Jump to content

Proposal to modify _WinAPI_GetProcessFileName

Recommended Posts


Hi, I recently used _WinAPI_GetProcessFileName, I noticed it uses GetModuleFileNameEx function to retrieve the path, and it requires PROCESS_QUERY_INFORMATION and PROCESS_VM_READ.

Well, from Vista there is another function, QueryFullProcessImageName, which requires only PROCESS_QUERY_LIMITED_INFORMATION access rights, and it allows to retrieve some process which GetModuleFileNameEx can't get because of its requirements.

Here is an example which shows the issue:

#include <WinAPIProc.au3>

$array = ProcessList()
For $i = 1 To $array[0][0]
    If $array[$i][1] Then
        $output1 = _WinAPI_GetProcessFileName2($array[$i][1])
        $output2 = _WinAPI_GetProcessFileName($array[$i][1])
        If @error Then $output2 = -1
        If Not ($output1 = $output2) Then
            If Not ($output1 = -1) Then ConsoleWrite($output1 & "--> _WinAPI_GetProcessFileName2" & @CRLF)
            If Not ($output2 = -1) Then ConsoleWrite($output2 & "--> _WinAPI_GetProcessFileName" & @CRLF)

Func _WinAPI_GetProcessFileName2($iPID)
    Local $dwDesiredAccess = __Iif($__WINVER < 0x0600, 0x0410, 0x1000), $sPath = ""

    Local $aRet = DllCall("Kernel32.dll", "HANDLE", "OpenProcess", "DWORD", $dwDesiredAccess, "BOOL", False, "DWORD", $iPID)
    If @error Or $aRet[0] = Null Or $aRet[0] = 0 Or $aRet[0] = Ptr(0) Then Return SetError(-1, 0, -1)
    Local $hProcess = $aRet[0]

    If $dwDesiredAccess = 0x0410 Then
        $aRet = DllCall(@SystemDir & "\psapi.dll", "DWORD", "GetModuleFileNameExW", "HANDLE", $hProcess, "HANDLE", 0, "wstr", "", "DWORD", 65535)
        $aRet = DllCall("Kernel32.dll", "BOOL", "QueryFullProcessImageNameW", "HANDLE", $hProcess, "DWORD", 0, "wstr", "", "dword*", 65535)
    If Not (@error Or $aRet[0] = 0) Then $sPath = $aRet[3]
    DllCall("Kernel32.dll", "BOOL", "CloseHandle", "HANDLE", $hProcess)
    Return $sPath = "" ? SetError(-1, 0, -1) : $sPath
EndFunc   ;==>_GetProcessPath


  • Like 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.