search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
shell prompt should not beep and only show MSYSTEM when non-standard.
[msysgit.git] / src / WhoUses / SystemInfo.cpp
blob92eb6f01f4a9a51f643f76fab3b17bca3910366f
1 // Written by Zoltan Csizmadia, zoltan_csizmadia@yahoo.com
2 // For companies(Austin,TX): If you would like to get my resume, send an email.
3 //
4 // The source is free, but if you want to use it, mention my name and e-mail
5 // address
6 //
7 ///////////////////////////////////////////////////////////////////////////////
8 //
9 // SystemInfo.cpp v1.1
10 //
11 // History:
12 //
13 // Date Version Description
14 // ----------------------------------------------------------------------------
15 // 10/16/00 1.0 Initial version
16 // 11/09/00 1.1 NT4 doesn't like if we bother the System process fix :)
17 // SystemInfoUtils::GetDeviceFileName() fix (subst drives
18 // added)
19 // NT Major version added to INtDLL class
20 //
21 ///////////////////////////////////////////////////////////////////////////////
22
23 #include <windows.h>
24 #include <process.h>
25 #include <tchar.h>
26 #include <stdio.h>
27 #include "SystemInfo.h"
28
29
30 #include <sstream>
31 using std::stringstream;
32
33 #ifndef WINNT
34 #error You need Windows NT to use this source code. Define WINNT!
35 #endif
36
37 ///////////////////////////////////////////////////////////////////////////////
38 //
39 // SystemInfoUtils
40 //
41 ///////////////////////////////////////////////////////////////////////////////
42
43 // From wide char string to string
44 void SystemInfoUtils::LPCWSTR2string( LPCWSTR strW, string& str )
45 {
46 #ifdef UNICODE
47 // if it is already UNICODE, no problem
48 str = strW;
49 #else
50 str = _T("");
51
52 TCHAR* actChar = (TCHAR*)strW;
53
54 if ( actChar == _T('\0') )
55 return;
56
57 ULONG len = wcslen(strW) + 1;
58 TCHAR* pBuffer = new TCHAR[ len ];
59 TCHAR* pNewStr = pBuffer;
60
61 while ( len-- )
62 {
63 *(pNewStr++) = *actChar;
64 actChar += 2;
65 }
66
67 str = pBuffer;
68
69 delete [] pBuffer;
70 #endif
71 }
72
73 // From wide char string to unicode
74 void SystemInfoUtils::Unicode2string( UNICODE_STRING* strU, string& str )
75 {
76 if ( *(DWORD*)strU != 0 )
77 LPCWSTR2string( (LPCWSTR)strU->Buffer, str );
78 else
79 str = _T("");
80 }
81
82 // From device file name to DOS filename
83 BOOL SystemInfoUtils::GetFsFileName( LPCTSTR lpDeviceFileName,
84 string& fsFileName )
85 {
86 BOOL rc = FALSE;
87
88 TCHAR lpDeviceName[0x1000];
89 TCHAR lpDrive[3] = _T("A:");
90
91 // Iterating through the drive letters
92 for ( TCHAR actDrive = _T('A'); actDrive <= _T('Z'); actDrive++ ) {
93 lpDrive[0] = actDrive;
94
95 // Query the device for the drive letter
96 if ( QueryDosDevice( lpDrive, lpDeviceName, 0x1000 ) != 0 ) {
97 // Network drive?
98 if ( _tcsnicmp( _T("\\Device\\LanmanRedirector\\"),
99 lpDeviceName, 25 ) == 0 ) {
100 //Mapped network drive
101
102 char cDriveLetter;
103 DWORD dwParam;
104
105 TCHAR lpSharedName[0x1000];
106
107 if ( _stscanf( lpDeviceName,
108 _T("\\Device\\LanmanRedirector\\;%c:%d\\%s"),
109 &cDriveLetter,
110 &dwParam,
111 lpSharedName ) != 3 )
112 continue;
113
114 _tcscpy( lpDeviceName,
115 _T("\\Device\\LanmanRedirector\\") );
116 _tcscat( lpDeviceName, lpSharedName );
117 }
118
119 // Is this the drive letter we are looking for?
