Context Navigation

source: nscp/include/EnumProcess.h @ c391984

0.4.00.4.10.4.2

Last change on this file since c391984 was 1ecd26f, checked in by Michael Medin <michael@…>, 2 years ago
syncronized streams between 0.4.x and 0.3.x as well as improed the CMAke build alot
Property mode set to `100644`
File size: 5.2 KB

Line
1	/**************************************************************************
2	* Copyright (C) 2004-2007 by Michael Medin <michael@medin.name> *
3	* *
4	* This code is part of NSClient++ - http://trac.nakednuns.org/nscp *
5	* *
6	* This program is free software; you can redistribute it and/or modify *
7	* it under the terms of the GNU General Public License as published by *
8	* the Free Software Foundation; either version 2 of the License, or *
9	* (at your option) any later version. *
10	* *
11	* This program is distributed in the hope that it will be useful, *
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14	* GNU General Public License for more details. *
15	* *
16	* You should have received a copy of the GNU General Public License *
17	* along with this program; if not, write to the *
18	* Free Software Foundation, Inc., *
19	* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20	***************************************************************************/
21	#pragma once
22
23	#include <psapi.h>
24	#include <string>
25	#include <error.hpp>
26
27
28	namespace ENUM_METHOD
29	{
30	const int NONE = 0x0;
31	const int PSAPI = 0x1;
32	}
33
34	const int MAX_FILENAME = 256;
35
36	#ifdef UNICODE
37	// Functions loaded from PSAPI
38	typedef BOOL (WINAPI PFEnumProcesses)(DWORD lpidProcess, DWORD cb, DWORD * cbNeeded);
39	typedef BOOL (WINAPI PFEnumProcessModules)(HANDLE hProcess, HMODULE lphModule, DWORD cb, LPDWORD lpcbNeeded);
40	typedef DWORD (WINAPI *PFGetModuleFileNameEx)(HANDLE hProcess, HMODULE hModule, LPTSTR lpFilename, DWORD nSize);
41	//typedef BOOL ( WINAPI *PROCESSENUMPROC )(DWORD dwProcessId, DWORD dwAttributes, LPARAM lpUserDefined );
42	typedef BOOL ( WINAPI *TASKENUMPROCEX )(DWORD dwThreadId, WORD hMod16, WORD hTask16, PSZ pszModName, PSZ pszFileName, LPARAM lpUserDefined );
43	typedef INT (WINAPI *PFVDMEnumTaskWOWEx)(DWORD dwProcessId, TASKENUMPROCEX fp, LPARAM lparam);
44	#else
45	// Functions loaded from PSAPI
46	typedef BOOL (WINAPI PFEnumProcesses)(DWORD lpidProcess, DWORD cb, DWORD * cbNeeded);
47	typedef BOOL (WINAPI PFEnumProcessModules)(HANDLE hProcess, HMODULE lphModule, DWORD cb, LPDWORD lpcbNeeded);
48	typedef DWORD (WINAPI *PFGetModuleFileNameEx)(HANDLE hProcess, HMODULE hModule, LPTSTR lpFilename, DWORD nSize);
49	typedef BOOL ( WINAPI *TASKENUMPROCEX )(DWORD dwThreadId, WORD hMod16, WORD hTask16, PSZ pszModName, PSZ pszFileName, LPARAM lpUserDefined );
50	typedef INT (WINAPI *PFVDMEnumTaskWOWEx)(DWORD dwProcessId, TASKENUMPROCEX fp, LPARAM lparam);
51	#endif
52
53	#define DEFAULT_BUFFER_SIZE 64*1024
54
55	class CEnumProcess
56	{
57	public:
58
59	class error_reporter {
60	public:
61	virtual void report_error(std::wstring error) = 0;
62	virtual void report_warning(std::wstring error) = 0;
63	virtual void report_debug(std::wstring error) = 0;
64	virtual void report_debug_enter(std::wstring error) = 0;
65	virtual void report_debug_exit(std::wstring error) = 0;
66	};
67	class process_enumeration_exception {
68	std::wstring what_;
69	DWORD error_code_;
70	public:
71	process_enumeration_exception(std::wstring what) : what_(what) {}
72	process_enumeration_exception(DWORD error_code, std::wstring what) : what_(what), error_code_(error_code) {
73	what += error::lookup::last_error(error_code_);
74	}
75	std::wstring what() {
76	return what_;
77	}
78	DWORD error_code() {
79	return error_code_;
80	}
81	};
82
83	struct CProcessEntry {
84	std::wstring filename;
85	std::wstring command_line;
86	DWORD dwPID;
87	bool hung;
88	};
89
90	typedef std::list<CProcessEntry> process_list;
91	process_list enumerate_processes(bool expand_command_line, bool find_16bit = false, CEnumProcess::error_reporter *error_interface = NULL, unsigned int buffer_size = DEFAULT_BUFFER_SIZE);
92	CProcessEntry describe_pid(DWORD pid, bool expand_command_line);
93
94	struct CModuleEntry
95	{
96	std::wstring sFilename;
97	PVOID pLoadBase;
98	PVOID pPreferredBase;
99	// Constructors/Destructors
100	CModuleEntry() : pLoadBase(NULL), pPreferredBase(NULL) {}
101	CModuleEntry(CModuleEntry &e) : pLoadBase(e.pLoadBase), pPreferredBase(e.pPreferredBase), sFilename(e.sFilename) {}
102	virtual ~CModuleEntry() {}
103	};
104
105	CEnumProcess();
106	virtual ~CEnumProcess();
107
108	std::wstring GetCommandLine(HANDLE hProcess);
109	void enable_token_privilege(LPTSTR privilege);
110	void disable_token_privilege(LPTSTR privilege);
111	std::vector<DWORD> find_crashed_pids(CEnumProcess::error_reporter * error_interface);
112	bool has_PSAPI() {
113	return PSAPI != NULL;
114	}
115
116	private:
117
118	// PSAPI related members
119	HMODULE PSAPI; //Handle to the module
120	HMODULE VDMDBG;
121	// PSAPI related functions
122	PFEnumProcesses FEnumProcesses; // Pointer to EnumProcess
123	PFEnumProcessModules FEnumProcessModules; // Pointer to EnumProcessModules
124	PFGetModuleFileNameEx FGetModuleFileNameEx;// Pointer to GetModuleFileNameEx
125	PFVDMEnumTaskWOWEx FVDMEnumTaskWOWEx;
126	};
127

Note: See TracBrowser for help on using the repository browser.

Download in other formats: