PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Static Public Attributes | Protected Member Functions | Protected Attributes | List of all members
pesieve::ModulesCache Class Reference

#include <module_cache.h>

Public Member Functions

 ModulesCache ()
 
 ~ModulesCache ()
 
BYTE * loadCached (LPSTR szModName, size_t &original_size)
 

Static Public Attributes

static const size_t MinUsageCntr = 2
 how many times loading of the module must be requested before the module is added to cache
 

Protected Member Functions

BYTE * getMappedCached (const std::string &modName, size_t &mappedSize)
 
bool isCacheAvailable (const size_t neededSize)
 
bool prepareCacheSpace (const size_t neededSize, bool force_free)
 
bool _deleteLeastRecent ()
 
void deleteCache ()
 

Protected Attributes

std::map< std::string, size_t > usageBeforeCounter
 how many times loading of the same module was requested before it was cached
 
std::map< std::string, CachedModule * > cachedModules
 the list of all the cached modules
 
util::Mutex cacheMutex
 

Detailed Description

Definition at line 52 of file module_cache.h.

Constructor & Destructor Documentation

◆ ModulesCache()

pesieve::ModulesCache::ModulesCache ( )
inline

Definition at line 58 of file module_cache.h.

◆ ~ModulesCache()

pesieve::ModulesCache::~ModulesCache ( )
inline

Definition at line 65 of file module_cache.h.

Here is the call graph for this function:

Member Function Documentation

◆ _deleteLeastRecent()

bool pesieve::ModulesCache::_deleteLeastRecent ( )
inlineprotected

Definition at line 104 of file module_cache.h.

◆ deleteCache()

void pesieve::ModulesCache::deleteCache ( )
inlineprotected

Definition at line 139 of file module_cache.h.

◆ getMappedCached()

BYTE * pesieve::ModulesCache::getMappedCached ( const std::string & modName,
size_t & mappedSize )
inlineprotected

Definition at line 73 of file module_cache.h.

Here is the call graph for this function:

◆ isCacheAvailable()

bool pesieve::ModulesCache::isCacheAvailable ( const size_t neededSize)
protected

Definition at line 52 of file module_cache.cpp.

Here is the call graph for this function:

◆ loadCached()

BYTE * pesieve::ModulesCache::loadCached ( LPSTR szModName,
size_t & original_size )

Definition at line 4 of file module_cache.cpp.

Here is the call graph for this function:

◆ prepareCacheSpace()

bool pesieve::ModulesCache::prepareCacheSpace ( const size_t neededSize,
bool force_free )
inlineprotected

Definition at line 90 of file module_cache.h.

Here is the call graph for this function:

Member Data Documentation

◆ cachedModules

std::map<std::string, CachedModule*> pesieve::ModulesCache::cachedModules
protected

the list of all the cached modules

Definition at line 163 of file module_cache.h.

◆ cacheMutex

util::Mutex pesieve::ModulesCache::cacheMutex
protected

Definition at line 165 of file module_cache.h.

◆ MinUsageCntr

const size_t pesieve::ModulesCache::MinUsageCntr = 2
static

how many times loading of the module must be requested before the module is added to cache

Definition at line 56 of file module_cache.h.

◆ usageBeforeCounter

std::map<std::string, size_t> pesieve::ModulesCache::usageBeforeCounter
protected

how many times loading of the same module was requested before it was cached

Definition at line 161 of file module_cache.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.12.0