#ifndef _PSAPINT_PSAPI_HPP_ #define _PSAPINT_PSAPI_HPP_ #ifndef _COMMON_LIBRARY_HPP_ #include #endif #ifndef _PSAPINT_PROCESSID_HPP_ #include #endif #ifndef _PSAPINT_PROCINFO_HPP_ #include #endif #ifndef _PSAPINT_PROCESSMEMORYCOUNTERS_HPP_ #include #endif #ifndef _PSAPI_H_ #include #endif class ProcessAPI { public: class ProcessAPIInvalidEntryPoint{}; ProcessAPI(void); virtual ~ProcessAPI(); bool enumProcesses(ProcessInfoList &processInfoList); bool enumProcesses(ProcessIDList &processList); bool enumProcessModules(const ProcessID &processID,ModuleInfoList &moduleInfoList); DWORD getModuleBaseName(const ProcessID &processID,HMODULE hModule,String &strModuleBaseName); DWORD getModuleFileName(const ProcessID &processID,HMODULE hModule,String &strModuleFileName); bool getProcessMemoryInfo(HANDLE hProcess,ProcessMemoryCounters &processMemoryCounters); bool isOkay(void)const; private: typedef BOOL (WINAPI *PFNENUMPROCESSES)(DWORD *lpidProcess,DWORD cb,DWORD *cbNeeded); typedef BOOL (WINAPI *PFNENUMPROCESSMODULES)(HANDLE hProcess,HMODULE *lphModule,DWORD cb,LPDWORD lpcbNeeded); typedef DWORD (WINAPI *PFNGETMODULEBASENAME)(HANDLE hProcess,HMODULE hModule,LPSTR lpBaseName,DWORD nSize); typedef DWORD (WINAPI *PFNGETMODULEFILENAMEEX)(HANDLE hProcess,HMODULE hModule,LPSTR lpFilename,DWORD nSize); typedef BOOL (WINAPI *PFNGETMODULEINFORMATION)(HANDLE hProcess,HMODULE hModule,LPMODULEINFO lpmodinfo,DWORD cb); typedef BOOL (WINAPI *PFNEMPTYWORKINGSET)(HANDLE hProcess); typedef BOOL (WINAPI *PFNQUERYWORKINGSET)(HANDLE hProcess,PVOID pv,DWORD cb); typedef BOOL (WINAPI *PFNINITIALIZEPROCESSFORWSWATCH)(HANDLE hProcess); typedef BOOL (WINAPI *PFNGETWSCHANGES)(HANDLE hProcess,PPSAPI_WS_WATCH_INFORMATION lpWatchInfo,DWORD cb); typedef DWORD (WINAPI *PFNGETMAPPEDFILENAME)(HANDLE hProcess,LPVOID lpv,LPWSTR lpFilename,DWORD nSize); typedef DWORD (WINAPI *PFNENUMDEVICEDRIVERS)(LPVOID *lpImageBase,DWORD cb,LPDWORD lpcbNeeded); typedef DWORD (WINAPI *PFNGETDEVICEDRIVERBASENAME)(LPVOID imageBase,LPSTR lpBaseName,DWORD nSize); typedef DWORD (WINAPI *PFNGETDEVICEDRIVERFILENAME)(LPVOID imageBase,LPSTR lpFilename,DWORD nSize); typedef BOOL (WINAPI *PFNGETPROCESSMEMORYINFO)(HANDLE hProcess,PPROCESS_MEMORY_COUNTERS ppsmemCounters,DWORD cb); ProcessAPI(const ProcessAPI &someProcessAPI); ProcessAPI &operator=(const ProcessAPI &someProcessAPI); bool getEntryPoints(void); bool enumProcesses(DWORD *lpidProcess,DWORD cb,DWORD *cbNeeded); bool enumProcessModules(HANDLE hProcess,HMODULE *lphModule,DWORD cb,LPDWORD lpcbNeeded); DWORD getModuleBaseName(HANDLE hProcess,HMODULE hModule,LPSTR lpBaseName,DWORD nSize); DWORD getModuleFileNameEx(HANDLE hProcess,HMODULE hModule,LPSTR lpFilename,DWORD nSize); bool emptyWorkingSet(HANDLE hProcess); bool queryWorkingSet(HANDLE hProcess,PVOID pv,DWORD cb); bool initializeProcessForWsWatch(HANDLE hProcess); bool getWsChanges(HANDLE hProcess,PPSAPI_WS_WATCH_INFORMATION lpWatchInfo,DWORD cb); DWORD getMappedFileName(HANDLE hProcess,LPVOID lpv,LPWSTR lpFilename,DWORD nSize); DWORD enumDeviceDrivers(LPVOID *lpImageBase,DWORD cb,LPDWORD lpcbNeeded); DWORD getDeviceDriverBaseName(LPVOID imageBase,LPSTR lpBaseName,DWORD nSize); DWORD getDeviceDriverFileName(LPVOID imageBase,LPSTR lpFilename,DWORD nSize); bool getProcessMemoryInfo(HANDLE hProcess,PPROCESS_MEMORY_COUNTERS ppsmemCounters,DWORD cb); bool getModuleInformation(HANDLE hProcess,HMODULE hModule,LPMODULEINFO lpmodinfo,DWORD cb); PFNENUMPROCESSES mpfnEnumProcesses; PFNENUMPROCESSMODULES mpfnEnumProcessModules; PFNGETMODULEBASENAME mpfnGetModuleBaseName; PFNGETMODULEFILENAMEEX mpfnGetModuleFileNameEx; PFNGETMODULEINFORMATION mpfnGetModuleInformation; PFNEMPTYWORKINGSET mpfnEmptyWorkingSet; PFNQUERYWORKINGSET mpfnQueryWorkingSet; PFNINITIALIZEPROCESSFORWSWATCH mpfnInitializeProcessForWsWatch; PFNGETWSCHANGES mpfnGetWsChanges; PFNGETMAPPEDFILENAME mpfnGetMappedFileName; PFNENUMDEVICEDRIVERS mpfnEnumDeviceDrivers; PFNGETDEVICEDRIVERBASENAME mpfnGetDeviceDriverBaseName; PFNGETDEVICEDRIVERFILENAME mpfnGetDeviceDriverFileName; PFNGETPROCESSMEMORYINFO mpfnGetProcessMemoryInfo; Library mPSAPILib; }; inline bool ProcessAPI::getProcessMemoryInfo(HANDLE hProcess,ProcessMemoryCounters &processMemoryCounters) { return getProcessMemoryInfo(hProcess,&processMemoryCounters.getPROCESSMEMORYCOUNTERS(),ProcessMemoryCounters::size()); } #endif