Expand description
§userdmp 🦀
userdmp is library in Rust for parsing Minidump (.dmp) files generated in user mode on Windows
§Features
- ✅ Module List Stream (
ModuleListStream): Contains information about all loaded modules (e.g., DLLs), including their file paths, base addresses, and sizes. - ✅ Handle Data Stream (
HandleDataStream): Captures details about open handles in the process, such as references to files, threads, and synchronization objects. - ✅ System Info Stream (
SystemInfoStream): Includes metadata about the operating system (e.g., version, build number) and hardware (e.g., CPU type and number of processors). - ✅ Exception Stream (
ExceptionStream): Records details about the exception that triggered the dump, including the exception code, address, and relevant parameters. - ✅ Memory Stream (
MemoryListStream / MemoryInfoListStream): Provides a list of memory regions that were included in the dump, allowing analysis of process memory contents at the time of the crash.
§Getting started
Add userdmp to your project by updating your Cargo.toml:
cargo add userdmp§Usage
The userdmp library provides tools to parse and analyze Minidump (.dmp) files generated in user mode on Windows. Here’s how you can use it:
§Parsing a Minidump File
To start working with a Minidump file, use the UserDump::new function to parse the file and create a UserDump instance:
ⓘ
use userdmp::{UserDump, UserDmpError};
fn main() -> Result<(), UserDmpError> {
// Parse the Minidump file
let dump = UserDump::new("example.dmp")?;
println!("Minidump parsed successfully!");
Ok(())
}§Additional Resources
For more examples, check the examples folder in the repository.
§License
This project is licensed under the MIT License. See the LICENSE file for details.
Modules§
- data
- The
datamodule defines data structures and constants used in minidump parsing. - error
- The module defines error types used throughout the library.
- mapper
- The module provides functionality for memory mapping files into memory
Structs§
- Handle
- Represents a handle in a minidump file, providing metadata about its type, object name, attributes, and granted access rights.
- Memory
- Represents a memory region in a minidump file, providing metadata about its state, protection level, allocation base, and type.
- Module
- Represents a module loaded in a process, including its memory range, checksum, path, timestamp, and additional records like CodeView (CV) and miscellaneous (MISC) information.
- System
- The
Systemstruct contains details about the processor architecture, operating system version, and other general system information useful for analyzing the minidump. - Thread
- Represents a thread in the process, as captured in the minidump file.
- User
Dump - Represents a parsed minidump file, containing metadata, modules, and threads.
Enums§
- Arch
- Represents the processor architecture of the captured process.
- Thread
Context - Represents the processor context of a thread captured in the minidump.
Traits§
- Minidump
Stream - Trait to represent the parsing of generic streams in a minidump file.
Type Aliases§
- Handles
- Represents the handles in a minidump file, mapped by their handle values.
- Memorys
- Represents memory regions in a minidump file, mapped by their base addresses.
- Modules
- Represents the modules in a minidump file, mapped by their starting memory address.
- Result
- Threads
- Represents the threads in a minidump file, mapped by their thread IDs.