sn.jace.pro - sn.jace.pro - a copy of the docs for ServiceNow

Name

sn_cmdb_int_util.ADMWindowsPreProcessorUtil
Description

No description available
Script

/*
* Detect the processes that have PPID that eventually point themselves in a cycle.
* According to MDSN (http://msdn.microsoft.com/en-us/library/aa394372(v=vs.85).aspx),
* MS OS would reuse a PID that was previously a process that's a parent of others.
* This results in an issue that we end up getting processes in a circle, but the reality is   that
* there is actually a root.
* process structure - It is an array of objects. This object can contain the following properties:
* - pid, ppid, name, command and parameters
* tcp structure - It is an array of objects. This object can contain the following properties:
* - ip, port, pid, state, type ('on' for LISTENING or 'to' for ESTABLISHED)
*/

var ADMWindowsPreProcessorUtil = Class.create();
ADMWindowsPreProcessorUtil.prototype = {
  initialize: function() {
      this.procsInCycle = {};
      this.ppidReplacement = {};
      this.pidToProc = {};
      this.pidToCreationDate = {};
  },

  /*
   * Detect the processes that have PPID that eventually point themselves in a cycle.
   * According to MDSN (http://msdn.microsoft.com/en-us/library/aa394372(v=vs.85).aspx),
   * MS OS would reuse a PID that was previously a process that's a parent of others.
   * This results in an issue that we end up getting processes in a circle, but the reality is that
   * there is actually a root. 
   */
  findCycles: function(processes) {
      for (var i = 0; i < processes.length; i++) {
          var process = processes[i];
          if (this.procsInCycle[process.pid]) {
              continue;
          }
          this.detectCycle(process, []);
      }
  },

  detectCycle: function(process, visited) {
      var cycleStart = -1;
      for (var i = 0; i < visited.length; i++) {
          if (visited[i] == process.pid) {
              cycleStart = i;
              break;
          }
      }
      if (cycleStart > -1) { // We have a cycle.
          var smallestCD = this.pidToCreationDate[process.pid];
          var eldestPid = process.pid;

          for (var i = cycleStart; i < visited.length; i++) {
              var pid = visited[i];
              this.procsInCycle[pid] = true; //Remember the ones we've already found in a cycle	
              var cd = this.pidToCreationDate[pid];
              if (cd < smallestCD) {
                  smallestCD = cd;
                  eldestPid = pid;
              }
          }

          // Mark the PPIDs that we need replace
          var a_proc = this.pidToProc[eldestPid];
          this.ppidReplacement[a_proc.ppid] = true;
          return;
      }

      var parent = this.pidToProc[process.ppid];
      if (parent) {
          // If the parent is a process tht was previously detected to be in a cycle, 
          // we can be rest assured there's no way it's going to be in a cycle with current child process.
          if (this.procsInCycle[process.pid])
              return;

          visited.push(process.pid);
          this.detectCycle(parent, visited);
      }
  },

  /*
   * Once we know all the PPIDs that was re-used for a new process, we replace all the PPIDs
   * that is still pointing to the old PID by prefixing them with "99999" in order to distinguish it from
   * the new process. We do it here because it's possible that some other processes (not in the cycle) 
   * also has the old PPID. 
   */
  replacePPIDs: function(processes) {
      for (var i = 0; i < processes.length; i++) {
          var process = processes[i];
          if (this.ppidReplacement[process.ppid])
              process.ppid = "99999" + process.ppid;
      }
  },


  type: 'ADMWindowsPreProcessorUtil'
};
Sys ID

16c6505a77502110258d234468106109
Offical Documentation

Official Docs: