Mercurial > minori

changeset 56:6ff7aabeb9d7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
deps: add animia for open files detection
author Paper <mrpapersonic@gmail.com>
date Thu, 28 Sep 2023 12:35:21 -0400
parents 466ac9870df9
children 3c802806b74a
files CMakeLists.txt dep/animia/CMakeLists.txt dep/animia/LICENSE dep/animia/README.md dep/animia/include/animia.h dep/animia/include/bsd.h dep/animia/include/linux.h dep/animia/include/win32.h dep/animia/src/bsd.cpp dep/animia/src/linux.cpp dep/animia/src/main.cpp dep/animia/src/win32.cpp dep/animia/test/CMakeLists.txt dep/animia/test/main.cpp
diffstat 14 files changed, 674 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/CMakeLists.txt	Tue Sep 26 11:18:50 2023 -0400
+++ b/CMakeLists.txt	Thu Sep 28 12:35:21 2023 -0400
@@ -8,6 +8,7 @@
 endif()
 
 add_subdirectory(dep/anitomy)
+add_subdirectory(dep/animia)
 
 # Fix for mingw64
 list(APPEND CMAKE_FIND_LIBRARY_SUFFIXES ".dll.a" ".a")
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/CMakeLists.txt	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,25 @@
+cmake_minimum_required(VERSION 3.9)
+project(animia)
+set(SRC_FILES
+	src/main.cpp
+)
+if(LINUX)
+	list(APPEND SRC_FILES src/linux.cpp)
+elseif(UNIX) # this won't run on Linux
+	list(APPEND SRC_FILES src/bsd.cpp)
+elseif(WIN32)
+	list(APPEND SRC_FILES src/win32.cpp)
+endif()
+add_library(animia SHARED ${SRC_FILES})
+set_target_properties(animia PROPERTIES
+    PUBLIC_HEADER animia/animia.h CXX_STANDARD 17)
+target_include_directories(animia PRIVATE include)
+
+if(BUILD_TESTS)
+	project(test LANGUAGES CXX)
+	add_executable(test test/main.cpp)
+
+	target_include_directories(test PUBLIC include)
+	target_link_libraries(test PUBLIC animia)
+	set_target_properties(test PROPERTIES CXX_STANDARD 17)
+endif()
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/LICENSE	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,29 @@
+BSD 3-Clause License
+
+Copyright (c) 2023, Paper
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/README.md	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,3 @@
+# Animia
+Animia is a wrapper around Linux's `/proc` and BSD's system calls.
+Its primary purpose is to provide a map of PIDs and a list of opened files to the user.
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/include/animia.h	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,16 @@
+#ifndef __animia__animia_h
+#define __animia__animia_h
+#include <vector>
+#include <string>
+#include <unordered_map>
+
+namespace Animia {
+
+std::vector<int> get_all_pids();
+std::string get_process_name(int pid);
+std::vector<std::string> get_open_files(int pid);
+std::unordered_map<int, std::vector<std::string>> get_all_open_files();
+
+}
+
+#endif // __animia__animia_h
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/include/bsd.h	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,16 @@
+#ifndef __animia__bsd_h
+#define __animia__bsd_h
+#include <vector>
+#include <string>
+#include <unordered_map>
+
+namespace Animia::Unix {
+
+std::vector<int> get_all_pids();
+std::string get_process_name(int pid);
+std::vector<std::string> get_open_files(int pid);
+std::unordered_map<int, std::vector<std::string>> get_all_open_files();
+
+}
+
+#endif // __animia__bsd_h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/include/linux.h	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,16 @@
+#ifndef __animia__linux_h
+#define __animia__linux_h
+#include <vector>
+#include <string>
+#include <unordered_map>
+
+namespace Animia::Linux {
+
+std::vector<int> get_all_pids();
+std::string get_process_name(int pid);
+std::vector<std::string> get_open_files(int pid);
+std::unordered_map<int, std::vector<std::string>> get_all_open_files();
+
+}
+
+#endif // __animia__linux_h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/include/win32.h	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,16 @@
+#ifndef __animia__windows_h
+#define __animia__windows_h
+#include <vector>
+#include <string>
+#include <unordered_map>
+
+namespace Animia::Windows {
+
+std::vector<int> get_all_pids();
+std::string get_process_name(int pid);
+std::vector<std::string> get_open_files(int pid);
+std::unordered_map<int, std::vector<std::string>> get_all_open_files();
+
+}
+
+#endif // __animia__windows_h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/src/bsd.cpp	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,102 @@
+/**
+ * bsd.cpp 
+ *  - provides support for most* versions of BSD
+ *  - this *should* also work for OS X
+ * more technical details: this is essentially a wrapper
+ * around the very C-like BSD system functions that are...
+ * kind of unnatural to use in modern C++.
+**/
+#include <vector>
+#include <string>
+#include <unordered_map>
+#include <sys/types.h>
+#include <sys/sysctl.h>
+#include <sys/user.h>
+#include <fcntl.h>
+#include <iostream>
+#ifdef __FreeBSD__
+#include <libutil.h>
+#elif defined(__APPLE__)
+#include <libproc.h>
+#endif
+
+namespace Animia::Unix {
+
+/* this is a cleaned up version of a function from... Apple?
+   ...anyway, what it essentially does is gets the size and stuff from
+   sysctl() and reserves the space in a vector to store the PIDs */
+std::vector<int> get_all_pids() {
+    std::vector<int> ret;
+    struct kinfo_proc* result = NULL;
+    size_t             length = 0;
+    static const int   name[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 };
+
+    /* get appropriate length from sysctl() */
+    sysctl((int*)name, (sizeof(name) / sizeof(*name)) - 1, NULL, &length, NULL, 0);
+
+    result = (struct kinfo_proc*)malloc(length);
+    if (result == NULL)
+        return std::vector<int>();
+
+    /* actually get our results */
+    if (sysctl((int*)name, (sizeof(name) / sizeof(*name)) - 1, result, &length, NULL, 0) == ENOMEM) {
+        assert(result != NULL);
+        free(result);
+        throw std::bad_alloc();
+    }
+
+    /* add pids to our vector */
+    ret.reserve(length/sizeof(*result));
+    for (int i = 0; i < length/sizeof(*result); i++)
+        ret.push_back(result[i].kp_proc.p_pid);
+
+    return ret;
+}
+
+std::string get_process_name(int pid) {
+    std::string ret;
+#ifdef __FreeBSD__
+    struct kinfo_proc* proc = kinfo_getproc(pid);
+    if (!proc) {
+        return "";
+    ret = proc->ki_comm;
+    free(proc);
+#elif defined(__APPLE__)
+    struct proc_bsdinfo proc;
+
+    int st = proc_pidinfo(pid, PROC_PIDTBSDINFO, 0, &proc, PROC_PIDTBSDINFO_SIZE);
+    if (st != PROC_PIDTBSDINFO_SIZE)
+        return "";
+    return proc.pbi_comm;
+#endif
+    return ret;
+}
+
+std::vector<std::string> get_open_files(int pid) {
+    // initialize buffer
+    std::vector<std::string> ret;
+    int bufsz = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, NULL, 0);
+    struct proc_fdinfo *info = (struct proc_fdinfo *)malloc(bufsz);
+    proc_pidinfo(pid, PROC_PIDLISTFDS, 0, info, bufsz);
+
+    // iterate over stuff
+    for (int i = 0; i < bufsz/sizeof(info[0]); i++) {
+        if (info[i].proc_fdtype == PROX_FDTYPE_VNODE) {
+            struct vnode_fdinfowithpath vnodeInfo;
+            proc_pidfdinfo(pid, info[i].proc_fd, PROC_PIDFDVNODEPATHINFO, &vnodeInfo, PROC_PIDFDVNODEPATHINFO_SIZE);
+	    ret.push_back(vnodeInfo.pvip.vip_path);
+        }
+    }
+    return ret;
+}
+
+std::unordered_map<int, std::vector<std::string>> get_all_open_files() {
+    std::unordered_map<int, std::vector<std::string>> map;
+    std::vector<int> pids = get_all_pids();
+    for (int i: pids) {
+        map[i] = get_open_files(i);
+    }
+    return map;
+}
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/src/linux.cpp	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,109 @@
+#include <string>
+#include <vector>
+#include <fstream>
+#include <filesystem>
+#include <unordered_map>
+#include <iostream>
+#include <sstream>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <algorithm>
+
+#define PROC_LOCATION "/proc"
+
+namespace Animia::Linux {
+
+std::vector<int> get_all_pids() {
+	std::vector<int> ret;
+	for (const auto& dir : std::filesystem::directory_iterator(PROC_LOCATION)) {
+		int pid;
+		try {
+			pid = std::stoi(dir.path().stem());
+		} catch (std::invalid_argument) {
+			continue;
+		}
+		ret.push_back(pid);
+	}
+	return ret;
+}
+
+std::string get_process_name(int pid) {
+	std::string path = PROC_LOCATION "/" + std::to_string(pid) + "/comm";
+	std::ifstream t(path);
+	std::stringstream buf;
+	buf << t.rdbuf();
+	std::string str = buf.str();
+	str.erase(std::remove(str.begin(), str.end(), '\n'), str.end());
+	return str;
+}
+
+static bool is_regular_file(std::string link) {
+	struct stat sb;
+	if (stat(link.c_str(), &sb) == -1)
+		return false;
+	return S_ISREG(sb.st_mode);
+}
+
+static bool are_flags_ok(int pid, int fd) {
+	std::string path = PROC_LOCATION "/" + std::to_string(pid) + "/fdinfo/" + std::to_string(fd);
+	std::ifstream t(path);
+	std::stringstream buffer;
+	buffer << t.rdbuf();
+	std::string raw;
+	int flags = 0;
+	while (std::getline(buffer, raw)) {
+		if (raw.rfind("flags:", 0) == 0) {
+			flags = std::stoi(raw.substr(raw.find_last_not_of("0123456789") + 1));
+		}
+	}
+	if (flags & O_WRONLY || flags & O_RDWR)
+		return false;
+	return true;
+}
+
+static int get_size_of_link(std::string link) {
+	struct stat sb;
+	if (lstat(link.c_str(), &sb) == -1)
+		return -1;
+	return sb.st_size + 1;
+}
+
+std::vector<std::string> get_open_files(int pid) {
+	std::vector<std::string> ret;
+	std::string path = PROC_LOCATION "/" + std::to_string(pid) + "/fd";
+	try {
+		for (const auto& dir : std::filesystem::directory_iterator(path)) {
+			if (!are_flags_ok(pid, std::stoi(dir.path().stem())))
+				continue;
+			/* get filename size */
+			int size = get_size_of_link(dir.path().string());
+			/* allocate buffer */
+			char* buf = (char*)calloc(size, sizeof(char));
+			//std::string buf('\0', size);
+			/* read filename to buffer */
+			int r = readlink(dir.path().c_str(), buf, size);
+
+			if (r < 0)
+				continue;
+			if (!is_regular_file(buf))
+				continue;
+			ret.push_back(buf);
+			free(buf);
+		}
+	} catch (std::filesystem::filesystem_error const& ex) {
+		if (ex.code().value() != 13) // 13 == permissions error, common with /proc, ignore
+			throw;
+	}
+	return ret;
+}
+
+std::unordered_map<int, std::vector<std::string>> get_all_open_files() {
+	std::unordered_map<int, std::vector<std::string>> map;
+	std::vector<int> pids = get_all_pids();
+	for (int i: pids)
+		map[i] = get_open_files(i);
+	return map;
+}
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/src/main.cpp	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,66 @@
+#include "bsd.h"
+#include "linux.h"
+#include "win32.h"
+#include <vector>
+#include <string>
+#include <unordered_map>
+#ifdef __linux__
+#	define ON_LINUX
+#elif (defined(unix) || defined(__unix__) || defined(__unix) || \
+		(defined(__APPLE__) && defined(__MACH__)))
+#	define ON_UNIX
+#elif defined(_WIN32)
+#	define ON_WINDOWS
+#endif
+
+namespace Animia {
+
+std::vector<int> get_all_pids() {
+#ifdef ON_UNIX
+	return Unix::get_all_pids();
+#elif defined(ON_LINUX)
+	return Linux::get_all_pids();
+#elif defined(ON_WINDOWS)
+	return Windows::get_all_pids();
+#else
+	return {};
+#endif
+}
+
+std::string get_process_name(int pid) {
+#ifdef ON_UNIX
+	return Unix::get_process_name(pid);
+#elif defined(ON_LINUX)
+	return Linux::get_process_name(pid);
+#elif defined(ON_WINDOWS)
+	return Windows::get_process_name(pid);
+#else
+	return "";
+#endif
+}
+
+std::vector<std::string> get_open_files(int pid) {
+#ifdef ON_UNIX
+	return Unix::get_open_files(pid);
+#elif defined(ON_LINUX)
+	return Linux::get_open_files(pid);
+#elif defined(ON_WINDOWS)
+	return Windows::get_open_files(pid);
+#else
+	return {};
+#endif
+}
+
+std::unordered_map<int, std::vector<std::string>> get_all_open_files() {
+#ifdef ON_UNIX
+	return Unix::get_all_open_files();
+#elif defined(ON_LINUX)
+	return Linux::get_all_open_files();
+#elif defined(ON_WINDOWS)
+	return Windows::get_all_open_files();
+#else
+	return {};
+#endif
+}
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/src/win32.cpp	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,258 @@
+#include "win32.h"
+#include <windows.h>
+#include <winternl.h>
+#include <libloaderapi.h>
+#include <ntdef.h>
+#include <psapi.h>
+#include <tlhelp32.h>
+#include <fileapi.h>
+#include <handleapi.h>
+#include <vector>
+#include <iostream>
+#include <string>
+#include <unordered_map>
+#include <stdexcept>
+#include <locale>
+#include <codecvt>
+/* This file is noticably more complex than Unix and Linux, and that's because
+   there is no "simple" way to get the paths of a file. */
+
+#define SystemExtendedHandleInformation ((SYSTEM_INFORMATION_CLASS)0x40)
+constexpr NTSTATUS STATUS_INFO_LENGTH_MISMATCH = 0xC0000004UL;
+constexpr NTSTATUS STATUS_SUCCESS = 0x00000000UL;
+
+static unsigned short file_type_index = 0;
+
+struct SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX {
+	PVOID Object;
+	ULONG_PTR UniqueProcessId;
+	HANDLE HandleValue;
+	ACCESS_MASK GrantedAccess;
+	USHORT CreatorBackTraceIndex;
+	USHORT ObjectTypeIndex;
+	ULONG HandleAttributes;
+	ULONG Reserved;
+};
+
+struct SYSTEM_HANDLE_INFORMATION_EX {
+	ULONG_PTR NumberOfHandles;
+	ULONG_PTR Reserved;
+	SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX Handles[1];
+};
+
+namespace Animia::Windows {
+
+std::vector<int> get_all_pids() {
+	std::vector<int> ret;
+    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
+    PROCESSENTRY32 pe32;
+	pe32.dwSize = sizeof(PROCESSENTRY32);
+
+    if (hProcessSnap == INVALID_HANDLE_VALUE)
+        return std::vector<int>();
+
+	if (!Process32First(hProcessSnap, &pe32))
+		return std::vector<int>();
+
+	ret.push_back(pe32.th32ProcessID);
+	while (Process32Next(hProcessSnap, &pe32)) {
+		ret.push_back(pe32.th32ProcessID);
+	}
+	// clean the snapshot object
+	CloseHandle(hProcessSnap);
+
+    return ret;
+}
+
+std::string get_process_name(int pid) {
+	HANDLE handle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pid);
+	if (!handle)
+		return "";
+
+	std::string ret(MAX_PATH, '\0');
+	if (!GetModuleBaseNameA(handle, 0, &ret.front(), ret.size()))
+		throw std::runtime_error("GetModuleBaseNameA failed: " + std::to_string(GetLastError()));
+	CloseHandle(handle);
+
+	return ret;
+}
+
+/* All of this BS is required on Windows. Why? */
+
+HANDLE DuplicateHandle(HANDLE process_handle, HANDLE handle) {
+	HANDLE dup_handle = nullptr;
