2015-03-05 22:07:38 -08:00
|
|
|
// Copyright 2015 The Crashpad Authors. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
#include "util/win/process_info.h"
|
|
|
|
|
|
2015-03-09 16:37:43 -07:00
|
|
|
#include <winternl.h>
|
|
|
|
|
|
2015-09-30 17:20:23 -07:00
|
|
|
#include <limits>
|
|
|
|
|
|
2015-03-05 22:07:38 -08:00
|
|
|
#include "base/logging.h"
|
2015-09-16 12:42:20 -07:00
|
|
|
#include "base/strings/stringprintf.h"
|
|
|
|
|
#include "build/build_config.h"
|
2015-03-09 16:37:43 -07:00
|
|
|
#include "util/numeric/safe_assignment.h"
|
2015-09-16 12:42:20 -07:00
|
|
|
#include "util/win/ntstatus_logging.h"
|
2015-03-09 16:37:43 -07:00
|
|
|
#include "util/win/process_structs.h"
|
2015-03-05 22:07:38 -08:00
|
|
|
|
|
|
|
|
namespace crashpad {
|
|
|
|
|
|
|
|
|
|
namespace {
|
|
|
|
|
|
|
|
|
|
NTSTATUS NtQueryInformationProcess(HANDLE process_handle,
|
|
|
|
|
PROCESSINFOCLASS process_information_class,
|
|
|
|
|
PVOID process_information,
|
|
|
|
|
ULONG process_information_length,
|
|
|
|
|
PULONG return_length) {
|
|
|
|
|
static decltype(::NtQueryInformationProcess)* nt_query_information_process =
|
|
|
|
|
reinterpret_cast<decltype(::NtQueryInformationProcess)*>(GetProcAddress(
|
|
|
|
|
LoadLibrary(L"ntdll.dll"), "NtQueryInformationProcess"));
|
|
|
|
|
DCHECK(nt_query_information_process);
|
|
|
|
|
return nt_query_information_process(process_handle,
|
|
|
|
|
process_information_class,
|
|
|
|
|
process_information,
|
|
|
|
|
process_information_length,
|
|
|
|
|
return_length);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool IsProcessWow64(HANDLE process_handle) {
|
|
|
|
|
static decltype(IsWow64Process)* is_wow64_process =
|
|
|
|
|
reinterpret_cast<decltype(IsWow64Process)*>(
|
|
|
|
|
GetProcAddress(LoadLibrary(L"kernel32.dll"), "IsWow64Process"));
|
|
|
|
|
if (!is_wow64_process)
|
|
|
|
|
return false;
|
|
|
|
|
BOOL is_wow64;
|
|
|
|
|
if (!is_wow64_process(process_handle, &is_wow64)) {
|
|
|
|
|
PLOG(ERROR) << "IsWow64Process";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return is_wow64;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-09 16:37:43 -07:00
|
|
|
template <class T>
|
2015-03-05 22:07:38 -08:00
|
|
|
bool ReadUnicodeString(HANDLE process,
|
2015-03-09 16:37:43 -07:00
|
|
|
const process_types::UNICODE_STRING<T>& us,
|
2015-03-05 22:07:38 -08:00
|
|
|
std::wstring* result) {
|
|
|
|
|
if (us.Length == 0) {
|
|
|
|
|
result->clear();
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
DCHECK_EQ(us.Length % sizeof(wchar_t), 0u);
|
|
|
|
|
result->resize(us.Length / sizeof(wchar_t));
|
|
|
|
|
SIZE_T bytes_read;
|
2015-09-21 10:51:15 -07:00
|
|
|
if (!ReadProcessMemory(
|
|
|
|
|
process,
|
|
|
|
|
reinterpret_cast<const void*>(static_cast<uintptr_t>(us.Buffer)),
|
|
|
|
|
&result->operator[](0),
|
|
|
|
|
us.Length,
|
|
|
|
|
&bytes_read)) {
|
2015-03-05 22:07:38 -08:00
|
|
|
PLOG(ERROR) << "ReadProcessMemory UNICODE_STRING";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (bytes_read != us.Length) {
|
|
|
|
|
LOG(ERROR) << "ReadProcessMemory UNICODE_STRING incorrect size";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-16 12:42:20 -07:00
|
|
|
template <class T>
|
|
|
|
|
bool ReadStruct(HANDLE process, WinVMAddress at, T* into) {
|
2015-03-05 22:07:38 -08:00
|
|
|
SIZE_T bytes_read;
|
|
|
|
|
if (!ReadProcessMemory(process,
|
|
|
|
|
reinterpret_cast<const void*>(at),
|
|
|
|
|
into,
|
|
|
|
|
sizeof(T),
|
|
|
|
|
&bytes_read)) {
|
|
|
|
|
// We don't have a name for the type we're reading, so include the signature
|
|
|
|
|
// to get the type of T.
