1
0
Fork 0

show PID or TID in handles view

This commit is contained in:
torusrxxx 2018-06-10 00:28:58 +08:00 committed by Duncan Ogilvie
parent 94035a530a
commit f8c67ef2ab
1 changed files with 46 additions and 9 deletions

View File

@ -58,7 +58,7 @@ static DWORD WINAPI getNameThread(LPVOID lpParam)
bool HandlesGetName(HANDLE hProcess, HANDLE remoteHandle, String & name, String & typeName) bool HandlesGetName(HANDLE hProcess, HANDLE remoteHandle, String & name, String & typeName)
{ {
HANDLE hLocalHandle; HANDLE hLocalHandle;
if(DuplicateHandle(hProcess, remoteHandle, GetCurrentProcess(), &hLocalHandle, 0, FALSE, 0)) if(DuplicateHandle(hProcess, remoteHandle, GetCurrentProcess(), &hLocalHandle, 0, FALSE, DUPLICATE_SAME_ACCESS)) //Needs privileges for PID/TID retrival
{ {
ULONG ReturnSize = 0; ULONG ReturnSize = 0;
if(NtQueryObject(hLocalHandle, ObjectTypeInformation, nullptr, 0, &ReturnSize) == STATUS_INFO_LENGTH_MISMATCH) if(NtQueryObject(hLocalHandle, ObjectTypeInformation, nullptr, 0, &ReturnSize) == STATUS_INFO_LENGTH_MISMATCH)
@ -80,16 +80,53 @@ bool HandlesGetName(HANDLE hProcess, HANDLE remoteHandle, String & name, String
} }
}; };
auto hThread = CreateThread(nullptr, 0, getNameThread, &getName, 0, nullptr); name.clear();
auto result = WaitForSingleObject(hThread, 200); if(strcmp(typeName.c_str(), "Process") == 0)
if(result != WAIT_OBJECT_0)
{ {
TerminateThread(hThread, 0); DWORD PID = GetProcessId(hLocalHandle); //Windows XP SP1
name = String(ErrorCodeToName(result)); if(PID > 0)
name = StringUtils::sprintf("PID = %X", PID);
}
else if(strcmp(typeName.c_str(), "Thread") == 0)
{
DWORD TID = 0;
DWORD PID = 0;
DWORD(__stdcall * pGetThreadId)(HANDLE);
DWORD(__stdcall * pGetProcessIdOfThread)(HANDLE);
pGetThreadId = (DWORD(__stdcall*)(HANDLE))GetProcAddress(GetModuleHandleW(L"kernel32.dll"), "GetThreadId");
pGetProcessIdOfThread = (DWORD(__stdcall*)(HANDLE))GetProcAddress(GetModuleHandleW(L"kernel32.dll"), "GetProcessIdOfThread");
if(pGetThreadId != NULL && pGetProcessIdOfThread != NULL)
{
TID = pGetThreadId(hLocalHandle); //Vista or Server 2003 only
PID = pGetProcessIdOfThread(hLocalHandle); //Vista or Server 2003 only
}
else //Windows XP
{
THREAD_BASIC_INFORMATION threadInfo;
ULONG threadInfoSize = 0;
NTSTATUS isok = NtQueryInformationThread(hLocalHandle, ThreadBasicInformation, &threadInfo, sizeof(threadInfo), &threadInfoSize);
if(NT_SUCCESS(isok))
{
TID = (DWORD)threadInfo.ClientId.UniqueThread;
PID = (DWORD)threadInfo.ClientId.UniqueProcess;
}
}
if(TID > 0 && PID > 0)
name = StringUtils::sprintf("TID = %X, PID = %X", TID, PID);
}
if(name.empty())
{
HANDLE hThread;
hThread = CreateThread(nullptr, 0, getNameThread, &getName, 0, nullptr);
auto result = WaitForSingleObject(hThread, 200);
if(result != WAIT_OBJECT_0)
{
TerminateThread(hThread, 0);
name = String(ErrorCodeToName(result));
}
else
CloseHandle(hThread);
} }
else
CloseHandle(hThread);
CloseHandle(hLocalHandle); CloseHandle(hLocalHandle);
} }
else else