//
// Return the name of the process by its ID using PSAPI
//
BOOL CCallbackHandler::GetProcessName(
DWORD dwProcessId,
LPTSTR lpFileName,
DWORD dwLen
)
{
BOOL bResult = FALSE;
if (!::IsBadStringPtr(lpFileName, dwLen))
{
::ZeroMemory(
reinterpret_cast<PBYTE>(lpFileName),
dwLen * sizeof(TCHAR)
);
if ((NULL != m_pfnEnumProcessModules) &&
(NULL != m_pfnGetModuleFileNameEx))
{
// Let's open the process
HANDLE hProcess = ::OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,
dwProcessId
);
if (NULL != hProcess)
{
HMODULE hModuleArray[1024];
DWORD cbNeeded;
DWORD nModules;
// EnumProcessModules function retrieves a handle for
// each module in the specified process.
if (m_pfnEnumProcessModules(
hProcess,
hModuleArray,
sizeof(hModuleArray),
&cbNeeded))
{
// Calculate number of modules in the process
nModules = cbNeeded / sizeof(hModuleArray[0]);
if (nModules > 0)
{
// First module is the EXE.
HMODULE hModule = hModuleArray[0];
DWORD dwCharRead = m_pfnGetModuleFileNameEx(
hProcess,
hModule,
lpFileName,
dwLen
);
} // if
} // if
::CloseHandle(hProcess);
} // if
} // if
} // if
return bResult;
}
HMODULE CXTPSkinManagerModuleList::CPsapiModuleEnumerator::GetFirstModule()
{
if (!m_pfnEnumProcessModules)
return NULL;
HANDLE hProcess = ::OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, m_dwProcessId);
if (!hProcess)
return NULL;
DWORD cbNeeded = 0;
HMODULE hModule;
if (!m_pfnEnumProcessModules(hProcess, &hModule, sizeof(hModule), &cbNeeded))
{
::CloseHandle(hProcess);
return NULL;
}
if (cbNeeded == 0)
{
::CloseHandle(hProcess);
return NULL;
}
m_nCount = cbNeeded / sizeof(HMODULE);
m_pModules = new HMODULE[m_nCount];
memset(m_pModules, 0, cbNeeded);
if (!m_pfnEnumProcessModules(hProcess, m_pModules, cbNeeded, &cbNeeded))
{
::CloseHandle(hProcess);
return NULL;
}
m_nIndex = 0;
::CloseHandle(hProcess);
return m_pModules[0];
}
//////////////////////////////////////////////////////////////////////////////
// PopulateProcess
//
// Populate all modules of a single process
//
//////////////////////////////////////////////////////////////////////////////
BOOL CPsapiHandler::PopulateProcess(DWORD dwProcessId, BOOL bPopulateModules)
{
BOOL bResult = TRUE;
CExeModuleInstance* pProcessInfo;
if (TRUE == Initialize())
{
m_pProcesses->ReleaseAll();
HMODULE hModuleArray[1024];
HANDLE hProcess;
DWORD nModules;
DWORD cbNeeded;
hProcess = ::OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE,
dwProcessId
);
if (hProcess)
{
if (!m_pfnEnumProcessModules(
hProcess,
hModuleArray,
sizeof(hModuleArray),
&cbNeeded
))
::CloseHandle(hProcess);
else
{
// Calculate number of modules in the process
nModules = cbNeeded / sizeof(hModuleArray[0]);
for (DWORD j = 0; j < nModules; j++)
{
HMODULE hModule = hModuleArray[j];
char szModuleName[MAX_PATH];
m_pfnGetModuleFileNameExA(
hProcess,
hModule,
szModuleName,
sizeof(szModuleName)
);
if (0 == j) // First module is the EXE. Just add it to the map
{
pProcessInfo = new CExeModuleInstance(
this,
szModuleName,
hModule,
dwProcessId
);
m_pProcesses->Add(*pProcessInfo);
if (bPopulateModules)
pProcessInfo->PopulateModules();
break;
} // if
} // for
::CloseHandle(hProcess);
} // if
} // if
} // if
else
{
bResult = FALSE;
}
return bResult;
}
//////////////////////////////////////////////////////////////////////////////
// PopulateModules
//
// Populate the module list using PSAPI
//////////////////////////////////////////////////////////////////////////////
BOOL CPsapiHandler::PopulateModules(CModuleInstance* pProcess)
{
BOOL bResult = TRUE;
CModuleInstance *pDllModuleInstance = NULL;
if (TRUE == Initialize())
{
DWORD pidArray[1024];
DWORD cbNeeded;
DWORD nProcesses;
// EnumProcesses returns an array with process IDs
if (m_pfnEnumProcesses(pidArray, sizeof(pidArray), &cbNeeded))
{
// Determine number of processes
nProcesses = cbNeeded / sizeof(DWORD);
// Release the container
pProcess->ReleaseModules();
for (DWORD i = 0; i < nProcesses; i++)
{
HMODULE hModuleArray[1024];
HANDLE hProcess;
DWORD pid = pidArray[i];
DWORD nModules;
// Let's open the process
hProcess = ::OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, pid);
if (!hProcess)
continue;
if (static_cast<CExeModuleInstance*>(pProcess)->Get_ProcessId() != pid)
{
::CloseHandle(hProcess);
continue;
}
// EnumProcessModules function retrieves a handle for
// each module in the specified process.
if (!m_pfnEnumProcessModules(
hProcess, hModuleArray,
sizeof(hModuleArray), &cbNeeded))
{
::CloseHandle(hProcess);
continue;
}
// Calculate number of modules in the process
nModules = cbNeeded / sizeof(hModuleArray[0]);
for (DWORD j = 0; j < nModules; j++)
{
HMODULE hModule = hModuleArray[j];
char szModuleName[MAX_PATH];
m_pfnGetModuleFileNameExA(
hProcess,
hModule,
szModuleName,
sizeof(szModuleName)
);
if (0 == j) // First module is the EXE.
{
// Do nothing.
} // if
else // Not the first module. It's a DLL
{
pDllModuleInstance = new CModuleInstance(
szModuleName,
hModule
);
pProcess->AddModule(pDllModuleInstance);
} // else
} // for
::CloseHandle(hProcess); // We're done with this process handle
} // for
bResult = TRUE;
} // if
else
{
bResult = FALSE;
}
} // if
else
{
bResult = FALSE;
}
return bResult;
}
BOOL CPsapiHandler::PopulateProcesses()
{
BOOL bResult = TRUE;
CExeModuleInstance* pProcessInfo;
if (TRUE == Initialize())
{
DWORD pidArray[1024];
DWORD cbNeeded;
DWORD nProcesses;
if (m_pfnEnumProcesses(pidArray, sizeof(pidArray), &cbNeeded))
{
// Determine number of processes
nProcesses = cbNeeded / sizeof(DWORD);
m_pProcesses->ReleaseAll();
for (DWORD i = 0; i < nProcesses; i++)
{
HMODULE hModuleArray[1024];
HANDLE hProcess;
DWORD pid = pidArray[i];
DWORD nModules;
hProcess = OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
FALSE, pid);
if (!hProcess)
continue;
if (!m_pfnEnumProcessModules(hProcess, hModuleArray,
sizeof(hModuleArray), &cbNeeded))
{
::CloseHandle(hProcess);
continue;
}
// Calculate number of modules in the process
nModules = cbNeeded / sizeof(hModuleArray[0]);
for (DWORD j = 0; j < nModules; j++)
{
HMODULE hModule = hModuleArray[j];
char szModuleName[MAX_PATH];
m_pfnGetModuleFileNameExA(hProcess, hModule,
szModuleName, sizeof(szModuleName));
if (0 == j) // First module is the EXE. Just add it to the map
{
pProcessInfo = new CExeModuleInstance(
szModuleName, hModule, pid);
m_pProcesses->Add(*pProcessInfo);
pProcessInfo->PopulateModules(this);
break;
} // if
} // for
::CloseHandle(hProcess);
} // for
bResult = TRUE;
} // if
else
{
bResult = FALSE;
}
} // if
else
{
bResult = FALSE;
}
return bResult;
}