|
|
|
|
|
PLOG(ERROR) << "ReadProcessMemory " << __FUNCSIG__;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (bytes_read != sizeof(T)) {
|
|
|
|
|
LOG(ERROR) << "ReadProcessMemory " << __FUNCSIG__ << " incorrect size";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} // namespace
|
|
|
|
|
|
2015-09-16 12:42:20 -07:00
|
|
|
template <class Traits>
|
|
|
|
|
bool GetProcessBasicInformation(HANDLE process,
|
|
|
|
|
bool is_wow64,
|
|
|
|
|
ProcessInfo* process_info,
|
2015-09-25 10:31:02 -07:00
|
|
|
WinVMAddress* peb_address,
|
|
|
|
|
WinVMSize* peb_size) {
|
2015-09-16 12:42:20 -07:00
|
|
|
ULONG bytes_returned;
|
|
|
|
|
process_types::PROCESS_BASIC_INFORMATION<Traits> process_basic_information;
|
|
|
|
|
NTSTATUS status =
|
|
|
|
|
crashpad::NtQueryInformationProcess(process,
|
|
|
|
|
ProcessBasicInformation,
|
|
|
|
|
&process_basic_information,
|
|
|
|
|
sizeof(process_basic_information),
|
|
|
|
|
&bytes_returned);
|
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
|
|
|
NTSTATUS_LOG(ERROR, status) << "NtQueryInformationProcess";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (bytes_returned != sizeof(process_basic_information)) {
|
|
|
|
|
LOG(ERROR) << "NtQueryInformationProcess incorrect size";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// See https://msdn.microsoft.com/en-us/library/windows/desktop/aa384203 on
|
|
|
|
|
// 32 bit being the correct size for HANDLEs for proceses, even on Windows
|
|
|
|
|
// x64. API functions (e.g. OpenProcess) take only a DWORD, so there's no
|
|
|
|
|
// sense in maintaining the top bits.
|
|
|
|
|
process_info->process_id_ =
|
|
|
|
|
static_cast<DWORD>(process_basic_information.UniqueProcessId);
|
|
|
|
|
process_info->inherited_from_process_id_ = static_cast<DWORD>(
|
|
|
|
|
process_basic_information.InheritedFromUniqueProcessId);
|
|
|
|
|
|
|
|
|
|
// We now want to read the PEB to gather the rest of our information. The
|
|
|
|
|
// PebBaseAddress as returned above is what we want for 64-on-64 and 32-on-32,
|
|
|
|
|
// but for Wow64, we want to read the 32 bit PEB (a Wow64 process has both).
|
|
|
|
|
// The address of this is found by a second call to NtQueryInformationProcess.