120 if ( _tcsnicmp( lpDeviceName, lpDeviceFileName,
121 _tcslen( lpDeviceName ) ) == 0 )
122 {
123 fsFileName = lpDrive;
124 fsFileName += (LPCTSTR)( lpDeviceFileName
125 + _tcslen( lpDeviceName ) );
126
127 rc = TRUE;
128
129 break;
130 }
131 }
132 }
133
134 return rc;
135 }
136
137 // From DOS file name to device file name
138 BOOL SystemInfoUtils::GetDeviceFileName( LPCTSTR lpFsFileName,
139 string& deviceFileName )
140 {
141 BOOL rc = FALSE;
142 TCHAR lpDrive[3];
143
144 // Get the drive letter
145 // unfortunetaly it works only with DOS file names
146 _tcsncpy( lpDrive, lpFsFileName, 2 );
147 lpDrive[2] = _T('\0');
148
149 TCHAR lpDeviceName[0x1000];
150
151 // Query the device for the drive letter
152 if ( QueryDosDevice( lpDrive, lpDeviceName, 0x1000 ) != 0 )
153 {
154 // Subst drive?
155 if ( _tcsnicmp( _T("\\??\\"), lpDeviceName, 4 ) == 0 )
156 {
157 deviceFileName = lpDeviceName + 4;
158 deviceFileName += lpFsFileName + 2;
159
160 return TRUE;
161 }
162 else
163 // Network drive?
164 if ( _tcsnicmp( _T("\\Device\\LanmanRedirector\\"),
165 lpDeviceName, 25 ) == 0 ) {
166 //Mapped network drive
167
168 char cDriveLetter;
169 DWORD dwParam;
170
171 TCHAR lpSharedName[0x1000];
172
173 if ( _stscanf( lpDeviceName,
174 _T("\\Device\\LanmanRedirector\\;%c:%d\\%s"),
175 &cDriveLetter,
176 &dwParam,
177 lpSharedName ) != 3 )
178 return FALSE;
179
180 _tcscpy( lpDeviceName,
181 _T("\\Device\\LanmanRedirector\\") );
182 _tcscat( lpDeviceName, lpSharedName );
183 }
184
185 _tcscat( lpDeviceName, lpFsFileName + 2 );
186
187 deviceFileName = lpDeviceName;
188
189 rc = TRUE;
190 }
191
192 return rc;
193 }
194
195 //Get NT version
196 DWORD SystemInfoUtils::GetNTMajorVersion()
197 {
198 OSVERSIONINFOEX osvi;
199 BOOL bOsVersionInfoEx;
200
201 // Try calling GetVersionEx using the OSVERSIONINFOEX structure,
202 // which is supported on Windows 2000.
203 //
204 // If that fails, try using the OSVERSIONINFO structure.
205
206 ZeroMemory(&osvi, sizeof(OSVERSIONINFOEX));
207 osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
208
209 bOsVersionInfoEx = GetVersionEx ((OSVERSIONINFO *) &osvi);
210
211 if( bOsVersionInfoEx == 0 )
212 {
213 // If OSVERSIONINFOEX doesn't work, try OSVERSIONINFO.
214
215 osvi.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
216 if (! GetVersionEx ( (OSVERSIONINFO *) &osvi) )
217 return FALSE;
218 }
219
220 return osvi.dwMajorVersion;
221 }
222
223 ///////////////////////////////////////////////////////////////////////////////
224 //
225 // INtDll
226 //
227 ///////////////////////////////////////////////////////////////////////////////
228 INtDll::PNtQuerySystemInformation INtDll::NtQuerySystemInformation = NULL;
229 INtDll::PNtQueryObject INtDll::NtQueryObject = NULL;
230 INtDll::PNtQueryInformationThread INtDll::NtQueryInformationThread = NULL;
231 INtDll::PNtQueryInformationFile INtDll::NtQueryInformationFile = NULL;
232 INtDll::PNtQueryInformationProcess INtDll::NtQueryInformationProcess = NULL;
233 DWORD INtDll::dwNTMajorVersion = SystemInfoUtils::GetNTMajorVersion();
234
235 BOOL INtDll::NtDllStatus = INtDll::Init();
236
237 BOOL INtDll::Init()
238 {
239 // Get the NtDll function pointers
240 NtQuerySystemInformation = (PNtQuerySystemInformation)
241 GetProcAddress( GetModuleHandle( _T( "ntdll.dll" ) ),
242 _T("NtQuerySystemInformation") );
243
244 NtQueryObject = (PNtQueryObject)
