PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Static Public Attributes | Protected Member Functions | Protected Attributes | List of all members
pesieve::ModulesCache Class Reference

#include <module_cache.h>

Public Member Functions

 ModulesCache ()
 
 ~ModulesCache ()
 
BYTEloadCached (LPSTR szModName, size_t &original_size)
 

Static Public Attributes

static const size_t MinUsageCntr = 2
 how many times loading of the module must be requested before the module is added to cache
 
static const size_t MaxCachedModules = 255
 how many modules can be stored in the cache at the time
 

Protected Member Functions

BYTEgetMappedCached (const std::string &modName, size_t &mappedSize)
 
bool prepareCacheSpace (bool force_free=false)
 
bool _deleteLeastRecent ()
 
void deleteCache ()
 

Protected Attributes

std::map< std::string, size_tusageBeforeCounter
 how many times loading of the same module was requested before it was cached
 
std::map< std::string, CachedModule * > cachedModules
 the list of all the cached modules
 
util::Mutex cacheMutex
 

Detailed Description

Definition at line 97 of file module_cache.h.

Constructor & Destructor Documentation

◆ ModulesCache()

pesieve::ModulesCache::ModulesCache ( )
inline

Definition at line 104 of file module_cache.h.

◆ ~ModulesCache()

pesieve::ModulesCache::~ModulesCache ( )
inline

Definition at line 111 of file module_cache.h.

Here is the call graph for this function:

Member Function Documentation

◆ _deleteLeastRecent()

bool pesieve::ModulesCache::_deleteLeastRecent ( )
inlineprotected

Definition at line 144 of file module_cache.h.

Here is the call graph for this function:

◆ deleteCache()

void pesieve::ModulesCache::deleteCache ( )
inlineprotected

Definition at line 179 of file module_cache.h.

Here is the call graph for this function:

◆ getMappedCached()

BYTE * pesieve::ModulesCache::getMappedCached ( const std::string & modName,
size_t & mappedSize )
inlineprotected

Definition at line 119 of file module_cache.h.

Here is the call graph for this function:

◆ loadCached()

BYTE * pesieve::ModulesCache::loadCached ( LPSTR szModName,
size_t & original_size )

Definition at line 3 of file module_cache.cpp.

Here is the call graph for this function:

◆ prepareCacheSpace()

bool pesieve::ModulesCache::prepareCacheSpace ( bool force_free = false)
inlineprotected

Definition at line 134 of file module_cache.h.

Here is the call graph for this function:

Member Data Documentation

◆ cachedModules

std::map<std::string, CachedModule*> pesieve::ModulesCache::cachedModules
protected

the list of all the cached modules

Definition at line 203 of file module_cache.h.

◆ cacheMutex

util::Mutex pesieve::ModulesCache::cacheMutex
protected

Definition at line 205 of file module_cache.h.

◆ MaxCachedModules

const size_t pesieve::ModulesCache::MaxCachedModules = 255
static

how many modules can be stored in the cache at the time

Definition at line 102 of file module_cache.h.

◆ MinUsageCntr

const size_t pesieve::ModulesCache::MinUsageCntr = 2
static

how many times loading of the module must be requested before the module is added to cache

Definition at line 101 of file module_cache.h.

◆ usageBeforeCounter

std::map<std::string, size_t> pesieve::ModulesCache::usageBeforeCounter
protected

how many times loading of the same module was requested before it was cached

Definition at line 201 of file module_cache.h.

The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0