windows进程函数介绍【一】

GetCurrentProcessId Function

Retrieves the process identifier of the calling process.

Syntax

C++

DWORD WINAPI GetCurrentProcessId(void);

DWORD WINAPI GetCurrentProcessId(void);

Parameters

This function has no parameters.

Return Value

The return value is the process identifier of the calling process.

Remarks

Until the process terminates, the process identifier uniquely identifies the process throughout the system.

GetCurrentProcess():

GetCurrentProcess得到得到的称之为"伪句柄"

只是一个标识,你可以发现,其实就是返回$FFFFFFFF,

每个进程得句柄都是一样得,只是实用于进程内部得使用.

如果你想得到实际得句柄,在进程间进行通讯,必需要进行转化,

调用DuplicateHandle,注意,得实句柄使用完成以后,你必须要调用CloseHandle去关闭.

其实,你应该明白了为何"伪句柄"得存在,就是使用简单,不用关闭,

不会造成内存泄漏.

同样道理,GetCurrentThread也是伪句柄,其值永远是$FFFFFFFE,只是适用于线程内部得使用.

DuplicateHandle() :

在系统中,对象分两类:核心对象和用户对象.如进程对象,线程对象,文件映射

对象等就是核心对象;而向窗口,菜单等都是用户对象.

两者是有差别的,用于标示用户对象的句柄是系统唯一的,也就是说,一个进程

完全可以对另外一个进程中的用户对象进行操作,比如两个进程间通信的方法之一,

就是发送消息.正是由于窗口是用户对象,所以句柄是系统唯一,通过FindWindow(),

得到另外一个进程的窗口句柄,然后用SendMessage(),让hWnd的窗口过程来处理消

息,实现了进程间的通信.因此,对于用户对象,你根本不用DuplicateHandle(),直接

把句柄拿来用就行了.

而核心对象则不一样.核心对象是为了加强系统的稳定性,因此,核心对象句柄是

进程相关的,在每一个进程中都有一个核心对象表,每一个对象的索引(不完全是)作为内和对象的句柄,从而实现进程相关.同一个对象在不同的进程中可能有不同的索引,即句柄.对核心对象进行操作时,系统还要进行安全检验,看一下你是否有权来操作这个对象.因此你不能同用户对象一样,直接把句柄拿过来用.比方说,你想操作另一个进程中的文件映射对象,这个文件映射对象句柄在那个进程中假设是0x000001,但在你的进程中,很有可能0x00000001时表示另一个核心对象,此时的操作就永远不会成功,甚至会产生灾难性的后果.此时,就有必要用

GetProcessTimes Function

Send Feedback

Retrieves timing information for the specified process.

Syntax

C++

View ColorizedCopy to ClipboardPrint

BOOL WINAPI GetProcessTimes(
__in   HANDLE hProcess,
__out  LPFILETIME lpCreationTime,
__out  LPFILETIME lpExitTime,
__out  LPFILETIME lpKernelTime,
__out  LPFILETIME lpUserTime
);

BOOL WINAPI GetProcessTimes(
__in   HANDLE hProcess,
__out  LPFILETIME lpCreationTime,
__out  LPFILETIME lpExitTime,
__out  LPFILETIME lpKernelTime,
__out  LPFILETIME lpUserTime
);

Parameters

hProcess [in]
A handle to the process whose timing information is sought. The handle must have the PROCESS_QUERY_INFORMATION or PROCESS_QUERY_LIMITED_INFORMATION access right. For more information, see

Process Security and Access Rights.

Windows Server 2003 and Windows XP/2000:  The handle must have the PROCESS_QUERY_INFORMATION access right.

lpCreationTime [out]
A pointer to a
FILETIME structure that receives the creation time of the process.

lpExitTime [out]
A pointer to a FILETIME structure that receives the exit time of the process. If the process has not exited, the content of this structure is undefined.

lpKernelTime [out]
A pointer to a FILETIME structure that receives the amount of time that the process has executed in kernel mode. The time that each of the threads of the process has executed in kernel mode is determined, and then all of those times are
summed together to obtain this value.

lpUserTime [out]
A pointer to a FILETIME structure that receives the amount of time that the process has executed in user mode. The time that each of the threads of the process has executed in user mode is determined, and then all of those times are summed
together to obtain this value.

Return Value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call

GetLastError.

WaitForSingleObject Function

Send Feedback

Waits until the specified object is in the signaled state or the time-out interval elapses.

To enter an alertable wait state, use the
WaitForSingleObjectEx function. To wait for multiple objects, use the

WaitForMultipleObjects.

Syntax

C++

View ColorizedCopy to ClipboardPrint

DWORD WINAPI WaitForSingleObject(
__in  HANDLE hHandle,
__in  DWORD dwMilliseconds
);

DWORD WINAPI WaitForSingleObject(
__in  HANDLE hHandle,
__in  DWORD dwMilliseconds
);

Parameters

hHandle [in]
A handle to the object. For a list of the object types whose handles can be specified, see the following Remarks section.

If this handle is closed while the wait is still pending, the function's behavior is undefined.