245 GetProcAddress( GetModuleHandle( _T( "ntdll.dll" ) ),
246 _T("NtQueryObject") );
247
248 NtQueryInformationThread = (PNtQueryInformationThread)
249 GetProcAddress( GetModuleHandle( _T( "ntdll.dll" ) ),
250 _T("NtQueryInformationThread") );
251
252 NtQueryInformationFile = (PNtQueryInformationFile)
253 GetProcAddress( GetModuleHandle( _T( "ntdll.dll" ) ),
254 _T("NtQueryInformationFile") );
255
256 NtQueryInformationProcess = (PNtQueryInformationProcess)
257 GetProcAddress( GetModuleHandle( _T( "ntdll.dll" ) ),
258 _T("NtQueryInformationProcess") );
259
260 return NtQuerySystemInformation != NULL &&
261 NtQueryObject != NULL &&
262 NtQueryInformationThread != NULL &&
263 NtQueryInformationFile != NULL &&
264 NtQueryInformationProcess != NULL;
265 }
266
267 ///////////////////////////////////////////////////////////////////////////////
268 //
269 // SystemProcessInformation
270 //
271 ///////////////////////////////////////////////////////////////////////////////
272
273 SystemProcessInformation::SystemProcessInformation( BOOL bRefresh )
274 {
275 m_pBuffer = (UCHAR*)VirtualAlloc ((void*)0x100000,
276 BufferSize,
277 MEM_COMMIT,
278 PAGE_READWRITE);
279
280 if ( bRefresh )
281 Refresh();
282 }
283
284 SystemProcessInformation::~SystemProcessInformation()
285 {
286 VirtualFree( m_pBuffer, 0, MEM_RELEASE );
287 }
288
289 BOOL SystemProcessInformation::Refresh()
290 {
291 m_ProcessInfos.clear();
292 m_pCurrentProcessInfo = NULL;
293
294 if ( !NtDllStatus || m_pBuffer == NULL )
295 return FALSE;
296
297 // query the process information
298 if ( INtDll::NtQuerySystemInformation( 5, m_pBuffer, BufferSize, NULL )
299 != 0 )
300 return FALSE;
301
302 DWORD currentProcessID = GetCurrentProcessId(); //Current Process ID
303
304 SYSTEM_PROCESS_INFORMATION* pSysProcess =
305 (SYSTEM_PROCESS_INFORMATION*)m_pBuffer;
306 do
307 {
308 // fill the process information map
309 m_ProcessInfos[pSysProcess->dUniqueProcessId] = pSysProcess;
310
311 // we found this process
312 if ( pSysProcess->dUniqueProcessId == currentProcessID )
313 m_pCurrentProcessInfo = pSysProcess;
314
315 // get the next process information block
316 if ( pSysProcess->dNext != 0 )
317 pSysProcess = (SYSTEM_PROCESS_INFORMATION*)
318 ((UCHAR*)pSysProcess + pSysProcess->dNext);
319 else
320 pSysProcess = NULL;
321
322 } while ( pSysProcess != NULL );
323
324 return TRUE;
325 }
326
327 ///////////////////////////////////////////////////////////////////////////////
328 //
329 // SystemThreadInformation
330 //
331 ///////////////////////////////////////////////////////////////////////////////
332
333 SystemThreadInformation::SystemThreadInformation( DWORD pID, BOOL bRefresh )
334 {
335 m_processId = pID;
336
337 if ( bRefresh )
338 Refresh();
339 }
340
341 BOOL SystemThreadInformation::Refresh()
342 {
343 // Get the Thread objects ( set the filter to "Thread" )
344 SystemHandleInformation hi( m_processId );
345 BOOL rc = hi.SetFilter( _T("Thread"), TRUE );
346
347 m_ThreadInfos.clear();
348
349 if ( !rc )
350 return FALSE;
351
352 THREAD_INFORMATION ti;
353
354 // Iterating through the found Thread objects
355 for (list<SystemHandleInformation::SYSTEM_HANDLE>::iterator iter = hi.m_HandleInfos.begin(); iter != hi.m_HandleInfos.end(); iter++) {
356 SystemHandleInformation::SYSTEM_HANDLE& h = *iter;
357
358 ti.ProcessId = h.ProcessID;
359 ti.ThreadHandle = (HANDLE)h.HandleNumber;
360
361 // This is one of the threads we are lokking for