+	const bool result = ::DuplicateHandle(process_handle, handle,
+		::GetCurrentProcess(), &dup_handle, 0, false, DUPLICATE_SAME_ACCESS);
+	return result ? dup_handle : nullptr;
+}
+
+PVOID GetNTDLLAddress(LPCSTR proc_name) {
+	return reinterpret_cast<PVOID>(GetProcAddress(GetModuleHandleA("ntdll.dll"), proc_name));
+}
+
+NTSTATUS QuerySystemInformation(SYSTEM_INFORMATION_CLASS cls, PVOID sysinfo, ULONG len, PULONG retlen) {
+	static const auto func = reinterpret_cast<decltype(::NtQuerySystemInformation)*>(GetNTDLLAddress("NtQuerySystemInformation"));
+	return func(cls, sysinfo, len, retlen);
+}
+
+NTSTATUS QueryObject(HANDLE handle, OBJECT_INFORMATION_CLASS cls, PVOID objinf, ULONG objinflen, PULONG retlen) {
+	static const auto func = reinterpret_cast<decltype(::NtQueryObject)*>(GetNTDLLAddress("NtQueryObject"));
+	return func(handle, cls, objinf, objinflen, retlen);
+}
+
+std::vector<SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX> GetSystemHandleInformation() {
+	std::vector<SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX> res;
+	ULONG cb = 1 << 19;
+	NTSTATUS status = STATUS_SUCCESS;
+	SYSTEM_HANDLE_INFORMATION_EX* info;
+
+	do {
+		status = STATUS_NO_MEMORY;
+
+		if (!(info = (SYSTEM_HANDLE_INFORMATION_EX*)malloc(cb *= 2)))
+			continue;
+
+		if (0 <= (status = QuerySystemInformation(SystemExtendedHandleInformation, info, cb, &cb))) {
+			if (ULONG_PTR handles = info->NumberOfHandles) {
+				SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX* entry = info->Handles;
+				do {
+					if (entry) res.push_back(*entry);
+				} while (entry++, --handles);
+			}
+		}
+		free(info);
+	} while (status == STATUS_INFO_LENGTH_MISMATCH);
+
+	return res;
+}
+
+OBJECT_TYPE_INFORMATION QueryObjectTypeInfo(HANDLE handle) {
+	OBJECT_TYPE_INFORMATION info;
+	QueryObject(handle, ObjectTypeInformation, &info, sizeof(info), NULL);
+	return info;
+}
+
+std::string UnicodeStringToStdString(UNICODE_STRING string) {
+	ANSI_STRING result;
+	static const auto uc_to_ansi = reinterpret_cast<decltype(::RtlUnicodeStringToAnsiString)*>(GetNTDLLAddress("RtlUnicodeStringToAnsiString"));
+	uc_to_ansi(&result, &string, TRUE);
+	std::string ret = std::string(result.Buffer, result.Length);
+	static const auto free_ansi = reinterpret_cast<decltype(::RtlFreeAnsiString)*>(GetNTDLLAddress("RtlFreeAnsiString"));
+	free_ansi(&result);
+	return ret;
+}
+
+std::string GetHandleType(HANDLE handle) {
+	OBJECT_TYPE_INFORMATION info = QueryObjectTypeInfo(handle);
+	return UnicodeStringToStdString(info.TypeName);
+}
+
+/* GetFinalPathNameByHandleA literally just doesn't work */
+std::string GetFinalPathNameByHandle(HANDLE handle) {
+	std::wstring buffer;
+
+	int result = ::GetFinalPathNameByHandleW(handle, NULL, 0, FILE_NAME_NORMALIZED | VOLUME_NAME_DOS);
+	buffer.resize(result);
+	::GetFinalPathNameByHandleW(handle, &buffer.front(), buffer.size(), FILE_NAME_NORMALIZED | VOLUME_NAME_DOS);
+
+	std::wstring_convert<std::codecvt_utf8<wchar_t>, wchar_t> converter;
+
+	return converter.to_bytes(buffer);
+}
+
+std::string GetSystemDirectory() {
+	std::string windir = std::string(MAX_PATH, '\0');
+	::GetWindowsDirectoryA(&windir.front(), windir.length());
+	return "\\\\?\\" + windir;
+}
+
+/* This function is useless. I'm not exactly sure why, but whenever I try to compare the two
+   values, they both come up as different. I'm assuming it's just some Unicode BS I can't be bothered
+   to deal with. */
+bool IsSystemDirectory(const std::string& path) {
+	std::string path_l = path;
+	CharUpperBuffA(&path_l.front(), path_l.length());
+
+	std::string windir = GetSystemDirectory();
+	CharUpperBuffA(&windir.front(), windir.length());
+
+	return path_l.rfind(windir, 0) != std::string::npos;
+}
+
+bool IsFileHandle(HANDLE handle, unsigned short object_type_index) {
+	if (file_type_index)
+		return object_type_index == file_type_index;
+	else if (!handle)
+		return true;
+	else if (GetHandleType(handle) == "File") {
+		file_type_index = object_type_index;
+		return true;
+	}
+	return false;
+}
+
+bool IsFileMaskOk(ACCESS_MASK access_mask) {
+	/* this filters out any file handles that, legitimately,
+	   do not make sense (for what we're using it for)
+	
+	   shoutout to erengy for having these in Anisthesia */
+
+	if (!(access_mask & FILE_READ_DATA))
+		return false;
+
+	if ((access_mask & FILE_APPEND_DATA) ||
+	    (access_mask & FILE_WRITE_EA) ||
+	    (access_mask & FILE_WRITE_ATTRIBUTES))
+		return false;
+
+	return true;
+}
+
+bool IsFilePathOk(const std::string& path) {
+	if (path.empty() || IsSystemDirectory(path))
+		return false;
+
+	const auto file_attributes = GetFileAttributesA(path.c_str());
+	if ((file_attributes == INVALID_FILE_ATTRIBUTES) ||
+	    (file_attributes & FILE_ATTRIBUTE_DIRECTORY))
+		return false;
+
+	return true;
+}
+
+std::vector<std::string> get_open_files(int pid) {
+	std::unordered_map<int, std::vector<std::string>> map = get_all_open_files();
+	return map[pid];
+}
+
+std::unordered_map<int, std::vector<std::string>> get_all_open_files() {
+	std::unordered_map<int, std::vector<std::string>> map;
+	std::vector<SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX> info = GetSystemHandleInformation();
+	for (auto& h : info) {
+		int pid = h.UniqueProcessId;
+
+		if (!IsFileHandle(nullptr, h.ObjectTypeIndex))
+			continue;
+		if (!IsFileMaskOk(h.GrantedAccess))
+			continue;
+
+		const HANDLE proc = ::OpenProcess(PROCESS_DUP_HANDLE, false, pid);
+		HANDLE handle = DuplicateHandle(proc, h.HandleValue);
+		if (!handle)
+			continue;
+
+		if (GetFileType(handle) != FILE_TYPE_DISK)
+			continue;
+
+		std::string path = GetFinalPathNameByHandle(handle);
+		if (!IsFilePathOk(path))
+			continue;
+
+		if (map.find(pid) == map.end())
+			map[pid] = {};
+		map[pid].push_back(path);
+	}
+	return map;
+}
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/test/CMakeLists.txt	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,6 @@
+cmake_minimum_required(VERSION 3.16)
+add_subdirectory(.. ${CMAKE_CURRENT_BINARY_DIR}/animia)
+project(test LANGUAGES CXX)
+add_executable(test main.cpp)
+
+target_include_directories(test PUBLIC ../include)
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dep/animia/test/main.cpp	Thu Sep 28 12:35:21 2023 -0400
@@ -0,0 +1,11 @@
+#include "animia.h"
+#include <iostream>
+
+int main() {
+	std::unordered_map<int, std::vector<std::string>> map = Animia::get_all_open_files();
+	for (int i = 0; i < map.size(); i++) {
+		for (std::string s: map[i]) {
+			std::cout << Animia::get_process_name(i) << " (" << i << "): " << s << "\n";
+		}
+	}
+}