ReactOS  0.4.15-dev-1201-gb2cf5a4
Classes | Macros | Typedefs | Functions
tlhelp32.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  tagHEAPLIST32
 
struct  tagHEAPENTRY32
 
struct  tagPROCESSENTRY32W
 
struct  tagPROCESSENTRY32
 
struct  tagTHREADENTRY32
 
struct  tagMODULEENTRY32W
 
struct  tagMODULEENTRY32
 

Macros

#define HF32_DEFAULT   1
 
#define HF32_SHARED   2
 
#define LF32_FIXED   0x1
 
#define LF32_FREE   0x2
 
#define LF32_MOVEABLE   0x4
 
#define MAX_MODULE_NAME32   255
 
#define TH32CS_SNAPHEAPLIST   0x1
 
#define TH32CS_SNAPPROCESS   0x2
 
#define TH32CS_SNAPTHREAD   0x4
 
#define TH32CS_SNAPMODULE   0x8
 
#define TH32CS_SNAPALL   (TH32CS_SNAPHEAPLIST|TH32CS_SNAPPROCESS|TH32CS_SNAPTHREAD|TH32CS_SNAPMODULE)
 
#define TH32CS_INHERIT   0x80000000
 

Typedefs

typedef struct tagHEAPLIST32 HEAPLIST32
 
typedef struct tagHEAPLIST32PHEAPLIST32
 
typedef struct tagHEAPLIST32LPHEAPLIST32
 
typedef struct tagHEAPENTRY32 HEAPENTRY32
 
typedef struct tagHEAPENTRY32PHEAPENTRY32
 
typedef struct tagHEAPENTRY32LPHEAPENTRY32
 
typedef struct tagPROCESSENTRY32W PROCESSENTRY32W
 
typedef struct tagPROCESSENTRY32WPPROCESSENTRY32W
 
typedef struct tagPROCESSENTRY32WLPPROCESSENTRY32W
 
typedef struct tagPROCESSENTRY32 PROCESSENTRY32
 
typedef struct tagPROCESSENTRY32PPROCESSENTRY32
 
typedef struct tagPROCESSENTRY32LPPROCESSENTRY32
 
typedef struct tagTHREADENTRY32 THREADENTRY32
 
typedef struct tagTHREADENTRY32PTHREADENTRY32
 
typedef struct tagTHREADENTRY32LPTHREADENTRY32
 
typedef struct tagMODULEENTRY32W MODULEENTRY32W
 
typedef struct tagMODULEENTRY32WPMODULEENTRY32W
 
typedef struct tagMODULEENTRY32WLPMODULEENTRY32W
 
typedef struct tagMODULEENTRY32 MODULEENTRY32
 
typedef struct tagMODULEENTRY32PMODULEENTRY32
 
typedef struct tagMODULEENTRY32LPMODULEENTRY32
 

Functions

BOOL WINAPI Heap32First (LPHEAPENTRY32, DWORD, DWORD)
 
BOOL WINAPI Heap32ListFirst (HANDLE, LPHEAPLIST32)
 
BOOL WINAPI Heap32ListNext (HANDLE, LPHEAPLIST32)
 
BOOL WINAPI Heap32Next (LPHEAPENTRY32)
 
BOOL WINAPI Module32First (HANDLE, LPMODULEENTRY32)
 
BOOL WINAPI Module32FirstW (HANDLE, LPMODULEENTRY32W)
 
BOOL WINAPI Module32Next (HANDLE, LPMODULEENTRY32)
 
BOOL WINAPI Module32NextW (HANDLE, LPMODULEENTRY32W)
 
BOOL WINAPI Process32First (HANDLE, LPPROCESSENTRY32)
 
BOOL WINAPI Process32FirstW (HANDLE, LPPROCESSENTRY32W)
 
BOOL WINAPI Process32Next (HANDLE, LPPROCESSENTRY32)
 
BOOL WINAPI Process32NextW (HANDLE, LPPROCESSENTRY32W)
 
BOOL WINAPI Thread32First (HANDLE, LPTHREADENTRY32)
 
BOOL WINAPI Thread32Next (HANDLE, LPTHREADENTRY32)
 
BOOL WINAPI Toolhelp32ReadProcessMemory (DWORD, LPCVOID, LPVOID, SIZE_T, SIZE_T *)
 
HANDLE WINAPI CreateToolhelp32Snapshot (DWORD, DWORD)
 

Macro Definition Documentation

◆ HF32_DEFAULT

#define HF32_DEFAULT   1

Definition at line 19 of file tlhelp32.h.

◆ HF32_SHARED

#define HF32_SHARED   2

Definition at line 20 of file tlhelp32.h.

◆ LF32_FIXED

#define LF32_FIXED   0x1

Definition at line 21 of file tlhelp32.h.

◆ LF32_FREE

#define LF32_FREE   0x2

Definition at line 22 of file tlhelp32.h.

◆ LF32_MOVEABLE

#define LF32_MOVEABLE   0x4

Definition at line 23 of file tlhelp32.h.

◆ MAX_MODULE_NAME32

#define MAX_MODULE_NAME32   255

Definition at line 24 of file tlhelp32.h.

◆ TH32CS_INHERIT

#define TH32CS_INHERIT   0x80000000

Definition at line 30 of file tlhelp32.h.

◆ TH32CS_SNAPALL

#define TH32CS_SNAPALL   (TH32CS_SNAPHEAPLIST|TH32CS_SNAPPROCESS|TH32CS_SNAPTHREAD|TH32CS_SNAPMODULE)

Definition at line 29 of file tlhelp32.h.

◆ TH32CS_SNAPHEAPLIST

#define TH32CS_SNAPHEAPLIST   0x1

Definition at line 25 of file tlhelp32.h.

◆ TH32CS_SNAPMODULE

#define TH32CS_SNAPMODULE   0x8

Definition at line 28 of file tlhelp32.h.

◆ TH32CS_SNAPPROCESS

#define TH32CS_SNAPPROCESS   0x2

Definition at line 26 of file tlhelp32.h.

◆ TH32CS_SNAPTHREAD

#define TH32CS_SNAPTHREAD   0x4

Definition at line 27 of file tlhelp32.h.

Typedef Documentation

◆ HEAPENTRY32

typedef struct tagHEAPENTRY32 HEAPENTRY32

◆ HEAPLIST32

typedef struct tagHEAPLIST32 HEAPLIST32

◆ LPHEAPENTRY32

typedef struct tagHEAPENTRY32* LPHEAPENTRY32

◆ LPHEAPLIST32

typedef struct tagHEAPLIST32* LPHEAPLIST32

◆ LPMODULEENTRY32

static LPMODULEENTRY32

Definition at line 36 of file toolhelp.c.

◆ LPMODULEENTRY32W

typedef struct tagMODULEENTRY32W* LPMODULEENTRY32W

◆ LPPROCESSENTRY32

static LPPROCESSENTRY32

Definition at line 38 of file toolhelp.c.

◆ LPPROCESSENTRY32W

typedef struct tagPROCESSENTRY32W* LPPROCESSENTRY32W

◆ LPTHREADENTRY32

static LPTHREADENTRY32

Definition at line 40 of file toolhelp.c.

