📄 simpleprocessapi.cpp
字号:
nCurrentPID);
}
if (pProcessHandle != NULL) {
HMODULE pLoadedModules[4096];
DWORD nLoadedBytes = 0;
// Get array of loaded modules
if (EnumProcessModules(pProcessHandle,
pLoadedModules,
(DWORD)sizeof(pLoadedModules),
&nLoadedBytes)) {
// Compute effective number of modules
int nNumberOfModules = nLoadedBytes/sizeof(HMODULE);
// Loop on all modules
for (int i=0; i<nNumberOfModules; i++) {
// Fetch module file name
char pFileName[_MAX_PATH];
CString cleanFileName;
if (GetModuleFileNameEx(pProcessHandle,
pLoadedModules[i],
pFileName,
_MAX_PATH) > 0) {
// Make the module UPPERCASE
// Windows NT seems to use random cases for files...
cleanFileName=pFileName;
cleanFileName.MakeUpper();
// Insert module name in list, in alphabetical order
POSITION pos = ModuleFileNameList.GetHeadPosition();
BOOL bInsertBefore = FALSE;
while ( pos != NULL ) {
CString FileName = ModuleFileNameList.GetNext(pos);
//TRACE1("File at current pos: \"%s\"\n", FileName);
if (FileName >= cleanFileName) {
bInsertBefore = TRUE;
// Go back one position (or go to last)
if (pos==NULL) {
pos = ModuleFileNameList.GetTailPosition();
} else {
ModuleFileNameList.GetPrev(pos);
}
break;
}
}
if (bInsertBefore) {
if (pos == NULL) {
ModuleFileNameList.AddHead(cleanFileName);
} else {
ModuleFileNameList.InsertBefore(pos, cleanFileName);
}
} else {
if (pos == NULL) {
ModuleFileNameList.AddTail(cleanFileName);
} else {
ModuleFileNameList.AddHead(cleanFileName);
}
}
// DUMP THE LIST
pos = ModuleFileNameList.GetHeadPosition();
bReturnCode=TRUE;
}
}
}
// Close process handle
CloseHandle(pProcessHandle);
} else {
TRACE2("Can't open process %u: %d\n", nCurrentPID, GetLastError());
bReturnCode=FALSE;
}
return(bReturnCode);
}
BOOL CSimpleProcessAPI::Windows9xBuildProcessList(CMapStringToString &ProcessPIDNameMap)
{
// Windows 98 Implementation: Uses TOOLHELP32
HANDLE hProcessSnap = NULL;
BOOL bRet = FALSE;
PROCESSENTRY32 pe32 = {0};
// Reset list/map
ProcessPIDNameMap.RemoveAll();
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == (HANDLE)-1) {
return (FALSE);
}
// Fill in the size of the structure before using it.
pe32.dwSize = sizeof(PROCESSENTRY32);
// Walk the snapshot of the processes, and for each process,
// display information.
if (Process32First(hProcessSnap, &pe32)) {
BOOL bGotModule = FALSE;
do
{
CString szMapKey;
szMapKey.Format("%u", pe32.th32ProcessID);
// Heristic: to get process name, get its executable path, extract the filename,
// and eventually add the file extension.
TCHAR lpszProcessName[_MAX_PATH];
TCHAR lpszExecutableFileName[_MAX_FNAME];
TCHAR lpszExecutableFileExt[_MAX_EXT];
_splitpath(pe32.szExeFile, NULL, NULL, lpszExecutableFileName, lpszExecutableFileExt);
strcpy(lpszProcessName, lpszExecutableFileName);
if (!stricmp(lpszExecutableFileExt, ".EXE") ||
!stricmp(lpszExecutableFileExt, ".DLL")) {
strcat(lpszProcessName, lpszExecutableFileExt);
}
ProcessPIDNameMap.SetAt(szMapKey, lpszProcessName);
}
while (Process32Next(hProcessSnap, &pe32));
bRet = TRUE;
}
else {
bRet = FALSE; // could not walk the list of processes
}
// Do not forget to clean up the snapshot object.