362 if ( SystemHandleInformation::GetThreadId( ti.ThreadHandle,
363 ti.ThreadId, ti.ProcessId ) )
364 m_ThreadInfos.push_back( ti );
365 }
366
367 return TRUE;
368 }
369
370 ///////////////////////////////////////////////////////////////////////////////
371 //
372 // SystemHandleInformation
373 //
374 ///////////////////////////////////////////////////////////////////////////////
375
376 SystemHandleInformation::SystemHandleInformation( DWORD pID, BOOL bRefresh,
377 LPCTSTR lpTypeFilter )
378 {
379 m_processId = pID;
380
381 // Set the filter
382 SetFilter( lpTypeFilter, bRefresh );
383 }
384
385 SystemHandleInformation::~SystemHandleInformation()
386 {
387 }
388
389 BOOL SystemHandleInformation::SetFilter( LPCTSTR lpTypeFilter, BOOL bRefresh )
390 {
391 // Set the filter ( default = all objects )
392 m_strTypeFilter = lpTypeFilter == NULL ? _T("") : lpTypeFilter;
393
394 return bRefresh ? Refresh() : TRUE;
395 }
396
397 const string& SystemHandleInformation::GetFilter()
398 {
399 return m_strTypeFilter;
400 }
401
402 BOOL SystemHandleInformation::IsSupportedHandle( SYSTEM_HANDLE& handle )
403 {
404 //Here you can filter the handles you don't want in the Handle list
405
406 // Windows 2000 supports everything :)
407 if ( dwNTMajorVersion >= 5 )
408 return TRUE;
409
410 //NT4 System process doesn't like if we bother his internal security :)
411 if ( handle.ProcessID == 2 && handle.HandleType == 16 )
412 return FALSE;
413
414 return TRUE;
415 }
416
417 BOOL SystemHandleInformation::Refresh()
418 {
419 DWORD size = 0x2000;
420 DWORD needed = 0;
421 DWORD i = 0;
422 BOOL ret = TRUE;
423 string strType;
424
425 m_HandleInfos.clear();
426
427 if ( !INtDll::NtDllStatus )
428 return FALSE;
429
430 // Allocate the memory for the buffer
431 SYSTEM_HANDLE_INFORMATION* pSysHandleInformation =
432 (SYSTEM_HANDLE_INFORMATION*)
433 VirtualAlloc( NULL, size, MEM_COMMIT, PAGE_READWRITE );
434
435 if ( pSysHandleInformation == NULL )
436 return FALSE;
437
438 // Query the needed buffer size for the objects ( system wide )
439 if ( INtDll::NtQuerySystemInformation( 16, pSysHandleInformation,
440 size, &needed ) != 0 )
441 {
442 if ( needed == 0 )
443 {
444 ret = FALSE;
445 goto cleanup;
446 }
447
448 // The size was not enough
449 VirtualFree( pSysHandleInformation, 0, MEM_RELEASE );
450
451 pSysHandleInformation = (SYSTEM_HANDLE_INFORMATION*)
452 VirtualAlloc( NULL, size = needed + 256,
453 MEM_COMMIT, PAGE_READWRITE );
454 }
455
456 if ( pSysHandleInformation == NULL )
457 return FALSE;
458
459 // Query the objects ( system wide )
460 if ( INtDll::NtQuerySystemInformation( 16, pSysHandleInformation,
461 size, NULL ) != 0 )
462 {
463 ret = FALSE;
464 goto cleanup;
465 }
466
467 // Iterating through the objects
468 for ( i = 0; i < pSysHandleInformation->Count; i++ )
469 {
470 if ( !IsSupportedHandle( pSysHandleInformation->Handles[i] ) )
471 continue;
472
473 // ProcessId filtering check
474 if ( pSysHandleInformation->Handles[i].ProcessID ==
475 m_processId || m_processId == (DWORD)-1 ) {
476 BOOL bAdd = FALSE;
477
478 if ( m_strTypeFilter == _T("") )
479 bAdd = TRUE;
480 else
481 {
482 // Type filtering
483 GetTypeToken( (HANDLE)pSysHandleInformation
484 ->Handles[i].HandleNumber,
485 strType,
486 pSysHandleInformation
487 ->Handles[i].ProcessID );
488
489 bAdd = strType == m_strTypeFilter;
490 }
491
492 // That's it. We found one.
