bool enumerate_modules(){ union { PVOID buf; PUNICODE_STRING section_n

1. bool enumerate_modules()
2. {
3.     union {
4.         PVOID buf;
5.         PUNICODE_STRING section_name;
6.     };
7.  
8.     enum { buf_size = MAXUSHORT + sizeof(UNICODE_STRING) };
9.    
10.     if (!(buf = LocalAlloc(0, buf_size)))
11.     {
12.         return false;
13.     }
14.  
15.     SYSTEM_INFO si;
16.     GetSystemInfo(&si);
17.  
18.     while (si.lpMinimumApplicationAddress < si.lpMaximumApplicationAddress)
19.     {
20.         MEMORY_BASIC_INFORMATION mbi;
21.         NTSTATUS status = NtQueryVirtualMemory(NtCurrentProcess(), si.lpMinimumApplicationAddress,
22.             MemoryBasicInformation, &mbi, sizeof mbi, 0);
23.  
24.         if (!NT_SUCCESS(status))
25.             break;
26.  
27.         if (mbi.State == MEM_COMMIT && mbi.Type == MEM_IMAGE && mbi.AllocationBase == mbi.BaseAddress)
28.         {
29.             status = NtQueryVirtualMemory(NtCurrentProcess(), si.lpMinimumApplicationAddress,
30.                 MemoryMappedFilenameInformation, section_name, buf_size, nullptr);
31.  
32.             if (NT_SUCCESS(status))
33.             {
34.                 DbgPrint("%p %wZ\n", si.lpMinimumApplicationAddress, section_name);
35.             }
36.         }
37.  
38.         si.lpMinimumApplicationAddress = (PBYTE)mbi.BaseAddress + mbi.RegionSize;
39.     }
40.  
41.     LocalFree(buf);
42.  
43.     return true;
44. }