◆ MODULEENTRY32

typedef struct tagMODULEENTRY32 MODULEENTRY32

◆ MODULEENTRY32W

typedef struct tagMODULEENTRY32W MODULEENTRY32W

◆ PHEAPENTRY32

typedef struct tagHEAPENTRY32* PHEAPENTRY32

◆ PHEAPLIST32

typedef struct tagHEAPLIST32* PHEAPLIST32

◆ PMODULEENTRY32

typedef struct tagMODULEENTRY32* PMODULEENTRY32

◆ PMODULEENTRY32W

typedef struct tagMODULEENTRY32W* PMODULEENTRY32W

◆ PPROCESSENTRY32

typedef struct tagPROCESSENTRY32* PPROCESSENTRY32

◆ PPROCESSENTRY32W

typedef struct tagPROCESSENTRY32W* PPROCESSENTRY32W

◆ PROCESSENTRY32

typedef struct tagPROCESSENTRY32 PROCESSENTRY32

◆ PROCESSENTRY32W

typedef struct tagPROCESSENTRY32W PROCESSENTRY32W

◆ PTHREADENTRY32

typedef struct tagTHREADENTRY32* PTHREADENTRY32

◆ THREADENTRY32

typedef struct tagTHREADENTRY32 THREADENTRY32

Function Documentation

◆ CreateToolhelp32Snapshot()

HANDLE WINAPI CreateToolhelp32Snapshot ( DWORD  ,
DWORD   
)

Definition at line 1255 of file toolhelp.c.

1256 {
1257  PRTL_DEBUG_INFORMATION HeapDebug, ModuleDebug;
1258  PVOID ProcThrdInfo;
1259  SIZE_T ProcThrdInfoSize;
1260  NTSTATUS Status;
1261  HANDLE hSnapShotSection = NULL;
1262 
1263  if(th32ProcessID == 0)
1264  {
1265  th32ProcessID = GetCurrentProcessId();
1266  }
1267 
1268  /*
1269  * Get all information required for the snapshot
1270  */
1271  Status = TH32CreateSnapshot(dwFlags,
1272  th32ProcessID,
1273  &HeapDebug,
1274  &ModuleDebug,
1275  &ProcThrdInfo,
1276  &ProcThrdInfoSize);
1277  if(!NT_SUCCESS(Status))
1278  {
1279  BaseSetLastNTError(Status);
1280  return NULL;
1281  }
1282 
1283  /*
1284  * Create a section handle and initialize the collected information
1285  */
1286  Status = TH32CreateSnapshotSectionInitialize(dwFlags,
1287  th32ProcessID,
1288  HeapDebug,
1289  ModuleDebug,
1290  ProcThrdInfo,
1291  &hSnapShotSection);
1292 
1293  /*
1294  * Free the temporarily allocated memory which is no longer needed
1295  */
1296  TH32FreeAllocatedResources(HeapDebug,
1297  ModuleDebug,
1298  ProcThrdInfo,
1299  ProcThrdInfoSize);
1300 
1301  if(!NT_SUCCESS(Status))
1302  {
1303  BaseSetLastNTError(Status);
1304  return NULL;
1305  }
1306 
1307  return hSnapShotSection;
1308 }
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
TH32FreeAllocatedResources
static VOID TH32FreeAllocatedResources(PRTL_DEBUG_INFORMATION HeapDebug, PRTL_DEBUG_INFORMATION ModuleDebug, PVOID ProcThrdInfo, SIZE_T ProcThrdInfoSize)
Definition: toolhelp.c:81
_RTL_DEBUG_INFORMATION
Definition: rtltypes.h:1184
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
Status
Status
Definition: gdiplustypes.h:24
dwFlags
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1175
TH32CreateSnapshotSectionInitialize
static NTSTATUS TH32CreateSnapshotSectionInitialize(DWORD dwFlags, DWORD th32ProcessID, PRTL_DEBUG_INFORMATION HeapDebug, PRTL_DEBUG_INFORMATION ModuleDebug, PVOID ProcThrdInfo, HANDLE *SectionHandle)
Definition: toolhelp.c:208
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
TH32CreateSnapshot
static NTSTATUS TH32CreateSnapshot(DWORD dwFlags, DWORD th32ProcessID, PRTL_DEBUG_INFORMATION *HeapDebug, PRTL_DEBUG_INFORMATION *ModuleDebug, PVOID *ProcThrdInfo, SIZE_T *ProcThrdInfoSize)
Definition: toolhelp.c:105
GetCurrentProcessId
DWORD WINAPI GetCurrentProcessId(VOID)
Definition: proc.c:1158

Referenced by _DoDLLInjection(), fill_process(), GetProcessID(), IntGetImageBase(), IsBlockFromHeap(), PrintBugreport(), and ShutdownProcessTree().

◆ Heap32First()

BOOL WINAPI Heap32First ( LPHEAPENTRY32  ,
DWORD  ,
DWORD   
)

Definition at line 489 of file toolhelp.c.