The handle must have the SYNCHRONIZE access right. For more information, see
Standard Access Rights.

dwMilliseconds [in]
The time-out interval, in milliseconds. If a nonzero value is specified, the function waits until the object is signaled or the interval elapses. If
dwMilliseconds is zero, the function does not enter a wait state if the object is not signaled; it always returns immediately. If
dwMilliseconds is INFINITE, the function will return only when the object is signaled.

Return Value

If the function succeeds, the return value indicates the event that caused the function to return. It can be one of the following values.

Return code/value	Description
WAIT_ABANDONED0x00000080L	The specified object is a mutex object that was not released by the thread that owned the mutex object before the owning thread terminated. Ownership of the mutex object is granted to the calling thread and the mutex state is set to nonsignaled. If the mutex was protecting persistent state information, you should check it for consistency.
WAIT_OBJECT_00x00000000L	The state of the specified object is signaled.
WAIT_TIMEOUT0x00000102L	The time-out interval elapsed, and the object's state is nonsignaled.
WAIT_FAILED(DWORD)0xFFFFFFFF	The function has failed. To get extended error information, call GetLastError.

 

Remarks

The WaitForSingleObject function checks the current state of the specified object. If the object's state is nonsignaled, the calling thread enters the wait state until the object is signaled or the time-out interval elapses.

The function modifies the state of some types of synchronization objects. Modification occurs only for the object whose signaled state caused the function to return. For example, the count of a semaphore object is decreased by one.

The WaitForSingleObject function can wait for the following objects:

Change notification
Console input
Event
Memory resource notification
Mutex
Process
Semaphore
Thread
Waitable timer
Use caution when calling the wait functions and code that directly or indirectly creates windows. If a thread creates any windows, it must process messages. Message broadcasts are sent to all windows in the system. A thread that uses a wait function with
no time-out interval may cause the system to become deadlocked. Two examples of code that indirectly creates windows are DDE and the

CoInitialize function. Therefore, if you have a thread that creates windows, use

MsgWaitForMultipleObjects or
MsgWaitForMultipleObjectsEx, rather than WaitForSingleObject.

GetExitCodeProcess Function

Send Feedback

Retrieves the termination status of the specified process.

Syntax

C++

View ColorizedCopy to ClipboardPrint

BOOL WINAPI GetExitCodeProcess(
__in   HANDLE hProcess,
__out  LPDWORD lpExitCode
);

BOOL WINAPI GetExitCodeProcess(
__in   HANDLE hProcess,
__out  LPDWORD lpExitCode
);

Parameters

hProcess [in]
A handle to the process.

The handle must have the PROCESS_QUERY_INFORMATION or PROCESS_QUERY_LIMITED_INFORMATION access right. For more information, see

Process Security and Access Rights.

Windows Server 2003 and Windows XP/2000:  The handle must have the PROCESS_QUERY_INFORMATION access right.

lpExitCode [out]
A pointer to a variable to receive the process termination status. For more information, see Remarks.

Return Value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call

GetLastError.

Remarks

This function returns immediately. If the process has not terminated and the function succeeds, the status returned is STILL_ACTIVE. If the process has terminated and the function succeeds, the status returned is one of the following values:

The exit value specified in the
ExitProcess or
TerminateProcess function.
The return value from the

main
or

WinMain
function of the process.
The exception value for an unhandled exception that caused the process to terminate.
Important  The GetExitCodeProcess function returns a valid error code defined by the application only after the thread terminates. Therefore, an application should not use STILL_ACTIVE (259) as an error code.
If a thread returns STILL_ACTIVE (259) as an error code, applications that test for this value could interpret it to mean that the thread is still running and continue to test for the completion of the thread after the thread has terminated, which could put
the application into an infinite loop.

SECURITY_ATTRIBUTES Structure

Send Feedback

The SECURITY_ATTRIBUTES structure contains the
security descriptor for an object and specifies whether the handle retrieved by specifying this structure is inheritable. This structure provides security settings for objects created by various functions, such as

CreateFile,
CreatePipe,
CreateProcess,
RegCreateKeyEx, or
RegSaveKeyEx.

Syntax

C++

View ColorizedCopy to ClipboardPrint

typedef struct _SECURITY_ATTRIBUTES {
DWORD  nLength;
LPVOID lpSecurityDescriptor;
BOOL   bInheritHandle;
}SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES, *LPSECURITY_ATTRIBUTES;

typedef struct _SECURITY_ATTRIBUTES {
DWORD  nLength;
LPVOID lpSecurityDescriptor;
BOOL   bInheritHandle;
}SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES, *LPSECURITY_ATTRIBUTES;

Members

nLength
The size, in bytes, of this structure. Set this value to the size of the
SECURITY_ATTRIBUTES structure.

lpSecurityDescriptor
A pointer to a security descriptor for the object that controls the sharing of it. If NULL is specified for this member, the object is assigned the default security descriptor of the calling process. This is not the same as granting access to everyone by
assigning a NULL 
discretionary access control list (DACL). The default security descriptor is based on the default DACL of the

access token belonging to the calling process. By default, the default DACL in the access token of a process allows access only to the user represented by the access token. If other users must access the object, you can either create a security
descriptor with the appropriate access, or add ACEs to the DACL that grants access to a group of users.

bInheritHandle
A Boolean value that specifies whether the returned handle is inherited when a new process is created. If this member is TRUE, the new process inherits the handle.