CloseHandle (hProcessSnap);
return (bRet);
}
BOOL CSimpleProcessAPI::Windows9xBuildModuleList(DWORD nCurrentPID, CStringList &ModuleFileNameList)
{
// Windows 98 Implementation: Uses TOOLHELP32
BOOL bReturnCode = FALSE;
HANDLE hModuleSnap = NULL;
MODULEENTRY32 me32 = {0};
// Empty the list
ModuleFileNameList.RemoveAll();
if (nCurrentPID == 0) {
// Get current process id
nCurrentPID = GetCurrentProcessId();
}
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, nCurrentPID);
if (hModuleSnap == (HANDLE)-1)
return (FALSE);
// Fill the size of the structure before using it.
me32.dwSize = sizeof(MODULEENTRY32);
// Walk the module list of the process, and find the module of
// interest. Then copy the information to the buffer pointed
// to by lpMe32 so that it can be returned to the caller.
if (Module32First(hModuleSnap, &me32)) {
do
{
// Fetch module file name
CString cleanFileName;
// Make the module UPPERCASE
// Windows NT seems to use random cases for files...
cleanFileName = me32.szExePath;
cleanFileName.MakeUpper();
// Insert module name in list, in alphabetical order
POSITION pos = ModuleFileNameList.GetHeadPosition();
BOOL bInsertBefore = FALSE;
while ( pos != NULL ) {
CString FileName = ModuleFileNameList.GetNext(pos);
//TRACE1("File at current pos: \"%s\"\n", FileName);
if (FileName >= cleanFileName) {
bInsertBefore = TRUE;
// Go back one position (or go to last)
if (pos==NULL) {
pos = ModuleFileNameList.GetTailPosition();
} else {
ModuleFileNameList.GetPrev(pos);
}
break;
}
}
if (bInsertBefore) {
if (pos == NULL) {
ModuleFileNameList.AddHead(cleanFileName);
} else {
ModuleFileNameList.InsertBefore(pos, cleanFileName);
}
} else {
if (pos == NULL) {
ModuleFileNameList.AddTail(cleanFileName);
} else {
ModuleFileNameList.AddHead(cleanFileName);
}
}
// DUMP THE LIST
pos = ModuleFileNameList.GetHeadPosition();
bReturnCode=TRUE;
}
while (Module32Next(hModuleSnap, &me32));
}
else {
bReturnCode = FALSE; // could not walk module list
}
// Do not forget to clean up the snapshot object.
CloseHandle (hModuleSnap);
return (bReturnCode);
}
///////////////////////////////////////////////////////////////////////////////////////
//// Portable Functions (cross-platform)
///////////////////////////////////////////////////////////////////////////////////////
BOOL CSimpleProcessAPI::GetProcessesLockingModule(LPCTSTR lpszModuleName, CMapStringToString &PIDNameMap, CMapStringToString &oLoadingProcessMap)
{
BOOL bReturnCode = FALSE;
CString PIDString;
DWORD nPID=0;
POSITION hProcessPosition = NULL;
oLoadingProcessMap.RemoveAll(); // List of processes which loaded the module
hProcessPosition = PIDNameMap.GetStartPosition();
while( hProcessPosition != NULL ){
CString ProcessName;
CString PIDString;
int effectivePosition = 0;
// Get key ( PIDString ) and value ( ProcessName )
PIDNameMap.GetNextAssoc( hProcessPosition, PIDString, ProcessName );
// Convert PID to a number
nPID = atol(PIDString);
CStringList ModuleList;
TCHAR lpszSearchedModuleShortName[_MAX_PATH];
TCHAR lpszCurrentModuleShortName[_MAX_PATH];
// Convert the searched module name to a SHORT PATH
strcpy(lpszSearchedModuleShortName, "");
GetShortPathName(lpszModuleName, lpszSearchedModuleShortName, sizeof(lpszSearchedModuleShortName));
if (BuildModuleList(nPID, ModuleList)) {
POSITION hModulePosition = ModuleList.GetHeadPosition();
while( hModulePosition != NULL ){
// Get file name
CString FileName = ModuleList.GetNext(hModulePosition);
// Convert the current module to a SHORT PATH
strcpy(lpszCurrentModuleShortName, "");
GetShortPathName(FileName, lpszCurrentModuleShortName, sizeof(lpszCurrentModuleShortName));
if (!stricmp(lpszSearchedModuleShortName, lpszCurrentModuleShortName)) {
// Module found: store it in map of processes
bReturnCode = TRUE;
oLoadingProcessMap.SetAt(PIDString,ProcessName);
hModulePosition=NULL;
}
}
}
}
return(bReturnCode);
}
DWORD CSimpleProcessAPI::GetFirstProcessLockingModule(LPCTSTR lpszModuleName, CMapStringToString &PIDNameMap)
