W
wynney
Unregistered / Unconfirmed
GUEST, unregistred user!
程序A调用程序B
现在想通过B得到A的路径和文件名
各位帮帮忙
现在想通过B得到A的路径和文件名
各位帮帮忙
W
wynney
Unregistered / Unconfirmed
GUEST, unregistred user!
没人知道么?顶者有分
T
tseug
Unregistered / Unconfirmed
GUEST, unregistred user!
刚刚翻译了一个,试试吧
// ntdll!NtQueryInformationProcess (NT specific!)
//
// The function copies the process information of the
// specified type into a buffer
//
// NTSYSAPI
// NTSTATUS
// NTAPI
// NtQueryInformationProcess(
// IN HANDLE ProcessHandle, // handle to process
// IN PROCESSINFOCLASS InformationClass, // information type
// OUT PVOID ProcessInformation, // pointer to buffer
// IN ULONG ProcessInformationLength, // buffer size in bytes
// OUT PULONG ReturnLength OPTIONAL // pointer to a 32-bit
// // variable that receives
// // the number of bytes
// // written to the buffer
// );
function GetParentProcessID(dwId: DWORD): DWORD;
const
ProcessBasicInformation = 0;
type
TPROCESS_BASIC_INFORMATION = packed record
ExitStatus : DWORD;
PebBaseAddress : DWORD;
AffinityMask : DWORD;
BasePriority : DWORD;
UniqueProcessId : ULONG;
InheritedFromUniqueProcessId: ULONG;
end;
TNtQueryInformationProcess = function(
ProcessHandle: THandle;
ProcessInformationClass: Integer;
ProcessInformation: Pointer;
ProcessInformationLength: ULong;
ReturnLength: PULong): Integer; stdcall;
var
NtQueryInformationProcess :TNtQueryInformationProcess;
status : LONGINT;
hProcess : THandle;
pbi : TPROCESS_BASIC_INFORMATION;
begin
Result := DWORD(-1);
NtQueryInformationProcess := GetProcAddress(
GetModuleHandle('ntdll'),
'NtQueryInformationProcess'
);
if @NtQueryInformationProcess = nil then Exit;
// Get process handle
hProcess := OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwId);
if hProcess <> 0 then
begin
// Retrieve information
status := NtQueryInformationProcess(hProcess,
ProcessBasicInformation,
@pbi,
sizeof(TPROCESS_BASIC_INFORMATION),
nil);
// Copy parent Id on success
if status = 0 then
Result := pbi.InheritedFromUniqueProcessId;
CloseHandle (hProcess);
end;
end;
function GetProcessName(dwid: THandle): String;
var
h : THandle;
iLen : integer;
hMod : HMODULE;
cbNeeded : DWORD;
hProcess : DWORD;
begin
Result := '';
h := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, dwID);
if h > 0 then
begin
if EnumProcessModules(h, @hMod, sizeof(hMod), cbNeeded) then
begin
SetLength(Result, MAX_PATH);
iLen := GetModuleFileNameEx(h, hMod, PChar(Result), MAX_PATH);
if iLen <> 0 then
begin
SetLength(Result, StrLen(PCHAR(Result)));
end;
end;
CloseHandle(h);
end;
end;
procedure TForm9.Button1Click(Sender: TObject);
begin
ShowMessage(GetProcessName(GetParentProcessID(GetCurrentProcessID)));
end;
// ntdll!NtQueryInformationProcess (NT specific!)
//
// The function copies the process information of the
// specified type into a buffer
//
// NTSYSAPI
// NTSTATUS
// NTAPI
// NtQueryInformationProcess(
// IN HANDLE ProcessHandle, // handle to process
// IN PROCESSINFOCLASS InformationClass, // information type
// OUT PVOID ProcessInformation, // pointer to buffer
// IN ULONG ProcessInformationLength, // buffer size in bytes
// OUT PULONG ReturnLength OPTIONAL // pointer to a 32-bit
// // variable that receives
// // the number of bytes
// // written to the buffer
// );
function GetParentProcessID(dwId: DWORD): DWORD;
const
ProcessBasicInformation = 0;
type
TPROCESS_BASIC_INFORMATION = packed record
ExitStatus : DWORD;
PebBaseAddress : DWORD;
AffinityMask : DWORD;
BasePriority : DWORD;
UniqueProcessId : ULONG;
InheritedFromUniqueProcessId: ULONG;
end;
TNtQueryInformationProcess = function(
ProcessHandle: THandle;
ProcessInformationClass: Integer;
ProcessInformation: Pointer;
ProcessInformationLength: ULong;
ReturnLength: PULong): Integer; stdcall;
var
NtQueryInformationProcess :TNtQueryInformationProcess;
status : LONGINT;
hProcess : THandle;
pbi : TPROCESS_BASIC_INFORMATION;
begin
Result := DWORD(-1);
NtQueryInformationProcess := GetProcAddress(
GetModuleHandle('ntdll'),
'NtQueryInformationProcess'
);
if @NtQueryInformationProcess = nil then Exit;
// Get process handle
hProcess := OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwId);
if hProcess <> 0 then
begin
// Retrieve information
status := NtQueryInformationProcess(hProcess,
ProcessBasicInformation,
@pbi,
sizeof(TPROCESS_BASIC_INFORMATION),
nil);
// Copy parent Id on success
if status = 0 then
Result := pbi.InheritedFromUniqueProcessId;
CloseHandle (hProcess);
end;
end;
function GetProcessName(dwid: THandle): String;
var
h : THandle;
iLen : integer;
hMod : HMODULE;
cbNeeded : DWORD;
hProcess : DWORD;
begin
Result := '';
h := OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, False, dwID);
if h > 0 then
begin
if EnumProcessModules(h, @hMod, sizeof(hMod), cbNeeded) then
begin
SetLength(Result, MAX_PATH);
iLen := GetModuleFileNameEx(h, hMod, PChar(Result), MAX_PATH);
if iLen <> 0 then
begin
SetLength(Result, StrLen(PCHAR(Result)));
end;
end;
CloseHandle(h);
end;
end;
procedure TForm9.Button1Click(Sender: TObject);
begin
ShowMessage(GetProcessName(GetParentProcessID(GetCurrentProcessID)));
end;
W
wynney
Unregistered / Unconfirmed
GUEST, unregistred user!
to tseug:
的确可以获取到父进程的ID
那么怎么获取父进程的文件名和路径呢
谢谢
的确可以获取到父进程的ID
那么怎么获取父进程的文件名和路径呢
谢谢
T
tseug
Unregistered / Unconfirmed
GUEST, unregistred user!
那个GetProcessName就可取得文件名啊
W
wynney
Unregistered / Unconfirmed
GUEST, unregistred user!
感谢~~~文件名我试出来了
路径我是EnumProcessModules和GetModuleFileNameEx来取得的
感觉有点麻烦
不知道哥们有没其他方法
路径我是EnumProcessModules和GetModuleFileNameEx来取得的
感觉有点麻烦
不知道哥们有没其他方法
L
linuxping
Unregistered / Unconfirmed
GUEST, unregistred user!
用maCollection的 GetFileNameFromID GetIDFfromHandle 够简单 [
]
]
W
wql
Unregistered / Unconfirmed
GUEST, unregistred user!
嘿嘿!
W
wynney
Unregistered / Unconfirmed
GUEST, unregistred user!
结~~~~~~~`