|
|
|
|
|
if (!is_wow64) {
|
|
|
|
|
*peb_address = process_basic_information.PebBaseAddress;
|
2015-09-25 10:31:02 -07:00
|
|
|
*peb_size = sizeof(process_types::PEB<Traits>);
|
2015-09-16 12:42:20 -07:00
|
|
|
} else {
|
|
|
|
|
ULONG_PTR wow64_peb_address;
|
|
|
|
|
status = crashpad::NtQueryInformationProcess(process,
|
|
|
|
|
ProcessWow64Information,
|
|
|
|
|
&wow64_peb_address,
|
|
|
|
|
sizeof(wow64_peb_address),
|
|
|
|
|
&bytes_returned);
|
|
|
|
|
if (!NT_SUCCESS(status)) {
|
|
|
|
|
NTSTATUS_LOG(ERROR, status), "NtQueryInformationProcess";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (bytes_returned != sizeof(wow64_peb_address)) {
|
|
|
|
|
LOG(ERROR) << "NtQueryInformationProcess incorrect size";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
*peb_address = wow64_peb_address;
|
2015-09-25 10:31:02 -07:00
|
|
|
*peb_size = sizeof(process_types::PEB<process_types::internal::Traits32>);
|
2015-09-16 12:42:20 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-09 16:37:43 -07:00
|
|
|
template <class Traits>
|
|
|
|
|
bool ReadProcessData(HANDLE process,
|
2015-05-01 13:48:23 -07:00
|
|
|
WinVMAddress peb_address_vmaddr,
|
2015-03-09 16:37:43 -07:00
|
|
|
ProcessInfo* process_info) {
|
|
|
|
|
Traits::Pointer peb_address;
|
2015-05-01 13:48:23 -07:00
|
|
|
if (!AssignIfInRange(&peb_address, peb_address_vmaddr)) {
|
2015-09-16 12:42:20 -07:00
|
|
|
LOG(ERROR) << base::StringPrintf("peb address 0x%x out of range",
|
|
|
|
|
peb_address_vmaddr);
|
2015-03-09 16:37:43 -07:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Try to read the process environment block.
|
|
|
|
|
process_types::PEB<Traits> peb;
|
|
|
|
|
if (!ReadStruct(process, peb_address, &peb))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
process_types::RTL_USER_PROCESS_PARAMETERS<Traits> process_parameters;
|
|
|
|
|
if (!ReadStruct(process, peb.ProcessParameters, &process_parameters))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
if (!ReadUnicodeString(process,
|
|
|
|
|
process_parameters.CommandLine,
|
|
|
|
|
&process_info->command_line_)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
process_types::PEB_LDR_DATA<Traits> peb_ldr_data;
|
|
|
|
|
if (!ReadStruct(process, peb.Ldr, &peb_ldr_data))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
process_types::LDR_DATA_TABLE_ENTRY<Traits> ldr_data_table_entry;
|
|
|
|
|
|
|
|
|
|
// Include the first module in the memory order list to get our the main
|
|
|
|
|
// executable's name, as it's not included in initialization order below.
|
|
|
|
|
if (!ReadStruct(process,
|
2015-09-21 10:51:15 -07:00
|
|
|
static_cast<WinVMAddress>(
|
|
|
|
|
peb_ldr_data.InMemoryOrderModuleList.Flink) -
|
2015-03-09 16:37:43 -07:00
|
|
|
offsetof(process_types::LDR_DATA_TABLE_ENTRY<Traits>,
|
2015-09-21 10:51:15 -07:00
|
|
|
InMemoryOrderLinks),
|
2015-03-09 16:37:43 -07:00
|
|
|
&ldr_data_table_entry)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2015-05-01 13:48:23 -07:00
|
|
|
ProcessInfo::Module module;
|
|
|
|
|
if (!ReadUnicodeString(
|
|
|
|
|
process, ldr_data_table_entry.FullDllName, &module.name)) {
|
2015-03-09 16:37:43 -07:00
|
|
|
return false;
|
2015-05-01 13:48:23 -07:00
|
|
|
}
|
|
|
|
|
module.dll_base = ldr_data_table_entry.DllBase;
|
|
|
|
|
module.size = ldr_data_table_entry.SizeOfImage;
|
|
|
|
|
module.timestamp = ldr_data_table_entry.TimeDateStamp;
|
2015-03-09 16:37:43 -07:00
|
|
|
process_info->modules_.push_back(module);
|
|
|
|
|
|
|
|
|
|
// Walk the PEB LDR structure (doubly-linked list) to get the list of loaded
|
|
|
|
|
// modules. We use this method rather than EnumProcessModules to get the
|
|
|
|
|
// modules in initialization order rather than memory order.
|
|
|
|
|
Traits::Pointer last = peb_ldr_data.InInitializationOrderModuleList.Blink;
|
|
|
|
|
for (Traits::Pointer cur = peb_ldr_data.InInitializationOrderModuleList.Flink;
|
|
|
|
|
;
|
|
|
|
|
cur = ldr_data_table_entry.InInitializationOrderLinks.Flink) {
|
|
|
|
|
// |cur| is the pointer to the LIST_ENTRY embedded in the
|
|
|
|
|
// LDR_DATA_TABLE_ENTRY, in the target process's address space. So we need
|
|
|
|
|
// to read from the target, and also offset back to the beginning of the
|
|
|
|
|
// structure.
|
|
|
|
|
if (!ReadStruct(process,
|
2015-09-21 10:51:15 -07:00
|
|
|
static_cast<WinVMAddress>(cur) -
|
2015-03-09 16:37:43 -07:00
|
|
|
offsetof(process_types::LDR_DATA_TABLE_ENTRY<Traits>,
|
2015-09-21 10:51:15 -07:00
|
|
|
InInitializationOrderLinks),
|
2015-03-09 16:37:43 -07:00
|
|
|
&ldr_data_table_entry)) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
2015-05-01 13:48:23 -07:00
|
|
|
// TODO(scottmg): Capture Checksum, etc. too?
|
|
|
|
|
if (!ReadUnicodeString(
|
|
|
|
|
process, ldr_data_table_entry.FullDllName, &module.name)) {
|
2015-03-09 16:37:43 -07:00
|
|
|
break;
|
2015-05-01 13:48:23 -07:00
|
|
|
}
|
|
|
|
|
module.dll_base = ldr_data_table_entry.DllBase;
|
|
|
|
|
module.size = ldr_data_table_entry.SizeOfImage;
|
|
|
|
|
module.timestamp = ldr_data_table_entry.TimeDateStamp;
|
2015-03-09 16:37:43 -07:00
|
|
|
process_info->modules_.push_back(module);
|
|
|
|
|
if (cur == last)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-30 17:20:23 -07:00
|
|
|
bool ReadMemoryInfo(HANDLE process, bool is_64_bit, ProcessInfo* process_info) {
|
2015-09-25 21:11:04 -07:00
|
|
|
DCHECK(process_info->memory_info_.empty());
|
|
|
|
|
|
2015-09-30 17:20:23 -07:00
|
|
|
const WinVMAddress min_address = 0;
|
|
|
|
|
// We can't use GetSystemInfo() to get the address space range for another
|
|
|
|
|
// process. VirtualQueryEx() will fail with ERROR_INVALID_PARAMETER if the
|
|
|
|
|
// address is above the highest memory address accessible to the process, so
|
|
|
|
|
// we just probe the entire potential range (2^32 for x86, or 2^64 for x64).
