Jump to content

Proposal to modify _WinAPI_GetProcessFileName


Recommended Posts

Hi, I recently used _WinAPI_GetProcessFileName, I noticed it uses GetModuleFileNameEx function to retrieve the path, and it requires PROCESS_QUERY_INFORMATION and PROCESS_VM_READ.

Well, from Vista there is another function, QueryFullProcessImageName, which requires only PROCESS_QUERY_LIMITED_INFORMATION access rights, and it allows to retrieve some process which GetModuleFileNameEx can't get because of its requirements.

Here is an example which shows the issue:

#include <WinAPIProc.au3>

$array = ProcessList()
For $i = 1 To $array[0][0]
    If $array[$i][1] Then
        $output1 = _WinAPI_GetProcessFileName2($array[$i][1])
        $output2 = _WinAPI_GetProcessFileName($array[$i][1])
        If @error Then $output2 = -1
        If Not ($output1 = $output2) Then
            If Not ($output1 = -1) Then ConsoleWrite($output1 & "--> _WinAPI_GetProcessFileName2" & @CRLF)
            If Not ($output2 = -1) Then ConsoleWrite($output2 & "--> _WinAPI_GetProcessFileName" & @CRLF)

Func _WinAPI_GetProcessFileName2($iPID)
    Local $dwDesiredAccess = __Iif($__WINVER < 0x0600, 0x0410, 0x1000), $sPath = ""

    Local $aRet = DllCall("Kernel32.dll", "HANDLE", "OpenProcess", "DWORD", $dwDesiredAccess, "BOOL", False, "DWORD", $iPID)
    If @error Or $aRet[0] = Null Or $aRet[0] = 0 Or $aRet[0] = Ptr(0) Then Return SetError(-1, 0, -1)
    Local $hProcess = $aRet[0]

    If $dwDesiredAccess = 0x0410 Then
        $aRet = DllCall(@SystemDir & "\psapi.dll", "DWORD", "GetModuleFileNameExW", "HANDLE", $hProcess, "HANDLE", 0, "wstr", "", "DWORD", 65535)
        $aRet = DllCall("Kernel32.dll", "BOOL", "QueryFullProcessImageNameW", "HANDLE", $hProcess, "DWORD", 0, "wstr", "", "dword*", 65535)
    If Not (@error Or $aRet[0] = 0) Then $sPath = $aRet[3]
    DllCall("Kernel32.dll", "BOOL", "CloseHandle", "HANDLE", $hProcess)
    Return $sPath = "" ? SetError(-1, 0, -1) : $sPath
EndFunc   ;==>_GetProcessPath


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...