{
CMapStringToString oLoadingProcessMap;
DWORD dwFoundPID = 0;
if (GetProcessesLockingModule(lpszModuleName, PIDNameMap, oLoadingProcessMap)) {
POSITION hProcessPosition = NULL;
hProcessPosition = oLoadingProcessMap.GetStartPosition();
if ( hProcessPosition != NULL ){
CString ProcessName;
CString PIDString;
// Get key ( PIDString ) and value ( ProcessName )
oLoadingProcessMap.GetNextAssoc( hProcessPosition, PIDString, ProcessName );
// Convert PID to a number
dwFoundPID = atol(PIDString);
}
}
return(dwFoundPID);
}
CString CSimpleProcessAPI::GetProcessExecutableName(DWORD dwProcessID)
{
// Heuristic: the executable is a module loaded by the process whose file name extension is ".EXE"
CStringList oModuleList;
CString szExecutableName;
if (BuildModuleList(dwProcessID, oModuleList)) {
POSITION hModulePosition = oModuleList.GetHeadPosition();
TCHAR lpszCurrentModuleLongName[_MAX_PATH+1];
TCHAR lpszFileExt[_MAX_EXT];
LPTSTR lpszFileComponent;
while( hModulePosition != NULL ){
// Get file name
CString szFileName = oModuleList.GetNext(hModulePosition);
_splitpath(szFileName, NULL, NULL, NULL, lpszFileExt);
if (!stricmp(lpszFileExt, ".EXE")) {
// Convert the current module to a LONG PATH
strcpy(lpszCurrentModuleLongName, "");
if (GetFullPathName(szFileName, sizeof(lpszCurrentModuleLongName), lpszCurrentModuleLongName, &lpszFileComponent)) {
szExecutableName = lpszCurrentModuleLongName;
hModulePosition = NULL;
}
}
}
}
return(szExecutableName);
}
///////////////////////////////////////////////////////////////////////////////////////
//// NT Only (PSAPI) Functions
///////////////////////////////////////////////////////////////////////////////////////
BOOL CSimpleProcessAPI::EnumProcessModules(HANDLE hProcess, HMODULE * lphModule, DWORD cb, LPDWORD lpcbNeeded)
{
BOOL bReturnCode = FALSE;
ASSERT(m_pEnumProcessModulesFunction);
if (m_pEnumProcessModulesFunction) {
bReturnCode = (*m_pEnumProcessModulesFunction)(hProcess, lphModule, cb, lpcbNeeded);
}
return(bReturnCode);
}
DWORD CSimpleProcessAPI::GetModuleFileNameEx(HANDLE hProcess, HMODULE hModule, LPTSTR lpFilename, DWORD nSize)
{
DWORD dwReturnCode = FALSE;
ASSERT(m_pGetModuleFileNameExFunction);
if (m_pGetModuleFileNameExFunction) {
dwReturnCode = (*m_pGetModuleFileNameExFunction)(hProcess, hModule, lpFilename, nSize);
}
return(dwReturnCode);
}
///////////////////////////////////////////////////////////////////////////////////////
//// Windows 9x Only (TOOLHELP32) Functions
///////////////////////////////////////////////////////////////////////////////////////
HANDLE CSimpleProcessAPI::CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID)
{
HANDLE hReturnCode = FALSE;
ASSERT(m_pCreateToolhelp32SnapshotFunction);
if (m_pCreateToolhelp32SnapshotFunction) {
hReturnCode = (*m_pCreateToolhelp32SnapshotFunction)(dwFlags, th32ProcessID);
}
return(hReturnCode);
}
BOOL CSimpleProcessAPI::Process32First(HANDLE hSnapshot, LPPROCESSENTRY32 lppe)
{
BOOL bReturnCode = FALSE;
ASSERT(m_pProcess32FirstFunction);
if (m_pProcess32FirstFunction) {
bReturnCode = (*m_pProcess32FirstFunction)(hSnapshot, lppe);
}
return(bReturnCode);
}
BOOL CSimpleProcessAPI::Process32Next(HANDLE hSnapshot, LPPROCESSENTRY32 lppe)
{
BOOL bReturnCode = FALSE;
ASSERT(m_pProcess32NextFunction);
if (m_pProcess32NextFunction) {
bReturnCode = (*m_pProcess32NextFunction)(hSnapshot, lppe);
}
return(bReturnCode);
}
BOOL CSimpleProcessAPI::Module32First(HANDLE hSnapshot, LPMODULEENTRY32 lpme)
{
BOOL bReturnCode = FALSE;
ASSERT(m_pModule32FirstFunction);
if (m_pModule32FirstFunction) {
bReturnCode = (*m_pModule32FirstFunction)(hSnapshot, lpme);
}
return(bReturnCode);
}
BOOL CSimpleProcessAPI::Module32Next(HANDLE hSnapshot, LPMODULEENTRY32 lpme)
{
BOOL bReturnCode = FALSE;
ASSERT(m_pModule32NextFunction);
if (m_pModule32NextFunction) {
bReturnCode = (*m_pModule32NextFunction)(hSnapshot, lpme);
}
return(bReturnCode);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -