func (p Process) threads() ([]*Thread, error) {
var ret []*Thread
snapshot, err := win32.CreateToolhelp32Snapshot(win32.TH32CS_SNAPTHREAD, p.Pid)
if err != nil {
return ret, err
}
defer syscall.CloseHandle(snapshot)
var thEntry win32.ThreadEntry32
thEntry.Size = uint32(unsafe.Sizeof(thEntry))
if err = win32.Thread32First(snapshot, &thEntry); err != nil {
return ret, err
}
for {
t := &Thread{
ThreadID: thEntry.ThreadID,
OwnerProcessID: thEntry.OwnerProcessID,
BasePriority: thEntry.BasePriority,
}
ret = append(ret, t)
err = win32.Thread32Next(snapshot, &thEntry)
if err != nil {
if err == syscall.ERROR_NO_MORE_FILES {
break
}
return ret, err
}
}
return ret, nil
}
func (p Process) modules() ([]*Module, error) {
var ret []*Module
snapshot, err := win32.CreateToolhelp32Snapshot(win32.TH32CS_SNAPMODULE, p.Pid)
if err != nil {
return ret, err
}
defer syscall.CloseHandle(snapshot)
var modEntry win32.ModuleEntry32
modEntry.Size = uint32(unsafe.Sizeof(modEntry))
if err := win32.Module32First(snapshot, &modEntry); err != nil {
return ret, err
}
for {
m := &Module{
ProcessID: modEntry.ProcessID,
BaseAddr: modEntry.BaseAddr,
BaseSize: sysmon.Size(modEntry.BaseSize),
Handle: modEntry.Handle,
Name: syscall.UTF16ToString(modEntry.ModuleName[:]),
ExePath: syscall.UTF16ToString(modEntry.ExePath[:]),
}
ret = append(ret, m)
err = win32.Module32Next(snapshot, &modEntry)
if err != nil {
if err == syscall.ERROR_NO_MORE_FILES {
break
}
return ret, err
}
}
return ret[1:], nil
}