493 if ( bAdd )
494 {
495 pSysHandleInformation->Handles[i].HandleType =
496 (WORD)(pSysHandleInformation
497 ->Handles[i].HandleType % 256);
498
499 m_HandleInfos.push_back( pSysHandleInformation
500 ->Handles[i] );
501
502 }
503 }
504 }
505
506 cleanup:
507
508 if ( pSysHandleInformation != NULL )
509 VirtualFree( pSysHandleInformation, 0, MEM_RELEASE );
510
511 return ret;
512 }
513
514 HANDLE SystemHandleInformation::OpenProcess( DWORD processId )
515 {
516 // Open the process for handle duplication
517 return ::OpenProcess( PROCESS_DUP_HANDLE, TRUE, processId );
518 }
519
520 HANDLE SystemHandleInformation::DuplicateHandle( HANDLE hProcess,
521 HANDLE hRemote )
522 {
523 HANDLE hDup = NULL;
524
525 // Duplicate the remote handle for our process
526 ::DuplicateHandle( hProcess, hRemote, GetCurrentProcess(), &hDup,
527 0, FALSE, DUPLICATE_SAME_ACCESS );
528
529 return hDup;
530 }
531
532 //Information functions
533 BOOL SystemHandleInformation::GetTypeToken( HANDLE h, string& str,
534 DWORD processId )
535 {
536 ULONG size = 0x2000;
537 UCHAR* lpBuffer = NULL;
538 BOOL ret = FALSE;
539
540 HANDLE handle;
541 HANDLE hRemoteProcess = NULL;
542 BOOL remote = processId != GetCurrentProcessId();
543
544 if ( !NtDllStatus )
545 return FALSE;
546
547 if ( remote )
548 {
549 // Open the remote process
550 hRemoteProcess = OpenProcess( processId );
551
552 if ( hRemoteProcess == NULL )
553 return FALSE;
554
555 // Duplicate the handle
556 handle = DuplicateHandle( hRemoteProcess, h );
557 }
558 else
559 handle = h;
560
561 // Query the info size
562 INtDll::NtQueryObject( handle, 2, NULL, 0, &size );
563
564 lpBuffer = new UCHAR[size];
565
566 // Query the info size ( type )
567 if ( INtDll::NtQueryObject( handle, 2, lpBuffer, size, NULL ) == 0 )
568 {
569 str = _T("");
570 SystemInfoUtils::LPCWSTR2string( (LPCWSTR)(lpBuffer+0x60),
571 str );
572
573 ret = TRUE;
574 }
575
576 if ( remote )
577 {
578 if ( hRemoteProcess != NULL )
579 CloseHandle( hRemoteProcess );
580
581 if ( handle != NULL )
582 CloseHandle( handle );
583 }
584
585 if ( lpBuffer != NULL )
586 delete [] lpBuffer;
587
588 return ret;
589 }
590
591 BOOL SystemHandleInformation::GetType( HANDLE h, WORD& type, DWORD processId )
592 {
593 string strType;
594
595 type = OB_TYPE_UNKNOWN;
596
597 if ( !GetTypeToken( h, strType, processId ) )
598 return FALSE;
599
600 return GetTypeFromTypeToken( strType.c_str(), type );
601 }
602
603 BOOL SystemHandleInformation::GetTypeFromTypeToken( LPCTSTR typeToken,
604 WORD& type )
605 {
606 const WORD count = 27;
607 string constStrTypes[count] = {
608 _T(""), _T(""), _T("Directory"), _T("SymbolicLink"),
609 _T("Token"), _T("Process"), _T("Thread"), _T("Unknown7"),
610 _T("Event"), _T("EventPair"), _T("Mutant"), _T("Unknown11"),
611 _T("Semaphore"), _T("Timer"), _T("Profile"),
612 _T("WindowStation"), _T("Desktop"), _T("Section"), _T("Key"),
613 _T("Port"), _T("WaitablePort"), _T("Unknown21"),
614 _T("Unknown22"), _T("Unknown23"), _T("Unknown24"),
615 _T("IoCompletion"), _T("File") };
616
617 type = OB_TYPE_UNKNOWN;
618
619 for ( WORD i = 1; i < count; i++ )
620 if ( constStrTypes[i] == typeToken )
621 {
622 type = i;
623 return TRUE;
624 }
625
626 return FALSE;
627 }
628
629 BOOL SystemHandleInformation::GetName( HANDLE handle, string& str, DWORD processId )
630 {
631 WORD type = 0;
632
633 if ( !GetType( handle, type, processId ) )
634 return FALSE;
635
636 return GetNameByType( handle, type, str, processId );
637 }
