#proc #memory #virtual #helper #maps

proc-maps

Helper crate for getting virtual memory maps from processes

5 releases

0.1.4 Aug 31, 2018
0.1.3 Aug 21, 2018
0.1.2 Aug 6, 2018
0.1.1 Aug 6, 2018
0.1.0 Aug 6, 2018
Download history 74/week @ 2018-08-11 33/week @ 2018-08-18 64/week @ 2018-08-25 61/week @ 2018-09-01

77 downloads per month
Used in 1 crate

MIT license

50KB
1.5K SLoC

proc-maps

Build Status Windows Build status crates.io docs.rs

This crate supports reading virtual memory maps from another process - and supports Linux OSX and Windows operating systems.

Example:

use proc_maps::{get_process_maps, MapRange};

let maps = get_process_maps(pid)?;
for map in maps {
    println!("Filename {} Address {} Size {}", map.filename(), map.start(), map.size());
}

This code was originally developed by Julia Evans as part of the rbspy project: https://github.com/rbspy/rbspy.

Release under the MIT License.


lib.rs:

Get virtual memory maps from another process

This crate provides a function—get_process_maps that returns a Vec of MapRange structs.

This code works on Linux, OSX and Windows. Each operating system has different implementations, but the functions and struct's for each OS share the same interface - so this can be used generically across operating systems.

Note: on OSX this requires root access, and even with root will still not work on processes that have System Integrity Protection enabled (anything in /usr/bin for example).

Example

use proc_maps::{get_process_maps, MapRange, Pid};

let maps = get_process_maps(123456 as Pid).unwrap();
for map in maps {
   println!("Filename {:?} Address {} Size {}", map.filename(), map.start(), map.size());
}

Dependencies

~1MB

  • macos libproc 0.3.1
  • macos mach 0.1.2
  • windows winapi 0.3+tlhelp32+processthreadsapi+handleapi+impl-default+dbghelp
  • failure 0.1.1
  • libc 0.2.34