C++ 中的 GetProcessName
我有一个带有打击细节的功能。
typedef 部分
typedef DWORD (WINAPI *GETMODULEFILENAMEEX)(HANDLE hProcess, HMODULE hModule, LPTSTR lpBaseName,DWORD nSize);
typedef BOOL (WINAPI *PFNTERMINATEPROCESS)(HANDLE hProcess,UINT uExitCode);
/// GetProcessName 函数
void GetProcessName(DWORD PID, PTSTR szProcessName, size_t cchSize)
{
HMODULE lib=LoadLibrary(TEXT("Psapi.dll"));
GetModuleFileNameEx=(GETMODULEFILENAMEEX)GetProcAddress
(lib,"GetModuleFileNameExW");
_tcscpy_s(szProcessName, cchSize, TEXT("---"));
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,PID);
if (hProcess == NULL) {
_tcscpy_s(szProcessName, cchSize, TEXT("???"));
return;
}
if (GetModuleFileNameEx(hProcess,(HMODULE)0, szProcessName, cchSize)
== 0) {
if (!GetProcessImageFileName(hProcess, szProcessName, cchSize)) {
_tcscpy_s(szProcessName, cchSize, TEXT("???"));
}
}
CloseHandle(hProcess);
}
我想在下面的函数中使用此函数
BOOL WINAPI Hook_TerminateProcess(HANDLE hProcess,UINT uExitCode) {
BOOL nResult=false;
TCHAR szProcessName[MAX_PATH];
nResult = ((PFNTERMINATEPROCESS)(PROC) g_TerminateProcess)(hProcess,uExitCode);
GetProcessName(HandleToULong(hProcess),szProcessName,MAX_PATH); //my question here
MessageBox(0, szProcessName ,TEXT("My MessageBox Info"),MB_OK | MB_ICONERROR);
return(nResult);
}
当我调用函数 GetProcessName 时,这必须返回进程名称,但它???总是。 我直接通过PID调用这个函数,例如GetProcessName(2018,szProcessName,MAX_PATH);。 例如 2018 是一个 pid 并且它可以工作。 我不知道为什么 HandleToULong(hProcess) 不起作用。我的 hProcess 必须是一个句柄 现在肯定要输入我如何解决这个问题?
I have a function with blow detail.
typedef part
typedef DWORD (WINAPI *GETMODULEFILENAMEEX)(HANDLE hProcess, HMODULE hModule, LPTSTR lpBaseName,DWORD nSize);
typedef BOOL (WINAPI *PFNTERMINATEPROCESS)(HANDLE hProcess,UINT uExitCode);
/// GetProcessName function
void GetProcessName(DWORD PID, PTSTR szProcessName, size_t cchSize)
{
HMODULE lib=LoadLibrary(TEXT("Psapi.dll"));
GetModuleFileNameEx=(GETMODULEFILENAMEEX)GetProcAddress
(lib,"GetModuleFileNameExW");
_tcscpy_s(szProcessName, cchSize, TEXT("---"));
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,PID);
if (hProcess == NULL) {
_tcscpy_s(szProcessName, cchSize, TEXT("???"));
return;
}
if (GetModuleFileNameEx(hProcess,(HMODULE)0, szProcessName, cchSize)
== 0) {
if (!GetProcessImageFileName(hProcess, szProcessName, cchSize)) {
_tcscpy_s(szProcessName, cchSize, TEXT("???"));
}
}
CloseHandle(hProcess);
}
I want use this function in below function
BOOL WINAPI Hook_TerminateProcess(HANDLE hProcess,UINT uExitCode) {
BOOL nResult=false;
TCHAR szProcessName[MAX_PATH];
nResult = ((PFNTERMINATEPROCESS)(PROC) g_TerminateProcess)(hProcess,uExitCode);
GetProcessName(HandleToULong(hProcess),szProcessName,MAX_PATH); //my question here
MessageBox(0, szProcessName ,TEXT("My MessageBox Info"),MB_OK | MB_ICONERROR);
return(nResult);
}
When I call function GetProcessName, this must return process name but it ??? str always.
I call this function directly by PID, for example GetProcessName(2018,szProcessName,MAX_PATH);.
2018 for example is a pid and it work.
I don't know why HandleToULong(hProcess) doesn't work. My hProcess must be a handle
type certainly now how I fix this problem?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
字符名称[MAX_PATH * 2] = "\0", *p;
GetModuleFileName(GetModuleHandle(NULL),名称,MAX_PATH);
p = 名称 + strlen(名称) - 1;
while (isalnum(*p) || ('.' == *p) || ('_' == *p))
p--;
p++;
std::cout << p << std::endl;
char name[MAX_PATH * 2 ] = "\0", *p;
GetModuleFileName(GetModuleHandle(NULL),name,MAX_PATH);
p = name + strlen(name) - 1;
while (isalnum(*p) || ('.' == *p) || ('_' == *p))
p--;
p++;
std::cout << p << std::endl;
您必须调用
GetProcessId而不是HandleToULong。您需要一个进程 ID,而不是转换为无符号长整型的句柄You must call
GetProcessIdrather thanHandleToULong. You need a process ID, not a handle-converted-to-an-unsigned-long在 Windows 中,进程 ID 与进程句柄不同。您将在
Hook_TerminateProcess中获取进程句柄,并将其作为进程 ID 传递到GetProcessName中。这永远不会起作用。您应该重构
GetProcessName以获取句柄,然后使用获取进程 ID 的重载。进程 ID 重载会通过OpenProcess将其转换为句柄,并由CloseHandle进行清理。重构后,您将有两种方法:
In Windows, a process ID is different from a process handle. You are taking the process handle in
Hook_TerminateProcessand passing it intoGetProcessNameas a process ID. This will never work.You should refactor
GetProcessNameto take a handle and then have an overload that takes a process ID. The process ID overload does theOpenProcesswork to convert it into a handle and theCloseHandlework to clean it up.After the refactoring, you'll have two methods: