }
1025
1027 return Ret;
1028 }
1029
1032}
struct tagPROCESSENTRY32W * LPPROCESSENTRY32W
Referenced by _DoDLLInjection(), enumerate_processes(), fill_process(), GetProcessID(), Process32First(), and ShutdownProcessTreeHelper().
◆ Process32Next()
| BOOL WINAPI Process32Next | ( | HANDLE | hSnapshot, |
| LPPROCESSENTRY32 | lppe | ||
| ) |
Definition at line 1040 of file toolhelp.c.
1041{
1042 PROCESSENTRY32W pe;
1043 BOOL Ret;
1044
1046
1048
1049 Ret = Process32NextW(hSnapshot, &pe);
1050 if(Ret)
1051 {
1060
1061 WideCharToMultiByte(CP_ACP, 0, pe.szExeFile, -1, lppe->szExeFile, sizeof(lppe->szExeFile), 0, 0);
1062 }
1063
1064 return Ret;
1065}
BOOL WINAPI Process32NextW(HANDLE hSnapshot, LPPROCESSENTRY32W lppe)
Definition: toolhelp.c:1073
Referenced by PrintBugreport().
◆ Process32NextW()
| BOOL WINAPI Process32NextW | ( | HANDLE | hSnapshot, |
| LPPROCESSENTRY32W | lppe | ||
| ) |
Definition at line 1073 of file toolhelp.c.
1074{
1075 PTH32SNAPSHOT Snapshot;
1076 LARGE_INTEGER SOffset;
1079
1081
1082 SOffset.QuadPart = 0;
1083 ViewSize = 0;
1084 Snapshot = NULL;
1085
1087 NtCurrentProcess(),
1088 (PVOID*)&Snapshot,
1089 0,
1090 0,
1091 &SOffset,
1092 &ViewSize,
1093 ViewShare,
1094 0,
1095 PAGE_READWRITE);
1097 {
1098 BOOL Ret;
1099
1102 {
1103 LPPROCESSENTRY32W Entries = (LPPROCESSENTRY32W)OffsetToPtr(Snapshot, Snapshot->ProcessListOffset);
1105 Ret = TRUE;
1106 }
1107 else
1108 {
1110 Ret = FALSE;
1111 }
1112
1114 return Ret;
1115 }
1116
1119}
Referenced by _DoDLLInjection(), enumerate_processes(), fill_process(), GetProcessID(), Process32Next(), and ShutdownProcessTreeHelper().
◆ Thread32First()
| BOOL WINAPI Thread32First | ( | HANDLE | hSnapshot, |
| LPTHREADENTRY32 | lpte | ||
| ) |
Definition at line 1127 of file toolhelp.c.
1128{
1129 PTH32SNAPSHOT Snapshot;
1130 LARGE_INTEGER SOffset;
1133
1135
1136 SOffset.QuadPart = 0;
1137 ViewSize = 0;
1138 Snapshot = NULL;
1139
1141 NtCurrentProcess(),
1142 (PVOID*)&Snapshot,
1143 0,
1144 0,
1145 &SOffset,
1146 &ViewSize,
1147 ViewShare,
1148 0,
1149 PAGE_READWRITE);
1151 {
1152 BOOL Ret;
1153
1155 {
1157 Snapshot->ThreadListIndex = 1;
1159 Ret = TRUE;
1160 }
1161 else
1162 {
1164 Ret = FALSE;
1165 }
1166
1168 return Ret;
1169 }
1170
1173}
Definition: tlhelp32.h:72
◆ Thread32Next()
| BOOL WINAPI Thread32Next | ( | HANDLE | hSnapshot, |
| LPTHREADENTRY32 | lpte | ||
| ) |
Definition at line 1181 of file toolhelp.c.
1182{
1183 PTH32SNAPSHOT Snapshot;
1184 LARGE_INTEGER SOffset;
1187
1189
1190 SOffset.QuadPart = 0;
1191 ViewSize = 0;
1192 Snapshot = NULL;
1193
1195 NtCurrentProcess(),
1196 (PVOID*)&Snapshot,
1197 0,
1198 0,
1199 &SOffset,
1200 &ViewSize,
1201 ViewShare,
1202 0,
1203 PAGE_READWRITE);
1205 {
1206 BOOL Ret;
1207
1210 {
1213 Ret = TRUE;
1214 }
1215 else
1216 {
1218 Ret = FALSE;
1219 }
1220
1222 return Ret;
1223 }
1224
1227}
◆ Toolhelp32ReadProcessMemory()
| BOOL WINAPI Toolhelp32ReadProcessMemory | ( | DWORD | th32ProcessID, |
| LPCVOID | lpBaseAddress, | ||
| LPVOID | lpBuffer, | ||
| SIZE_T | cbRead, | ||
| SIZE_T * | lpNumberOfBytesRead | ||
| ) |
Definition at line 1235 of file toolhelp.c.
1237{
1240 {
1243 return Ret;
1244 }
1245
1247}
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1227