490 {
491  PRTL_DEBUG_INFORMATION DebugInfo;
492  PRTL_HEAP_INFORMATION Heap;
493  PRTLP_HEAP_ENTRY Block, LastBlock;
494  ULONG i;
495  NTSTATUS Status;
496 
497  CHECK_PARAM_SIZE(lphe, sizeof(HEAPENTRY32));
498 
499  DebugInfo = RtlCreateQueryDebugBuffer(0,
500  FALSE);
501  if (DebugInfo == NULL)
502  {
503  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
504  return FALSE;
505  }
506 
507  Status = RtlQueryProcessDebugInformation(th32ProcessID,
508  RTL_DEBUG_QUERY_HEAPS | RTL_DEBUG_QUERY_HEAP_BLOCKS,
509  DebugInfo);
510 
511  if (NT_SUCCESS(Status))
512  {
513  Status = STATUS_NO_MORE_FILES;
514 
515  for (i = 0;
516  i != DebugInfo->Heaps->NumberOfHeaps;
517  i++)
518  {
519  Heap = &DebugInfo->Heaps->Heaps[i];
520 
521  if ((ULONG_PTR)Heap->BaseAddress == th32HeapID)
522  {
523  lphe->hHandle = (HANDLE)Heap->BaseAddress;
524  lphe->dwAddress = 0;
525  lphe->dwBlockSize = 0;
526  lphe->dwFlags = 0;
527  lphe->dwLockCount = 0;
528  lphe->dwResvd = 0;
529  lphe->th32ProcessID = th32ProcessID;
530  lphe->th32HeapID = (ULONG_PTR)Heap->BaseAddress;
531 
532  Block = (PRTLP_HEAP_ENTRY)Heap->Entries;
533  LastBlock = Block + Heap->NumberOfEntries;
534 
535  while (Block != LastBlock && (Block->Flags & PROCESS_HEAP_UNCOMMITTED_RANGE))
536  {
537  lphe->dwResvd++;
538  lphe->dwAddress = (ULONG_PTR)((ULONG_PTR)Block->Address + Heap->EntryOverhead);
539  Block++;
540  }
541 
542  if (Block != LastBlock && lphe->dwResvd != 0)
543  {
544  lphe->dwBlockSize = Block->Size;
545 
546  if (Block->Flags & 0x2F1) /* FIXME */
547  lphe->dwFlags = LF32_FIXED;
548  else if (Block->Flags & 0x20) /* FIXME */
549  lphe->dwFlags = LF32_MOVEABLE;
550  else if (Block->Flags & 0x100) /* FIXME */
551  lphe->dwFlags = LF32_FREE;
552 
553  Status = STATUS_SUCCESS;
554  }
555 
556  break;
557  }
558  }
559  }
560 
561  RtlDestroyQueryDebugBuffer(DebugInfo);
562 
563  if (!NT_SUCCESS(Status))
564  {
565  BaseSetLastNTError(Status);
566  return FALSE;
567  }
568 
569  return TRUE;
570 }
PROCESS_HEAP_UNCOMMITTED_RANGE
#define PROCESS_HEAP_UNCOMMITTED_RANGE
Definition: winbase.h:332
TRUE
#define TRUE
Definition: types.h:120
RTL_DEBUG_QUERY_HEAP_BLOCKS
#define RTL_DEBUG_QUERY_HEAP_BLOCKS
Definition: rtltypes.h:368
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
_RTL_HEAP_INFORMATION::NumberOfEntries
ULONG NumberOfEntries
Definition: rtltypes.h:1122
RtlCreateQueryDebugBuffer
NTSYSAPI PRTL_DEBUG_INFORMATION NTAPI RtlCreateQueryDebugBuffer(_In_ ULONG Size, _In_ BOOLEAN EventPair)
Definition: dbgbuffer.c:66
_RTL_DEBUG_INFORMATION
Definition: rtltypes.h:1184
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
while
while(1)
Definition: macro.lex.yy.c:740
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
FALSE
#define FALSE
Definition: types.h:117
LF32_MOVEABLE
#define LF32_MOVEABLE
Definition: tlhelp32.h:23
RTL_DEBUG_QUERY_HEAPS
#define RTL_DEBUG_QUERY_HEAPS
Definition: rtltypes.h:366
_RTL_HEAP_INFORMATION::Entries
PRTL_HEAP_ENTRY Entries
Definition: rtltypes.h:1127
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
_RTLP_HEAP_ENTRY
Definition: toolhelp.c:25
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
STATUS_NO_MORE_FILES
#define STATUS_NO_MORE_FILES
Definition: udferr_usr.h:128
PRTLP_HEAP_ENTRY
struct _RTLP_HEAP_ENTRY * PRTLP_HEAP_ENTRY
HANDLE
static HANDLE(WINAPI *pCreateToolhelp32Snapshot)(DWORD
SetLastError
#define SetLastError(x)
Definition: compat.h:611
LF32_FIXED
#define LF32_FIXED
Definition: tlhelp32.h:21
RtlDestroyQueryDebugBuffer
NTSYSAPI NTSTATUS NTAPI RtlDestroyQueryDebugBuffer(IN PRTL_DEBUG_INFORMATION DebugBuffer)
Status
Status
Definition: gdiplustypes.h:24
_RTL_HEAP_INFORMATION::BaseAddress
PVOID BaseAddress
Definition: rtltypes.h:1115
_RTL_HEAP_INFORMATION::EntryOverhead
USHORT EntryOverhead
Definition: rtltypes.h:1117
_RTL_PROCESS_HEAPS::NumberOfHeaps
ULONG NumberOfHeaps
Definition: rtltypes.h:1132
_RTLP_HEAP_ENTRY::Size
ULONG Size
Definition: toolhelp.c:27
RtlQueryProcessDebugInformation
NTSYSAPI NTSTATUS NTAPI RtlQueryProcessDebugInformation(_In_ ULONG ProcessId, _In_ ULONG DebugInfoClassMask, _Inout_ PRTL_DEBUG_INFORMATION DebugBuffer)
LF32_FREE
#define LF32_FREE
Definition: tlhelp32.h:22
_RTL_DEBUG_INFORMATION::Heaps
PRTL_PROCESS_HEAPS Heaps
Definition: rtltypes.h:1204
_RTLP_HEAP_ENTRY::Flags
USHORT Flags
Definition: toolhelp.c:28
_RTLP_HEAP_ENTRY::Address
PVOID Address
Definition: toolhelp.c:31
ULONG
unsigned int ULONG
Definition: retypes.h:1
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
_RTL_PROCESS_HEAPS::Heaps
RTL_HEAP_INFORMATION Heaps[1]
Definition: rtltypes.h:1133
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
_RTL_HEAP_INFORMATION
Definition: rtltypes.h:1113

Referenced by IsBlockFromHeap().

◆ Heap32ListFirst()

BOOL WINAPI Heap32ListFirst ( HANDLE  ,
LPHEAPLIST32   
)

Definition at line 669 of file toolhelp.c.

670 {
671  PTH32SNAPSHOT Snapshot;
672  LARGE_INTEGER SOffset;
673  SIZE_T ViewSize;
674  NTSTATUS Status;
675 
676  CHECK_PARAM_SIZE(lphl, sizeof(HEAPLIST32));
677 
678  SOffset.QuadPart = 0;
679  ViewSize = 0;
680  Snapshot = NULL;
681 
682  Status = NtMapViewOfSection(hSnapshot,
683  NtCurrentProcess(),
684  (PVOID*)&Snapshot,
685  0,
686  0,
687  &SOffset,
688  &ViewSize,
689  ViewShare,
690  0,
691  PAGE_READWRITE);
692  if(NT_SUCCESS(Status))
693  {
694  BOOL Ret;
695 
696  if(Snapshot->HeapListCount > 0)
697  {
698  LPHEAPLIST32 Entries = (LPHEAPLIST32)OffsetToPtr(Snapshot, Snapshot->HeapListOffset);
699  Snapshot->HeapListIndex = 1;
700  RtlCopyMemory(lphl, &Entries[0], sizeof(HEAPLIST32));
701  Ret = TRUE;
702  }
703  else
704  {
705  SetLastError(ERROR_NO_MORE_FILES);
706  Ret = FALSE;
707  }
708 
709  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
710  return Ret;
711  }
712 
713  BaseSetLastNTError(Status);
714  return FALSE;
715 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
LPHEAPLIST32
struct tagHEAPLIST32 * LPHEAPLIST32
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::HeapListIndex
ULONG HeapListIndex
Definition: toolhelp.c:62
_TH32SNAPSHOT
Definition: toolhelp.c:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_TH32SNAPSHOT::HeapListCount
ULONG HeapListCount
Definition: toolhelp.c:61
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_TH32SNAPSHOT::HeapListOffset
ULONG_PTR HeapListOffset
Definition: toolhelp.c:63
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

◆ Heap32ListNext()

BOOL WINAPI Heap32ListNext ( HANDLE  ,
LPHEAPLIST32   
)

Definition at line 723 of file toolhelp.c.

