Почетна Преглед Помоћ
Регистрација Пријавите се
zhouyuhuan
/
Cloudpods
1
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: 4e53efd173
Гране Ознаке
Cloudpods
/
backend
/
vendor
/
github.com
/
shirou
/
gopsutil
/
process
/
process_windows_amd64.go

process_windows_amd64.go 1.9 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. // +build windows
    2. 

  2. 

  3. package process
    4. 

  4. 

  5. import (
    6. 

  6. 	"syscall"
    7. 

  7. 	"unsafe"
    8. 

  8. 

  9. 	"github.com/shirou/gopsutil/internal/common"
    10. 

  10. 	"golang.org/x/sys/windows"
    11. 

  11. )
    12. 

  12. 

  13. type PROCESS_MEMORY_COUNTERS struct {
    14. 

  14. 	CB                         uint32
    15. 

  15. 	PageFaultCount             uint32
    16. 

  16. 	PeakWorkingSetSize         uint64
    17. 

  17. 	WorkingSetSize             uint64
    18. 

  18. 	QuotaPeakPagedPoolUsage    uint64
    19. 

  19. 	QuotaPagedPoolUsage        uint64
    20. 

  20. 	QuotaPeakNonPagedPoolUsage uint64
    21. 

  21. 	QuotaNonPagedPoolUsage     uint64
    22. 

  22. 	PagefileUsage              uint64
    23. 

  23. 	PeakPagefileUsage          uint64
    24. 

  24. }
    25. 

  25. 

  26. func queryPebAddress(procHandle syscall.Handle, is32BitProcess bool) (uint64, error) {
    27. 

  27. 	if is32BitProcess {
    28. 

  28. 		//we are on a 64-bit process reading an external 32-bit process
    29. 

  29. 		var wow64 uint
    30. 

  30. 

  31. 		ret, _, _ := common.ProcNtQueryInformationProcess.Call(
    32. 

  32. 			uintptr(procHandle),
    33. 

  33. 			uintptr(common.ProcessWow64Information),
    34. 

  34. 			uintptr(unsafe.Pointer(&wow64)),
    35. 

  35. 			uintptr(unsafe.Sizeof(wow64)),
    36. 

  36. 			uintptr(0),
    37. 

  37. 		)
    38. 

  38. 		if status := windows.NTStatus(ret); status == windows.STATUS_SUCCESS {
    39. 

  39. 			return uint64(wow64), nil
    40. 

  40. 		} else {
    41. 

  41. 			return 0, windows.NTStatus(ret)
    42. 

  42. 		}
    43. 

  43. 	} else {
    44. 

  44. 		//we are on a 64-bit process reading an external 64-bit process
    45. 

  45. 		var info processBasicInformation64
    46. 

  46. 

  47. 		ret, _, _ := common.ProcNtQueryInformationProcess.Call(
    48. 

  48. 			uintptr(procHandle),
    49. 

  49. 			uintptr(common.ProcessBasicInformation),
    50. 

  50. 			uintptr(unsafe.Pointer(&info)),
    51. 

  51. 			uintptr(unsafe.Sizeof(info)),
    52. 

  52. 			uintptr(0),
    53. 

  53. 		)
    54. 

  54. 		if status := windows.NTStatus(ret); status == windows.STATUS_SUCCESS {
    55. 

  55. 			return info.PebBaseAddress, nil
    56. 

  56. 		} else {
    57. 

  57. 			return 0, windows.NTStatus(ret)
    58. 

  58. 		}
    59. 

  59. 	}
    60. 

  60. }
    61. 

  61. 

  62. func readProcessMemory(procHandle syscall.Handle, _ bool, address uint64, size uint) []byte {
    63. 

  63. 	var read uint
    64. 

  64. 

  65. 	buffer := make([]byte, size)
    66. 

  66. 

  67. 	ret, _, _ := common.ProcNtReadVirtualMemory.Call(
    68. 

  68. 		uintptr(procHandle),
    69. 

  69. 		uintptr(address),
    70. 

  70. 		uintptr(unsafe.Pointer(&buffer[0])),
    71. 

  71. 		uintptr(size),
    72. 

  72. 		uintptr(unsafe.Pointer(&read)),
    73. 

  73. 	)
    74. 

  74. 	if int(ret) >= 0 && read > 0 {
    75. 

  75. 		return buffer[:read]
    76. 

  76. 	}
    77. 

  77. 	return nil
    78. 

  78. }
    79.