638
639 BOOL SystemHandleInformation::GetNameByType( HANDLE h, WORD type, string& str, DWORD processId )
640 {
641 ULONG size = 0x2000;
642 UCHAR* lpBuffer = NULL;
643 BOOL ret = FALSE;
644
645 HANDLE handle;
646 HANDLE hRemoteProcess = NULL;
647 BOOL remote = processId != GetCurrentProcessId();
648 DWORD dwId = 0;
649
650 if ( !NtDllStatus )
651 return FALSE;
652
653 if ( remote )
654 {
655 hRemoteProcess = OpenProcess( processId );
656
657 if ( hRemoteProcess == NULL )
658 return FALSE;
659
660 handle = DuplicateHandle( hRemoteProcess, h );
661 }
662 else
663 handle = h;
664
665 stringstream hex;
666 // let's be happy, handle is in our process space, so query the infos :)
667 switch( type )
668 {
669 case OB_TYPE_PROCESS:
670 GetProcessId( handle, dwId );
671
672 hex << "PID: 0x" << std::hex << dwId;
673 str = hex.str();
674
675 ret = TRUE;
676 goto cleanup;
677 break;
678
679 case OB_TYPE_THREAD:
680 GetThreadId( handle, dwId );
681
682 hex << "TID: 0x" << std::hex << dwId;
683
684 ret = TRUE;
685 goto cleanup;
686 break;
687
688 case OB_TYPE_FILE:
689 ret = GetFileName( handle, str );
690
691 // access denied :(
692 if ( ret && str == _T("") )
693 goto cleanup;
694 break;
695
696 };
697
698 INtDll::NtQueryObject ( handle, 1, NULL, 0, &size );
699
700 // let's try to use the default
701 if ( size == 0 )
702 size = 0x2000;
703
704 lpBuffer = new UCHAR[size];
705
706 if ( INtDll::NtQueryObject( handle, 1, lpBuffer, size, NULL ) == 0 )
707 {
708 SystemInfoUtils::Unicode2string( (UNICODE_STRING*)lpBuffer, str );
709 ret = TRUE;
710 }
711
712 cleanup:
713
714 if ( remote )
715 {
716 if ( hRemoteProcess != NULL )
717 CloseHandle( hRemoteProcess );
718
719 if ( handle != NULL )
720 CloseHandle( handle );
721 }
722
723 if ( lpBuffer != NULL )
724 delete [] lpBuffer;
725
726 return ret;
727 }
728
729 //Thread related functions
730 BOOL SystemHandleInformation::GetThreadId( HANDLE h, DWORD& threadID, DWORD processId )
731 {
732 SystemThreadInformation::BASIC_THREAD_INFORMATION ti;
733 HANDLE handle;
734 HANDLE hRemoteProcess = NULL;
735 BOOL remote = processId != GetCurrentProcessId();
736
737 if ( !NtDllStatus )
738 return FALSE;
739
740 if ( remote )
741 {
742 // Open process
743 hRemoteProcess = OpenProcess( processId );
744
745 if ( hRemoteProcess == NULL )
746 return FALSE;
747
748 // Duplicate handle
749 handle = DuplicateHandle( hRemoteProcess, h );
750 }
751 else
752 handle = h;
753
754 // Get the thread information
755 if ( INtDll::NtQueryInformationThread( handle, 0, &ti, sizeof(ti), NULL ) == 0 )
756 threadID = ti.ThreadId;
757
758 if ( remote )
759 {
760 if ( hRemoteProcess != NULL )
761 CloseHandle( hRemoteProcess );
762
763 if ( handle != NULL )
764 CloseHandle( handle );
765 }
766
767 return TRUE;
768 }
769
770 //Process related functions
771 BOOL SystemHandleInformation::GetProcessPath( HANDLE h, string& strPath, DWORD remoteProcessId )
772 {
773 h; strPath; remoteProcessId;
774
775 stringstream number;
776 number << remoteProcessId;
777 strPath = number.str();
778
779 return TRUE;
780 }
781
782 BOOL SystemHandleInformation::GetProcessId( HANDLE h, DWORD& processId, DWORD remoteProcessId )
783 {
784 BOOL ret = FALSE;
785 HANDLE handle;
786 HANDLE hRemoteProcess = NULL;
787 BOOL remote = remoteProcessId != GetCurrentProcessId();
788 SystemProcessInformation::PROCESS_BASIC_INFORMATION pi;
789
790 ZeroMemory( &pi, sizeof(pi) );
791 processId = 0;
792
793 if ( !NtDllStatus )
794 return FALSE;
795
796 if ( remote )
797 {
798 // Open process
799 hRemoteProcess = OpenProcess( remoteProcessId );
800
801 if ( hRemoteProcess == NULL )
802 return FALSE;
803
804 // Duplicate handle
805 handle = DuplicateHandle( hRemoteProcess, h );
806 }
807 else
808 handle = h;
809
810 // Get the process information
811 if ( INtDll::NtQueryInformationProcess( handle, 0, &pi, sizeof(pi), NULL) == 0 )
812 {
813 processId = pi.UniqueProcessId;
814 ret = TRUE;
815 }
816
817 if ( remote )
818 {
819 if ( hRemoteProcess != NULL )
820 CloseHandle( hRemoteProcess );
821
822 if ( handle != NULL )
823 CloseHandle( handle );
824 }
825
826 return ret;
827 }
828
829 //File related functions
830 void SystemHandleInformation::GetFileNameThread( PVOID pParam )
831 {
832 // This thread function for getting the filename
833 // if access denied, we hang up in this function,
834 // so if it times out we just kill this thread
835 GetFileNameThreadParam* p = (GetFileNameThreadParam*)pParam;
836
837 UCHAR lpBuffer[0x1000];
838 DWORD iob[2];
839
840 p->rc = INtDll::NtQueryInformationFile( p->hFile, iob, lpBuffer, sizeof(lpBuffer), 9 );
841
842 if ( p->rc == 0 )
843 *p->pName = (const char *)lpBuffer;
844 }
845
846 BOOL SystemHandleInformation::GetFileName( HANDLE h, string& str, DWORD processId )
847 {
848 BOOL ret= FALSE;
849 HANDLE hThread = NULL;
850 GetFileNameThreadParam tp;
851 HANDLE handle;
852 HANDLE hRemoteProcess = NULL;
853 BOOL remote = processId != GetCurrentProcessId();
854
855 if ( !NtDllStatus )
856 return FALSE;
857
858 if ( remote )
859 {
860 // Open process
861 hRemoteProcess = OpenProcess( processId );
862
863 if ( hRemoteProcess == NULL )
864 return FALSE;
865
866 // Duplicate handle
867 handle = DuplicateHandle( hRemoteProcess, h );
868 }
869 else
870 handle = h;
871
872 tp.hFile = handle;
873 tp.pName = &str;
874 tp.rc = 0;
875
876 // Let's start the thread to get the file name
877 hThread = (HANDLE)_beginthread( GetFileNameThread, 0, &tp );
878
879 if ( hThread == NULL )
880 {
881 ret = FALSE;
882 goto cleanup;
883 }
884
885 // Wait for finishing the thread
886 if ( WaitForSingleObject( hThread, 100 ) == WAIT_TIMEOUT )
887 {
888 // Access denied
889 // Terminate the thread
890 TerminateThread( hThread, 0 );
891
892 str = _T("");
893
894 ret = TRUE;
895 }
896 else
897 ret = ( tp.rc == 0 );
898
899 cleanup:
900
901 if ( remote )
902 {
903 if ( hRemoteProcess != NULL )
904 CloseHandle( hRemoteProcess );
905
906 if ( handle != NULL )
907 CloseHandle( handle );
908 }
909
910 return ret;
911 }
912
913 //////////////////////////////////////////////////////////////////////////////////////
914 //
915 // SystemModuleInformation
916 //
917 //////////////////////////////////////////////////////////////////////////////////////
918
919 SystemModuleInformation::SystemModuleInformation( DWORD pID, BOOL bRefresh )
920 {
921 m_processId = pID;
922
923 if ( bRefresh )
924 Refresh();
925 }
926
927 void SystemModuleInformation::GetModuleListForProcess( DWORD processID )
928 {
929 DWORD i = 0;
930 DWORD cbNeeded = 0;
931 HMODULE* hModules = NULL;
932 MODULE_INFO moduleInfo;
933
934 // Open process to read to query the module list
935 HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processID );
936
937 if ( hProcess == NULL )
938 goto cleanup;
939
940 //Get the number of modules
941 if ( !(*m_EnumProcessModules)( hProcess, NULL, 0, &cbNeeded ) )
942 goto cleanup;
943
944 hModules = new HMODULE[ cbNeeded / sizeof( HMODULE ) ];
945
946 //Get module handles