|
|
|
|
|
const WinVMAddress max_address = is_64_bit
|
|
|
|
|
? std::numeric_limits<uint64_t>::max()
|
|
|
|
|
: std::numeric_limits<uint32_t>::max();
|
2015-09-25 21:11:04 -07:00
|
|
|
MEMORY_BASIC_INFORMATION memory_basic_information;
|
|
|
|
|
for (WinVMAddress address = min_address; address <= max_address;
|
|
|
|
|
address += memory_basic_information.RegionSize) {
|
|
|
|
|
size_t result = VirtualQueryEx(process,
|
|
|
|
|
reinterpret_cast<void*>(address),
|
|
|
|
|
&memory_basic_information,
|
|
|
|
|
sizeof(memory_basic_information));
|
|
|
|
|
if (result == 0) {
|
2015-09-30 17:20:23 -07:00
|
|
|
if (GetLastError() == ERROR_INVALID_PARAMETER)
|
|
|
|
|
break;
|
2015-09-25 21:11:04 -07:00
|
|
|
PLOG(ERROR) << "VirtualQueryEx";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
process_info->memory_info_.push_back(
|
|
|
|
|
ProcessInfo::MemoryInfo(memory_basic_information));
|
|
|
|
|
|
|
|
|
|
if (memory_basic_information.RegionSize == 0) {
|
|
|
|
|
LOG(ERROR) << "RegionSize == 0";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-01 13:48:23 -07:00
|
|
|
ProcessInfo::Module::Module() : name(), dll_base(0), size(0), timestamp() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ProcessInfo::Module::~Module() {
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-25 21:11:04 -07:00
|
|
|
ProcessInfo::MemoryInfo::MemoryInfo(const MEMORY_BASIC_INFORMATION& mbi)
|
|
|
|
|
: base_address(reinterpret_cast<WinVMAddress>(mbi.BaseAddress)),
|
|
|
|
|
region_size(mbi.RegionSize),
|
|
|
|
|
allocation_base(reinterpret_cast<WinVMAddress>(mbi.AllocationBase)),
|
|
|
|
|
state(mbi.State),
|
|
|
|
|
allocation_protect(mbi.AllocationProtect),
|
|
|
|
|
protect(mbi.Protect),
|
|
|
|
|
type(mbi.Type) {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ProcessInfo::MemoryInfo::~MemoryInfo() {
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-05 22:07:38 -08:00
|
|
|
ProcessInfo::ProcessInfo()
|
2015-03-09 16:37:43 -07:00
|
|
|
: process_id_(),
|
|
|
|
|
inherited_from_process_id_(),
|
2015-03-05 22:07:38 -08:00
|
|
|
command_line_(),
|
2015-09-25 10:31:02 -07:00
|
|
|
peb_address_(0),
|
|
|
|
|
peb_size_(0),
|
2015-03-05 22:07:38 -08:00
|
|
|
modules_(),
|
2015-09-25 21:11:04 -07:00
|
|
|
memory_info_(),
|
2015-03-05 22:07:38 -08:00
|
|
|
is_64_bit_(false),
|
|
|
|
|
is_wow64_(false),
|
|
|
|
|
initialized_() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ProcessInfo::~ProcessInfo() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool ProcessInfo::Initialize(HANDLE process) {
|
|
|
|
|
INITIALIZATION_STATE_SET_INITIALIZING(initialized_);
|
|
|
|
|
|
|
|
|
|
is_wow64_ = IsProcessWow64(process);
|
|
|
|
|
|
|
|
|
|
if (is_wow64_) {
|
|
|
|
|
// If it's WoW64, then it's 32-on-64.
|
|
|
|
|
is_64_bit_ = false;
|
|
|
|
|
} else {
|
|
|
|
|
// Otherwise, it's either 32 on 32, or 64 on 64. Use GetSystemInfo() to
|
|
|
|
|
// distinguish between these two cases.