724 {
725  PTH32SNAPSHOT Snapshot;
726  LARGE_INTEGER SOffset;
727  SIZE_T ViewSize;
728  NTSTATUS Status;
729 
730  CHECK_PARAM_SIZE(lphl, sizeof(HEAPLIST32));
731 
732  SOffset.QuadPart = 0;
733  ViewSize = 0;
734  Snapshot = NULL;
735 
736  Status = NtMapViewOfSection(hSnapshot,
737  NtCurrentProcess(),
738  (PVOID*)&Snapshot,
739  0,
740  0,
741  &SOffset,
742  &ViewSize,
743  ViewShare,
744  0,
745  PAGE_READWRITE);
746  if(NT_SUCCESS(Status))
747  {
748  BOOL Ret;
749 
750  if(Snapshot->HeapListCount > 0 &&
751  Snapshot->HeapListIndex < Snapshot->HeapListCount)
752  {
753  LPHEAPLIST32 Entries = (LPHEAPLIST32)OffsetToPtr(Snapshot, Snapshot->HeapListOffset);
754  RtlCopyMemory(lphl, &Entries[Snapshot->HeapListIndex++], sizeof(HEAPLIST32));
755  Ret = TRUE;
756  }
757  else
758  {
759  SetLastError(ERROR_NO_MORE_FILES);
760  Ret = FALSE;
761  }
762 
763  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
764  return Ret;
765  }
766 
767  BaseSetLastNTError(Status);
768  return FALSE;
769 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
LPHEAPLIST32
struct tagHEAPLIST32 * LPHEAPLIST32
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::HeapListIndex
ULONG HeapListIndex
Definition: toolhelp.c:62
_TH32SNAPSHOT
Definition: toolhelp.c:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_TH32SNAPSHOT::HeapListCount
ULONG HeapListCount
Definition: toolhelp.c:61
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_TH32SNAPSHOT::HeapListOffset
ULONG_PTR HeapListOffset
Definition: toolhelp.c:63
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

◆ Heap32Next()

BOOL WINAPI Heap32Next ( LPHEAPENTRY32  )

Definition at line 578 of file toolhelp.c.

579 {
580  PRTL_DEBUG_INFORMATION DebugInfo;
581  PRTL_HEAP_INFORMATION Heap;
582  PRTLP_HEAP_ENTRY Block, LastBlock;
583  BOOLEAN FoundUncommitted = FALSE;
584  ULONG i;
585  NTSTATUS Status;
586 
587  CHECK_PARAM_SIZE(lphe, sizeof(HEAPENTRY32));
588 
589  DebugInfo = RtlCreateQueryDebugBuffer(0,
590  FALSE);
591  if (DebugInfo == NULL)
592  {
593  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
594  return FALSE;
595  }
596 
597  Status = RtlQueryProcessDebugInformation(lphe->th32ProcessID,
598  RTL_DEBUG_QUERY_HEAPS | RTL_DEBUG_QUERY_HEAP_BLOCKS,
599  DebugInfo);
600 
601  if (NT_SUCCESS(Status))
602  {
603  Status = STATUS_NO_MORE_FILES;
604 
605  for (i = 0;
606  i != DebugInfo->Heaps->NumberOfHeaps;
607  i++)
608  {
609  Heap = &DebugInfo->Heaps->Heaps[i];
610 
611  if ((ULONG_PTR)Heap->BaseAddress == lphe->th32HeapID)
612  {
613  if (++lphe->dwResvd < Heap->NumberOfEntries)
614  {
615  lphe->dwFlags = 0;
616 
617  Block = (PRTLP_HEAP_ENTRY)Heap->Entries + lphe->dwResvd;
618  LastBlock = (PRTLP_HEAP_ENTRY)Heap->Entries + Heap->NumberOfEntries;
619 
620  while (Block < LastBlock && (Block->Flags & PROCESS_HEAP_UNCOMMITTED_RANGE))
621  {
622  lphe->dwResvd++;
623  lphe->dwAddress = (ULONG_PTR)((ULONG_PTR)Block->Address + Heap->EntryOverhead);
624  FoundUncommitted = TRUE;
625  Block++;
626  }
627 
628  if (Block < LastBlock)
629  {
630  if (!FoundUncommitted)
631  lphe->dwAddress += lphe->dwBlockSize;
632 
633  lphe->dwBlockSize = Block->Size;
634 
635  if (Block->Flags & 0x2F1) /* FIXME */
636  lphe->dwFlags = LF32_FIXED;
637  else if (Block->Flags & 0x20) /* FIXME */
638  lphe->dwFlags = LF32_MOVEABLE;
639  else if (Block->Flags & 0x100) /* FIXME */
640  lphe->dwFlags = LF32_FREE;
641 
642  Status = STATUS_SUCCESS;
643  }
644  }
645 
646  break;
647  }
648  }
649  }
650 
651  RtlDestroyQueryDebugBuffer(DebugInfo);
652 
653  if (!NT_SUCCESS(Status))
654  {
655  BaseSetLastNTError(Status);
656  return FALSE;
657  }
658 
659  return TRUE;
660 
661 }
PROCESS_HEAP_UNCOMMITTED_RANGE
#define PROCESS_HEAP_UNCOMMITTED_RANGE
Definition: winbase.h:332
TRUE
#define TRUE
Definition: types.h:120
RTL_DEBUG_QUERY_HEAP_BLOCKS
#define RTL_DEBUG_QUERY_HEAP_BLOCKS
Definition: rtltypes.h:368
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
_RTL_HEAP_INFORMATION::NumberOfEntries
ULONG NumberOfEntries
Definition: rtltypes.h:1122
RtlCreateQueryDebugBuffer
NTSYSAPI PRTL_DEBUG_INFORMATION NTAPI RtlCreateQueryDebugBuffer(_In_ ULONG Size, _In_ BOOLEAN EventPair)
Definition: dbgbuffer.c:66
_RTL_DEBUG_INFORMATION
Definition: rtltypes.h:1184
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
FALSE
#define FALSE
Definition: types.h:117
LF32_MOVEABLE
#define LF32_MOVEABLE
Definition: tlhelp32.h:23
RTL_DEBUG_QUERY_HEAPS
#define RTL_DEBUG_QUERY_HEAPS
Definition: rtltypes.h:366
_RTL_HEAP_INFORMATION::Entries
PRTL_HEAP_ENTRY Entries
Definition: rtltypes.h:1127
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
_RTLP_HEAP_ENTRY
Definition: toolhelp.c:25
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
STATUS_NO_MORE_FILES
#define STATUS_NO_MORE_FILES
Definition: udferr_usr.h:128
PRTLP_HEAP_ENTRY
struct _RTLP_HEAP_ENTRY * PRTLP_HEAP_ENTRY
SetLastError
#define SetLastError(x)
Definition: compat.h:611
LF32_FIXED
#define LF32_FIXED
Definition: tlhelp32.h:21
RtlDestroyQueryDebugBuffer
NTSYSAPI NTSTATUS NTAPI RtlDestroyQueryDebugBuffer(IN PRTL_DEBUG_INFORMATION DebugBuffer)
Status
Status
Definition: gdiplustypes.h:24
_RTL_HEAP_INFORMATION::BaseAddress
PVOID BaseAddress
Definition: rtltypes.h:1115
_RTL_HEAP_INFORMATION::EntryOverhead
USHORT EntryOverhead
Definition: rtltypes.h:1117
_RTL_PROCESS_HEAPS::NumberOfHeaps
ULONG NumberOfHeaps
Definition: rtltypes.h:1132
_RTLP_HEAP_ENTRY::Size
ULONG Size
Definition: toolhelp.c:27
RtlQueryProcessDebugInformation
NTSYSAPI NTSTATUS NTAPI RtlQueryProcessDebugInformation(_In_ ULONG ProcessId, _In_ ULONG DebugInfoClassMask, _Inout_ PRTL_DEBUG_INFORMATION DebugBuffer)
LF32_FREE
#define LF32_FREE
Definition: tlhelp32.h:22
_RTL_DEBUG_INFORMATION::Heaps
PRTL_PROCESS_HEAPS Heaps
Definition: rtltypes.h:1204
_RTLP_HEAP_ENTRY::Flags
USHORT Flags
Definition: toolhelp.c:28
_RTLP_HEAP_ENTRY::Address
PVOID Address
Definition: toolhelp.c:31
ULONG
unsigned int ULONG
Definition: retypes.h:1
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
_RTL_PROCESS_HEAPS::Heaps
RTL_HEAP_INFORMATION Heaps[1]
Definition: rtltypes.h:1133
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
STATUS_SUCCESS
return STATUS_SUCCESS
Definition: btrfs.c:3014
_RTL_HEAP_INFORMATION
Definition: rtltypes.h:1113

Referenced by IsBlockFromHeap().

