【发布时间】:2013-05-21 10:17:10
【问题描述】:
我正在尝试获取 Windows 机器上所有当前正在运行的进程的列表。
我正在尝试通过 JNA 调用 winapi 来 EnumProcesses -> OpenProcess -> GetModuleBaseNameW -> CloseHandle 它在 OpenProcess 调用中失败。 GetLastError 返回 5 (ERROR_ACCESS_DENIED)。
这是我的代码:
public static final int PROCESS_QUERY_INFORMATION = 0x0400;
public static final int PROCESS_VM_READ = 0x0010;
public static final int PROCESS_VM_WRITE = 0x0020;
public static final int PROCESS_VM_OPERATION = 0x0008;
public interface Psapi extends StdCallLibrary {
Psapi INSTANCE = (Psapi) Native.loadLibrary("Psapi", Psapi.class);
boolean EnumProcesses(int[] ProcessIDsOut, int size, int[] BytesReturned);
DWORD GetModuleBaseNameW(Pointer hProcess, Pointer hModule, byte[] lpBaseName, int nSize);
}
public interface Kernel32 extends StdCallLibrary {
Kernel32 INSTANCE = (Kernel32) Native.loadLibrary("Kernel32", Kernel32.class);
Pointer OpenProcess(int dwDesiredAccess, boolean bInheritHandle, int dwProcessId);
boolean CloseHandle(Pointer hObject);
}
public static void main(String[] args) {
int[] processlist = new int[1024];
int[] dummylist = new int[1024];
Psapi.INSTANCE.EnumProcesses(processlist, 1024, dummylist);
for (int pid : processlist) {
System.out.println(pid);
Pointer ph = Kernel32.INSTANCE.OpenProcess(PROCESS_VM_READ, false, pid);
try {
Thread.sleep(1000);
} catch (Exception ignore) {
}
System.err.println(com.sun.jna.platform.win32.Kernel32.INSTANCE.GetLastError()); // <- 5
System.err.println(ph); // <- null
if (ph != null) {
byte[] filename = new byte[512];
Psapi.INSTANCE.GetModuleBaseNameW(ph, new Pointer(0), filename, 512);
try {
Thread.sleep(1000);
} catch (Exception ignore) {
}
System.err.println(Native.toString(filename));
Kernel32.INSTANCE.CloseHandle(ph);
}
}
}
【问题讨论】:
-
请注意,JNA 包含一个平台库,它已经封装了许多 WinAPI 调用,因此您需要做的更少。