|
|
|
|
|
SYSTEM_INFO system_info;
|
|
|
|
|
GetSystemInfo(&system_info);
|
|
|
|
|
is_64_bit_ =
|
|
|
|
|
system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-09 16:37:43 -07:00
|
|
|
#if ARCH_CPU_32_BITS
|
2015-03-05 22:07:38 -08:00
|
|
|
if (is_64_bit_) {
|
|
|
|
|
LOG(ERROR) << "Reading x64 process from x86 process not supported";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-09-16 12:42:20 -07:00
|
|
|
#if ARCH_CPU_64_BITS
|
|
|
|
|
bool result = GetProcessBasicInformation<process_types::internal::Traits64>(
|
2015-09-25 10:31:02 -07:00
|
|
|
process, is_wow64_, this, &peb_address_, &peb_size_);
|
2015-03-09 16:37:43 -07:00
|
|
|
#else
|
2015-09-16 12:42:20 -07:00
|
|
|
bool result = GetProcessBasicInformation<process_types::internal::Traits32>(
|
2015-09-25 10:31:02 -07:00
|
|
|
process, false, this, &peb_address_, &peb_size_);
|
2015-09-16 12:42:20 -07:00
|
|
|
#endif // ARCH_CPU_64_BITS
|
2015-05-06 11:09:31 -07:00
|
|
|
|
2015-09-16 12:42:20 -07:00
|
|
|
if (!result) {
|
|
|
|
|
LOG(ERROR) << "GetProcessBasicInformation failed";
|
|
|
|
|
return false;
|
2015-03-05 22:07:38 -08:00
|
|
|
}
|
|
|
|
|
|
2015-09-16 12:42:20 -07:00
|
|
|
result = is_64_bit_ ? ReadProcessData<process_types::internal::Traits64>(
|
2015-09-25 10:31:02 -07:00
|
|
|
process, peb_address_, this)
|
|
|
|
|
: ReadProcessData<process_types::internal::Traits32>(
|
|
|
|
|
process, peb_address_, this);
|
2015-09-16 12:42:20 -07:00
|
|
|
if (!result) {
|
|
|
|
|
LOG(ERROR) << "ReadProcessData failed";
|
2015-03-05 22:07:38 -08:00
|
|
|
return false;
|
2015-09-16 12:42:20 -07:00
|
|
|
}
|
2015-03-05 22:07:38 -08:00
|
|
|
|
2015-09-30 17:20:23 -07:00
|
|
|
if (!ReadMemoryInfo(process, is_64_bit_, this)) {
|
2015-09-25 21:11:04 -07:00
|
|
|
LOG(ERROR) << "ReadMemoryInfo failed";
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-05 22:07:38 -08:00
|
|
|
INITIALIZATION_STATE_SET_VALID(initialized_);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool ProcessInfo::Is64Bit() const {
|
|
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
|
|
|
return is_64_bit_;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool ProcessInfo::IsWow64() const {
|
|
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
|
|
|
return is_wow64_;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pid_t ProcessInfo::ProcessID() const {
|
|
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
2015-03-09 16:37:43 -07:00
|
|
|
return process_id_;
|
2015-03-05 22:07:38 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pid_t ProcessInfo::ParentProcessID() const {
|
|
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
2015-03-09 16:37:43 -07:00
|
|
|
return inherited_from_process_id_;
|
2015-03-05 22:07:38 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool ProcessInfo::CommandLine(std::wstring* command_line) const {
|
|
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
|
|
|
*command_line = command_line_;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-25 10:31:02 -07:00
|
|
|
void ProcessInfo::Peb(WinVMAddress* peb_address, WinVMSize* peb_size) const {
|
|
|
|
|
*peb_address = peb_address_;
|
|
|
|
|
*peb_size = peb_size_;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-01 13:48:23 -07:00
|
|
|
bool ProcessInfo::Modules(std::vector<Module>* modules) const {
|
2015-03-05 22:07:38 -08:00
|
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
|
|
|
*modules = modules_;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-25 21:11:04 -07:00
|
|
|
const std::vector<ProcessInfo::MemoryInfo>& ProcessInfo::MemoryInformation()
|
|
|
|
|
const {
|
|
|
|
|
return memory_info_;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-05 22:07:38 -08:00
|
|
|
} // namespace crashpad
|