947 if ( !(*m_EnumProcessModules)( hProcess, hModules, cbNeeded, &cbNeeded ) )
948 goto cleanup;
949
950 for ( i = 0; i < cbNeeded / sizeof( HMODULE ); i++ )
951 {
952 moduleInfo.ProcessId = processID;
953 moduleInfo.Handle = hModules[i];
954
955 //Get module full paths
956 if ( (*m_GetModuleFileNameEx)( hProcess, hModules[i], moduleInfo.FullPath, _MAX_PATH ) )
957 m_ModuleInfos.push_back( moduleInfo );
958 }
959
960 cleanup:
961 if ( hModules != NULL )
962 delete [] hModules;
963
964 if ( hProcess != NULL )
965 CloseHandle( hProcess );
966 }
967
968 BOOL SystemModuleInformation::Refresh()
969 {
970 BOOL rc = FALSE;
971 m_EnumProcessModules = NULL;
972 m_GetModuleFileNameEx = NULL;
973
974 m_ModuleInfos.clear();
975
976 //Load Psapi.dll
977 HINSTANCE hDll = LoadLibrary( "PSAPI.DLL" );
978
979 if ( hDll == NULL )
980 {
981 rc = FALSE;
982 goto cleanup;
983 }
984
985 //Get Psapi.dll functions
986 m_EnumProcessModules = (PEnumProcessModules)GetProcAddress( hDll, "EnumProcessModules" );
987
988 m_GetModuleFileNameEx = (PGetModuleFileNameEx)GetProcAddress( hDll,
989 #ifdef UNICODE
990 "GetModuleFileNameExW" );
991 #else
992 "GetModuleFileNameExA" );
993 #endif
994
995 if ( m_GetModuleFileNameEx == NULL || m_EnumProcessModules == NULL )
996 {
997 rc = FALSE;
998 goto cleanup;
999 }
1000
1001 // Everey process or just a particular one
1002 if ( m_processId != -1 )
1003 // For a particular one
1004 GetModuleListForProcess( m_processId );
1005 else
1006 {
1007 // Get teh process list
1008 DWORD pID;
1009 SystemProcessInformation::SYSTEM_PROCESS_INFORMATION* p = NULL;
1010 SystemProcessInformation pi( TRUE );
1011
1012 if ( pi.m_ProcessInfos.empty() )
1013 {
1014 rc = FALSE;
1015 goto cleanup;
1016 }
1017
1018 // Iterating through the processes and get the module list
1019 for (map<DWORD, SystemProcessInformation::SYSTEM_PROCESS_INFORMATION *>::iterator iter = pi.m_ProcessInfos.begin(); iter != pi.m_ProcessInfos.end(); iter++) {
1020 pID = iter->first;
1021 p = iter->second;
1022 GetModuleListForProcess( pID );
1023 }
1024 }
1025
1026 rc = TRUE;
1027
1028 cleanup:
1029
1030 //Free psapi.dll
1031 if ( hDll != NULL )
1032 FreeLibrary( hDll );
1033
1034 return rc;
1035 }
1036
1037 //////////////////////////////////////////////////////////////////////////////////////
1038 //
1039 // SystemWindowInformation
1040 //
1041 //////////////////////////////////////////////////////////////////////////////////////
1042
1043 SystemWindowInformation::SystemWindowInformation( DWORD pID, BOOL bRefresh )
1044 {
1045 m_processId = pID;
1046
1047 if ( bRefresh )
1048 Refresh();
1049 }
1050
1051 BOOL SystemWindowInformation::Refresh()
1052 {
1053 m_WindowInfos.clear();
1054
1055 // Enumerating the windows
1056 EnumWindows( EnumerateWindows, (LPARAM)this );
1057
1058 return TRUE;
1059 }
1060
1061 BOOL CALLBACK SystemWindowInformation::EnumerateWindows( HWND hwnd, LPARAM lParam )
1062 {
1063 SystemWindowInformation* _this = (SystemWindowInformation*)lParam;
1064 WINDOW_INFO wi;
1065
1066 wi.hWnd = hwnd;
1067 GetWindowThreadProcessId(hwnd, &wi.ProcessId ) ;
1068
1069 // Filtering by process ID
1070 if ( _this->m_processId == -1 || _this->m_processId == wi.ProcessId )
1071 {
1072 GetWindowText( hwnd, wi.Caption, MaxCaptionSize );
1073
1074 // That is we are looking for
1075 if ( GetLastError() == 0 )
1076 _this->m_WindowInfos.push_back( wi );
1077 }
1078
1079 return TRUE;
1080 };
msysGit -- the development environment for 'Git for Windows'