◆ Module32First()

BOOL WINAPI Module32First ( HANDLE  ,
LPMODULEENTRY32   
)

Definition at line 777 of file toolhelp.c.

778 {
779  MODULEENTRY32W me;
780  BOOL Ret;
781 
782  CHECK_PARAM_SIZEA(lpme, sizeof(MODULEENTRY32));
783 
784  me.dwSize = sizeof(MODULEENTRY32W);
785 
786  Ret = Module32FirstW(hSnapshot, &me);
787  if(Ret)
788  {
789  lpme->th32ModuleID = me.th32ModuleID;
790  lpme->th32ProcessID = me.th32ProcessID;
791  lpme->GlblcntUsage = me.GlblcntUsage;
792  lpme->ProccntUsage = me.ProccntUsage;
793  lpme->modBaseAddr = me.modBaseAddr;
794  lpme->modBaseSize = me.modBaseSize;
795  lpme->hModule = me.hModule;
796 
797  WideCharToMultiByte(CP_ACP, 0, me.szModule, -1, lpme->szModule, sizeof(lpme->szModule), 0, 0);
798  WideCharToMultiByte(CP_ACP, 0, me.szExePath, -1, lpme->szExePath, sizeof(lpme->szExePath), 0, 0);
799  }
800 
801  return Ret;
802 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
CP_ACP
#define CP_ACP
Definition: compat.h:109
tagMODULEENTRY32W::hModule
HMODULE hModule
Definition: tlhelp32.h:89
tagMODULEENTRY32W::modBaseSize
DWORD modBaseSize
Definition: tlhelp32.h:88
tagMODULEENTRY32W::th32ProcessID
DWORD th32ProcessID
Definition: tlhelp32.h:84
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
tagMODULEENTRY32W::modBaseAddr
BYTE * modBaseAddr
Definition: tlhelp32.h:87
tagMODULEENTRY32W::GlblcntUsage
DWORD GlblcntUsage
Definition: tlhelp32.h:85
tagMODULEENTRY32W::ProccntUsage
DWORD ProccntUsage
Definition: tlhelp32.h:86
tagMODULEENTRY32W::th32ModuleID
DWORD th32ModuleID
Definition: tlhelp32.h:83
Module32FirstW
BOOL WINAPI Module32FirstW(HANDLE hSnapshot, LPMODULEENTRY32W lpme)
Definition: toolhelp.c:810
tagMODULEENTRY32W::szModule
WCHAR szModule[MAX_MODULE_NAME32+1]
Definition: tlhelp32.h:90
MODULEENTRY32W
struct tagMODULEENTRY32W MODULEENTRY32W
tagMODULEENTRY32W::szExePath
WCHAR szExePath[MAX_PATH]
Definition: tlhelp32.h:91
CHECK_PARAM_SIZEA
#define CHECK_PARAM_SIZEA(ptr, siz)
Definition: toolhelp.c:48

Referenced by IntGetImageBase().

◆ Module32FirstW()

BOOL WINAPI Module32FirstW ( HANDLE  ,
LPMODULEENTRY32W   
)

Definition at line 810 of file toolhelp.c.

811 {
812  PTH32SNAPSHOT Snapshot;
813  LARGE_INTEGER SOffset;
814  SIZE_T ViewSize;
815  NTSTATUS Status;
816 
817  CHECK_PARAM_SIZE(lpme, sizeof(MODULEENTRY32W));
818 
819  SOffset.QuadPart = 0;
820  ViewSize = 0;
821  Snapshot = NULL;
822 
823  Status = NtMapViewOfSection(hSnapshot,
824  NtCurrentProcess(),
825  (PVOID*)&Snapshot,
826  0,
827  0,
828  &SOffset,
829  &ViewSize,
830  ViewShare,
831  0,
832  PAGE_READWRITE);
833  if(NT_SUCCESS(Status))
834  {
835  BOOL Ret;
836 
837  if(Snapshot->ModuleListCount > 0)
838  {
839  LPMODULEENTRY32W Entries = (LPMODULEENTRY32W)OffsetToPtr(Snapshot, Snapshot->ModuleListOffset);
840  Snapshot->ModuleListIndex = 1;
841  RtlCopyMemory(lpme, &Entries[0], sizeof(MODULEENTRY32W));
842  Ret = TRUE;
843  }
844  else
845  {
846  SetLastError(ERROR_NO_MORE_FILES);
847  Ret = FALSE;
848  }
849 
850  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
851  return Ret;
852  }
853 
854  BaseSetLastNTError(Status);
855  return FALSE;
856 }
LPMODULEENTRY32W
struct tagMODULEENTRY32W * LPMODULEENTRY32W
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::ModuleListCount
ULONG ModuleListCount
Definition: toolhelp.c:65
_TH32SNAPSHOT::ModuleListOffset
ULONG_PTR ModuleListOffset
Definition: toolhelp.c:67
_TH32SNAPSHOT
Definition: toolhelp.c:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_TH32SNAPSHOT::ModuleListIndex
ULONG ModuleListIndex
Definition: toolhelp.c:66
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by Module32First().

◆ Module32Next()

BOOL WINAPI Module32Next ( HANDLE  ,
LPMODULEENTRY32   
)

Definition at line 864 of file toolhelp.c.

865 {
866  MODULEENTRY32W me;
867  BOOL Ret;
868 
869  CHECK_PARAM_SIZEA(lpme, sizeof(MODULEENTRY32));
870 
871  me.dwSize = sizeof(MODULEENTRY32W);
872 
873  Ret = Module32NextW(hSnapshot, &me);
874  if(Ret)
875  {
876  lpme->th32ModuleID = me.th32ModuleID;
877  lpme->th32ProcessID = me.th32ProcessID;
878  lpme->GlblcntUsage = me.GlblcntUsage;
879  lpme->ProccntUsage = me.ProccntUsage;
880  lpme->modBaseAddr = me.modBaseAddr;
881  lpme->modBaseSize = me.modBaseSize;
882  lpme->hModule = me.hModule;
883 
884  WideCharToMultiByte(CP_ACP, 0, me.szModule, -1, lpme->szModule, sizeof(lpme->szModule), 0, 0);
885  WideCharToMultiByte(CP_ACP, 0, me.szExePath, -1, lpme->szExePath, sizeof(lpme->szExePath), 0, 0);
886  }
887 
888  return Ret;
889 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
CP_ACP
#define CP_ACP
Definition: compat.h:109
tagMODULEENTRY32W::hModule
HMODULE hModule
Definition: tlhelp32.h:89
tagMODULEENTRY32W::modBaseSize
DWORD modBaseSize
Definition: tlhelp32.h:88
tagMODULEENTRY32W::th32ProcessID
DWORD th32ProcessID
Definition: tlhelp32.h:84
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
tagMODULEENTRY32W::modBaseAddr
BYTE * modBaseAddr
Definition: tlhelp32.h:87
tagMODULEENTRY32W::GlblcntUsage
DWORD GlblcntUsage
Definition: tlhelp32.h:85
tagMODULEENTRY32W::ProccntUsage
DWORD ProccntUsage
Definition: tlhelp32.h:86
tagMODULEENTRY32W::th32ModuleID
DWORD th32ModuleID
Definition: tlhelp32.h:83
Module32NextW
BOOL WINAPI Module32NextW(HANDLE hSnapshot, LPMODULEENTRY32W lpme)
Definition: toolhelp.c:897
tagMODULEENTRY32W::szModule
WCHAR szModule[MAX_MODULE_NAME32+1]
Definition: tlhelp32.h:90
MODULEENTRY32W
struct tagMODULEENTRY32W MODULEENTRY32W
tagMODULEENTRY32W::szExePath
WCHAR szExePath[MAX_PATH]
Definition: tlhelp32.h:91
CHECK_PARAM_SIZEA
#define CHECK_PARAM_SIZEA(ptr, siz)
Definition: toolhelp.c:48

Referenced by IntGetImageBase().

◆ Module32NextW()

BOOL WINAPI Module32NextW ( HANDLE  ,
LPMODULEENTRY32W   
)

Definition at line 897 of file toolhelp.c.

898 {
899  PTH32SNAPSHOT Snapshot;
900  LARGE_INTEGER SOffset;
901  SIZE_T ViewSize;
902  NTSTATUS Status;
903 
904  CHECK_PARAM_SIZE(lpme, sizeof(MODULEENTRY32W));
905 
906  SOffset.QuadPart = 0;
907  ViewSize = 0;
908  Snapshot = NULL;
909 
910  Status = NtMapViewOfSection(hSnapshot,
911  NtCurrentProcess(),
912  (PVOID*)&Snapshot,
913  0,
914  0,
915  &SOffset,
916  &ViewSize,
917  ViewShare,
918  0,
919  PAGE_READWRITE);
920  if(NT_SUCCESS(Status))
921  {
922  BOOL Ret;
923 
924  if((Snapshot->ModuleListCount > 0) &&
925  (Snapshot->ModuleListIndex < Snapshot->ModuleListCount))
926  {
927  LPMODULEENTRY32W Entries = (LPMODULEENTRY32W)OffsetToPtr(Snapshot, Snapshot->ModuleListOffset);
928  RtlCopyMemory(lpme, &Entries[Snapshot->ModuleListIndex++], sizeof(MODULEENTRY32W));
929  Ret = TRUE;
930  }
931  else
932  {
933  SetLastError(ERROR_NO_MORE_FILES);
934  Ret = FALSE;
935  }
936 
937  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
938  return Ret;
939  }
940 
941  BaseSetLastNTError(Status);
942  return FALSE;
943 }
LPMODULEENTRY32W
struct tagMODULEENTRY32W * LPMODULEENTRY32W
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::ModuleListCount
ULONG ModuleListCount
Definition: toolhelp.c:65
_TH32SNAPSHOT::ModuleListOffset
ULONG_PTR ModuleListOffset
Definition: toolhelp.c:67
_TH32SNAPSHOT
Definition: toolhelp.c:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_TH32SNAPSHOT::ModuleListIndex
ULONG ModuleListIndex
Definition: toolhelp.c:66
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

Referenced by Module32Next().

◆ Process32First()

BOOL WINAPI Process32First ( HANDLE  ,
LPPROCESSENTRY32   
)

Definition at line 951 of file toolhelp.c.

952 {
953  PROCESSENTRY32W pe;
954  BOOL Ret;
955 
956  CHECK_PARAM_SIZEA(lppe, sizeof(PROCESSENTRY32));
957 
958  pe.dwSize = sizeof(PROCESSENTRY32W);
959 
960  Ret = Process32FirstW(hSnapshot, &pe);
961  if(Ret)
962  {
963  lppe->cntUsage = pe.cntUsage;
964  lppe->th32ProcessID = pe.th32ProcessID;
965  lppe->th32DefaultHeapID = pe.th32DefaultHeapID;
966  lppe->th32ModuleID = pe.th32ModuleID;
967  lppe->cntThreads = pe.cntThreads;
968  lppe->th32ParentProcessID = pe.th32ParentProcessID;
969  lppe->pcPriClassBase = pe.pcPriClassBase;
970  lppe->dwFlags = pe.dwFlags;
971 
972  WideCharToMultiByte(CP_ACP, 0, pe.szExeFile, -1, lppe->szExeFile, sizeof(lppe->szExeFile), 0, 0);
973  }
974 
975  return Ret;
976 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
CP_ACP
#define CP_ACP
Definition: compat.h:109
tagPROCESSENTRY32W::szExeFile
WCHAR szExeFile[MAX_PATH]
Definition: tlhelp32.h:58
tagPROCESSENTRY32W::th32ProcessID
DWORD th32ProcessID
Definition: tlhelp32.h:51
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
tagPROCESSENTRY32W::th32ModuleID
DWORD th32ModuleID
Definition: tlhelp32.h:53
Process32FirstW
BOOL WINAPI Process32FirstW(HANDLE hSnapshot, LPPROCESSENTRY32W lppe)
Definition: toolhelp.c:984
PROCESSENTRY32W
struct tagPROCESSENTRY32W PROCESSENTRY32W
tagPROCESSENTRY32W::th32DefaultHeapID
DWORD th32DefaultHeapID
Definition: tlhelp32.h:52
CHECK_PARAM_SIZEA
#define CHECK_PARAM_SIZEA(ptr, siz)
Definition: toolhelp.c:48
tagPROCESSENTRY32W::th32ParentProcessID
DWORD th32ParentProcessID
Definition: tlhelp32.h:55

Referenced by PrintBugreport().

◆ Process32FirstW()

BOOL WINAPI Process32FirstW ( HANDLE  ,
LPPROCESSENTRY32W   
)

Definition at line 984 of file toolhelp.c.

