Windows API:查找文件映射句柄的过程 [英] Windows API: find process for a file mapping handle
问题描述
我创建了一个具有预定义协议的SSH代理(类似于PuTTY的pageant.exe):身份验证请求通过包含文件映射名称的WM_COPYDATA发送到代理窗口:
I created an SSH agent (similar to PuTTY's pageant.exe) which has a predefined protocol: Authentication requests are sent to the agent window via WM_COPYDATA containing the name of a file mapping:
// mapname is supplied via WM_COPYDATA
HANDLE filemap = OpenFileMapping(FILE_MAP_ALL_ACCESS, FALSE, mapname);
是否可以找出哪个进程(最终是进程名称)创建了特定的文件映射?
Is it possible to find out which process (ultimatively, the process name) created a particular file mapping?
我可以在文件映射"上使用GetSecurityInfo来获取安全属性(SID,GID等),但是如何获取进程本身呢?
I can use GetSecurityInfo on "filemap" to get the security attributes (SID, GID, ...) but how to I get the process itself?
重要说明:无法更改协议(例如,将有关发件人的信息添加到WM_COPYDATA),因为这是所有类似PuTTY的应用程序所使用的预定义协议!
Important note: It is NOT possible to change the protocol (e.g. add information about the sender to WM_COPYDATA) because this is the predefined protocol used by all PuTTY-like applications!
推荐答案
不要尝试通过文件句柄查找进程,这很复杂,您需要枚举进程为每个进程查找打开的句柄. WM_COPYDATA消息将向您发送发件人窗口的句柄,对GetWindowThreadProcessId的调用应可为您提供答案.
请记住,WM_COPYDATA是在32位和64位进程之间进行通信的一种方式,因此您的进程可能与调用方不在同一空间.
编辑->
您可以在WM_COPYDATA中收到发送方HWND,只需使用该HWND即可获取进程ID
Don't try to find the process by file handle, it's complicated you need to enumerate process to find open handles for each. The WM_COPYDATA message send you the handle of the sender window, a call to GetWindowThreadProcessId should give your answer.
Keep in mind that WM_COPYDATA is a way to communicate between 32 and 64 bits process so your process maybe in different space than the caller.
Edit-->
You receive the sender HWND in the WM_COPYDATA you only have to use that HWND to get the process ID
switch (uiMsg)
{
case WM_COPYDATA:
{
DWORD theProcessID;
GetWindowThreadProcessId((HWND) wParam, &theProcessID);
COPYDATASTRUCT *pMyCDS = (PCOPYDATASTRUCT) lParam;
/*...*/
}
/*...*/
}
这篇关于Windows API:查找文件映射句柄的过程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
