JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Cygwin: Use documented QueryWorkingSetEx() in dumper

Browse Source 
In dumper, use the documented QueryWorkingSetEx(), rather than the
undocumented NtQueryVirtualMemory() with MemoryWorkingSetExInformation.
This commit is contained in:
Jon Turney
2020-07-29 15:19:13 +01:00
parent e3f29b2472
commit 1be41b802a
1 changed files with 7 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
winsup/utils/dumper.cc
View File

@@ -34,6 +34,7 @@
#include <unistd.h> #include <unistd.h>
#include <sys/param.h> #include <sys/param.h>
#include <windows.h> #include <windows.h>
#include <psapi.h>
#include "dumper.h" #include "dumper.h"
@@ -267,43 +268,20 @@ void protect_dump(DWORD protect, char *buf)
strcat (buf, pt[i]); strcat (buf, pt[i]);
} }
typedef enum _MEMORY_INFORMATION_CLASS #define PSWSEI_ATTRIB_SHARED (0x1 << 15)
{
MemoryWorkingSetExInformation = 4, // MEMORY_WORKING_SET_EX_INFORMATION
} MEMORY_INFORMATION_CLASS;
extern "C"
NTSTATUS NTAPI
NtQueryVirtualMemory(HANDLE ProcessHandle,
LPVOID BaseAddress,
MEMORY_INFORMATION_CLASS MemoryInformationClass,
LPVOID MemoryInformation,
SIZE_T MemoryInformationLength,
SIZE_T *ReturnLength);
typedef struct _MEMORY_WORKING_SET_EX_INFORMATION
{
LPVOID VirtualAddress;
ULONG_PTR Long;
} MEMORY_WORKING_SET_EX_INFORMATION;
#define MWSEI_ATTRIB_SHARED (0x1 << 15)
static BOOL static BOOL
getRegionAttributes(HANDLE hProcess, LPVOID address, DWORD &attribs) getRegionAttributes(HANDLE hProcess, LPVOID address, DWORD &attribs)
{ {
MEMORY_WORKING_SET_EX_INFORMATION mwsei = { address }; PSAPI_WORKING_SET_EX_INFORMATION pswsei = { address };
NTSTATUS status = NtQueryVirtualMemory(hProcess, 0,
MemoryWorkingSetExInformation,
&mwsei, sizeof(mwsei), 0);
if (!status) if (QueryWorkingSetEx(hProcess, &pswsei, sizeof(pswsei)))
{ {
attribs = mwsei.Long; attribs = pswsei.VirtualAttributes.Flags;
return TRUE; return TRUE;
} }
deb_printf("MemoryWorkingSetExInformation failed status %08x\n", status); deb_printf("QueryWorkingSetEx failed status %08x\n", GetLastError());
return FALSE; return FALSE;
} }
@@ -338,7 +316,7 @@ dumper::collect_memory_sections ()
DWORD attribs = 0; DWORD attribs = 0;
if (getRegionAttributes(hProcess, current_page_address, attribs)) if (getRegionAttributes(hProcess, current_page_address, attribs))
{ {
if (attribs & MWSEI_ATTRIB_SHARED) if (attribs & PSWSEI_ATTRIB_SHARED)
{ {
skip_region_p = 1; skip_region_p = 1;
disposition = "skipped due to shared MEM_IMAGE"; disposition = "skipped due to shared MEM_IMAGE";