985 {
986  PTH32SNAPSHOT Snapshot;
987  LARGE_INTEGER SOffset;
988  SIZE_T ViewSize;
989  NTSTATUS Status;
990 
991  CHECK_PARAM_SIZE(lppe, sizeof(PROCESSENTRY32W));
992 
993  SOffset.QuadPart = 0;
994  ViewSize = 0;
995  Snapshot = NULL;
996 
997  Status = NtMapViewOfSection(hSnapshot,
998  NtCurrentProcess(),
999  (PVOID*)&Snapshot,
1000  0,
1001  0,
1002  &SOffset,
1003  &ViewSize,
1004  ViewShare,
1005  0,
1006  PAGE_READWRITE);
1007  if(NT_SUCCESS(Status))
1008  {
1009  BOOL Ret;
1010 
1011  if(Snapshot->ProcessListCount > 0)
1012  {
1013  LPPROCESSENTRY32W Entries = (LPPROCESSENTRY32W)OffsetToPtr(Snapshot, Snapshot->ProcessListOffset);
1014 
1015  Snapshot->ProcessListIndex = 1;
1016  RtlCopyMemory(lppe, &Entries[0], sizeof(PROCESSENTRY32W));
1017  Ret = TRUE;
1018  }
1019  else
1020  {
1021 
1022  SetLastError(ERROR_NO_MORE_FILES);
1023  Ret = FALSE;
1024  }
1025 
1026  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
1027  return Ret;
1028  }
1029 
1030  BaseSetLastNTError(Status);
1031  return FALSE;
1032 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
TRUE
#define TRUE
Definition: types.h:120
_TH32SNAPSHOT::ProcessListOffset
ULONG_PTR ProcessListOffset
Definition: toolhelp.c:71
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT
Definition: toolhelp.c:58
LPPROCESSENTRY32W
struct tagPROCESSENTRY32W * LPPROCESSENTRY32W
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_TH32SNAPSHOT::ProcessListIndex
ULONG ProcessListIndex
Definition: toolhelp.c:70
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304
_TH32SNAPSHOT::ProcessListCount
ULONG ProcessListCount
Definition: toolhelp.c:69

Referenced by _DoDLLInjection(), fill_process(), GetProcessID(), Process32First(), and ShutdownProcessTreeHelper().

◆ Process32Next()

BOOL WINAPI Process32Next ( HANDLE  ,
LPPROCESSENTRY32   
)

Definition at line 1040 of file toolhelp.c.

1041 {
1042  PROCESSENTRY32W pe;
1043  BOOL Ret;
1044 
1045  CHECK_PARAM_SIZEA(lppe, sizeof(PROCESSENTRY32));
1046 
1047  pe.dwSize = sizeof(PROCESSENTRY32W);
1048 
1049  Ret = Process32NextW(hSnapshot, &pe);
1050  if(Ret)
1051  {
1052  lppe->cntUsage = pe.cntUsage;
1053  lppe->th32ProcessID = pe.th32ProcessID;
1054  lppe->th32DefaultHeapID = pe.th32DefaultHeapID;
1055  lppe->th32ModuleID = pe.th32ModuleID;
1056  lppe->cntThreads = pe.cntThreads;
1057  lppe->th32ParentProcessID = pe.th32ParentProcessID;
1058  lppe->pcPriClassBase = pe.pcPriClassBase;
1059  lppe->dwFlags = pe.dwFlags;
1060 
1061  WideCharToMultiByte(CP_ACP, 0, pe.szExeFile, -1, lppe->szExeFile, sizeof(lppe->szExeFile), 0, 0);
1062  }
1063 
1064  return Ret;
1065 }
WideCharToMultiByte
#define WideCharToMultiByte
Definition: compat.h:111
CP_ACP
#define CP_ACP
Definition: compat.h:109
tagPROCESSENTRY32W::szExeFile
WCHAR szExeFile[MAX_PATH]
Definition: tlhelp32.h:58
tagPROCESSENTRY32W::th32ProcessID
DWORD th32ProcessID
Definition: tlhelp32.h:51
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
tagPROCESSENTRY32W::th32ModuleID
DWORD th32ModuleID
Definition: tlhelp32.h:53
PROCESSENTRY32W
struct tagPROCESSENTRY32W PROCESSENTRY32W
Process32NextW
BOOL WINAPI Process32NextW(HANDLE hSnapshot, LPPROCESSENTRY32W lppe)
Definition: toolhelp.c:1073
tagPROCESSENTRY32W::th32DefaultHeapID
DWORD th32DefaultHeapID
Definition: tlhelp32.h:52
CHECK_PARAM_SIZEA
#define CHECK_PARAM_SIZEA(ptr, siz)
Definition: toolhelp.c:48
tagPROCESSENTRY32W::th32ParentProcessID
DWORD th32ParentProcessID
Definition: tlhelp32.h:55

Referenced by PrintBugreport().

◆ Process32NextW()

BOOL WINAPI Process32NextW ( HANDLE  ,
LPPROCESSENTRY32W   
)

Definition at line 1073 of file toolhelp.c.

1074 {
1075  PTH32SNAPSHOT Snapshot;
1076  LARGE_INTEGER SOffset;
1077  SIZE_T ViewSize;
1078  NTSTATUS Status;
1079 
1080  CHECK_PARAM_SIZE(lppe, sizeof(PROCESSENTRY32W));
1081 
1082  SOffset.QuadPart = 0;
1083  ViewSize = 0;
1084  Snapshot = NULL;
1085 
1086  Status = NtMapViewOfSection(hSnapshot,
1087  NtCurrentProcess(),
1088  (PVOID*)&Snapshot,
1089  0,
1090  0,
1091  &SOffset,
1092  &ViewSize,
1093  ViewShare,
1094  0,
1095  PAGE_READWRITE);
1096  if(NT_SUCCESS(Status))
1097  {
1098  BOOL Ret;
1099 
1100  if(Snapshot->ProcessListCount > 0 &&
1101  Snapshot->ProcessListIndex < Snapshot->ProcessListCount)
1102  {
1103  LPPROCESSENTRY32W Entries = (LPPROCESSENTRY32W)OffsetToPtr(Snapshot, Snapshot->ProcessListOffset);
1104  RtlCopyMemory(lppe, &Entries[Snapshot->ProcessListIndex++], sizeof(PROCESSENTRY32W));
1105  Ret = TRUE;
1106  }
1107  else
1108  {
1109  SetLastError(ERROR_NO_MORE_FILES);
1110  Ret = FALSE;
1111  }
1112 
1113  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
1114  return Ret;
1115  }
1116 
1117  BaseSetLastNTError(Status);
1118  return FALSE;
1119 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
TRUE
#define TRUE
Definition: types.h:120
_TH32SNAPSHOT::ProcessListOffset
ULONG_PTR ProcessListOffset
Definition: toolhelp.c:71
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT
Definition: toolhelp.c:58
LPPROCESSENTRY32W
struct tagPROCESSENTRY32W * LPPROCESSENTRY32W
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_TH32SNAPSHOT::ProcessListIndex
ULONG ProcessListIndex
Definition: toolhelp.c:70
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304
_TH32SNAPSHOT::ProcessListCount
ULONG ProcessListCount
Definition: toolhelp.c:69

Referenced by _DoDLLInjection(), fill_process(), GetProcessID(), Process32Next(), and ShutdownProcessTreeHelper().

◆ Thread32First()

BOOL WINAPI Thread32First ( HANDLE  ,
LPTHREADENTRY32   
)

Definition at line 1127 of file toolhelp.c.

1128 {
1129  PTH32SNAPSHOT Snapshot;
1130  LARGE_INTEGER SOffset;
1131  SIZE_T ViewSize;
1132  NTSTATUS Status;
1133 
1134  CHECK_PARAM_SIZE(lpte, sizeof(THREADENTRY32));
1135 
1136  SOffset.QuadPart = 0;
1137  ViewSize = 0;
1138  Snapshot = NULL;
1139 
1140  Status = NtMapViewOfSection(hSnapshot,
1141  NtCurrentProcess(),
1142  (PVOID*)&Snapshot,
1143  0,
1144  0,
1145  &SOffset,
1146  &ViewSize,
1147  ViewShare,
1148  0,
1149  PAGE_READWRITE);
1150  if(NT_SUCCESS(Status))
1151  {
1152  BOOL Ret;
1153 
1154  if(Snapshot->ThreadListCount > 0)
1155  {
1156  LPTHREADENTRY32 Entries = (LPTHREADENTRY32)OffsetToPtr(Snapshot, Snapshot->ThreadListOffset);
1157  Snapshot->ThreadListIndex = 1;
1158  RtlCopyMemory(lpte, &Entries[0], sizeof(THREADENTRY32));
1159  Ret = TRUE;
1160  }
1161  else
1162  {
1163  SetLastError(ERROR_NO_MORE_FILES);
1164  Ret = FALSE;
1165  }
1166 
1167  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
1168  return Ret;
1169  }
1170 
1171  BaseSetLastNTError(Status);
1172  return FALSE;
1173 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
_TH32SNAPSHOT::ThreadListOffset
ULONG_PTR ThreadListOffset
Definition: toolhelp.c:75
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::ThreadListIndex
ULONG ThreadListIndex
Definition: toolhelp.c:74
_TH32SNAPSHOT
Definition: toolhelp.c:58
_TH32SNAPSHOT::ThreadListCount
ULONG ThreadListCount
Definition: toolhelp.c:73
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
LPTHREADENTRY32
static LPTHREADENTRY32
Definition: toolhelp.c:39
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

◆ Thread32Next()

BOOL WINAPI Thread32Next ( HANDLE  ,
LPTHREADENTRY32   
)

Definition at line 1181 of file toolhelp.c.

1182 {
1183  PTH32SNAPSHOT Snapshot;
1184  LARGE_INTEGER SOffset;
1185  SIZE_T ViewSize;
1186  NTSTATUS Status;
1187 
1188  CHECK_PARAM_SIZE(lpte, sizeof(THREADENTRY32));
1189 
1190  SOffset.QuadPart = 0;
1191  ViewSize = 0;
1192  Snapshot = NULL;
1193 
1194  Status = NtMapViewOfSection(hSnapshot,
1195  NtCurrentProcess(),
1196  (PVOID*)&Snapshot,
1197  0,
1198  0,
1199  &SOffset,
1200  &ViewSize,
1201  ViewShare,
1202  0,
1203  PAGE_READWRITE);
1204  if(NT_SUCCESS(Status))
1205  {
1206  BOOL Ret;
1207 
1208  if(Snapshot->ThreadListCount > 0 &&
1209  Snapshot->ThreadListIndex < Snapshot->ThreadListCount)
1210  {
1211  LPTHREADENTRY32 Entries = (LPTHREADENTRY32)OffsetToPtr(Snapshot, Snapshot->ThreadListOffset);
1212  RtlCopyMemory(lpte, &Entries[Snapshot->ThreadListIndex++], sizeof(THREADENTRY32));
1213  Ret = TRUE;
1214  }
1215  else
1216  {
1217  SetLastError(ERROR_NO_MORE_FILES);
1218  Ret = FALSE;
1219  }
1220 
1221  NtUnmapViewOfSection(NtCurrentProcess(), (PVOID)Snapshot);
1222  return Ret;
1223  }
1224 
1225  BaseSetLastNTError(Status);
1226  return FALSE;
1227 }
NtUnmapViewOfSection
NTSTATUS NTAPI NtUnmapViewOfSection(IN HANDLE ProcessHandle, IN PVOID BaseAddress)
Definition: section.c:3782
RtlCopyMemory
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
_TH32SNAPSHOT::ThreadListOffset
ULONG_PTR ThreadListOffset
Definition: toolhelp.c:75
TRUE
#define TRUE
Definition: types.h:120
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_TH32SNAPSHOT::ThreadListIndex
ULONG ThreadListIndex
Definition: toolhelp.c:74
_TH32SNAPSHOT
Definition: toolhelp.c:58
_TH32SNAPSHOT::ThreadListCount
ULONG ThreadListCount
Definition: toolhelp.c:73
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ViewShare
Definition: nt_native.h:1278
OffsetToPtr
#define OffsetToPtr(Snapshot, Offset)
Definition: toolhelp.c:55
NtMapViewOfSection
NTSTATUS NTAPI NtMapViewOfSection(IN HANDLE SectionHandle, IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG_PTR ZeroBits, IN SIZE_T CommitSize, IN OUT PLARGE_INTEGER SectionOffset OPTIONAL, IN OUT PSIZE_T ViewSize, IN SECTION_INHERIT InheritDisposition, IN ULONG AllocationType, IN ULONG Protect)
Definition: section.c:3554
NULL
smooth NULL
Definition: ftsmooth.c:416
BaseSetLastNTError
DWORD BaseSetLastNTError(IN NTSTATUS Status)
Definition: reactos.cpp:166
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
NtCurrentProcess
#define NtCurrentProcess()
Definition: nt_native.h:1657
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
SetLastError
#define SetLastError(x)
Definition: compat.h:611
Status
Status
Definition: gdiplustypes.h:24
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
Entries
LIST_ENTRY Entries[5]
Definition: ExDoubleList.c:8
_LARGE_INTEGER
Definition: typedefs.h:102
ViewSize
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID _In_ ULONG_PTR _In_ SIZE_T _Inout_opt_ PLARGE_INTEGER _Inout_ PSIZE_T ViewSize
Definition: mmfuncs.h:404
CHECK_PARAM_SIZE
#define CHECK_PARAM_SIZE(ptr, siz)
Definition: toolhelp.c:34
LPTHREADENTRY32
static LPTHREADENTRY32
Definition: toolhelp.c:39
_LARGE_INTEGER::QuadPart
LONGLONG QuadPart
Definition: typedefs.h:114
PAGE_READWRITE
#define PAGE_READWRITE
Definition: nt_native.h:1304

◆ Toolhelp32ReadProcessMemory()

BOOL WINAPI Toolhelp32ReadProcessMemory ( DWORD  ,
LPCVOID  ,
LPVOID  ,
SIZE_T  ,
SIZE_T  
)

Definition at line 1235 of file toolhelp.c.

1237 {
1238  HANDLE hProcess = OpenProcess(PROCESS_VM_READ, FALSE, th32ProcessID);
1239  if(hProcess != NULL)
1240  {
1241  BOOL Ret = ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, cbRead, lpNumberOfBytesRead);
1242  CloseHandle(hProcess);
1243  return Ret;
1244  }
1245 
1246  return FALSE;
1247 }
CloseHandle
#define CloseHandle
Definition: compat.h:598
hProcess
_In_ BOOL _In_ HANDLE hProcess
Definition: mapping.h:70
ReadProcessMemory
#define ReadProcessMemory(a, b, c, d, e)
Definition: compat.h:617
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
lpBuffer
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:173
NULL
smooth NULL
Definition: ftsmooth.c:416
OpenProcess
HANDLE WINAPI OpenProcess(IN DWORD dwDesiredAccess, IN BOOL bInheritHandle, IN DWORD dwProcessId)
Definition: proc.c:1227
PROCESS_VM_READ
#define PROCESS_VM_READ
Definition: pstypes.h:153