您的位置:首页 > 其它

VC获取父进程PID

2013-11-26 17:49 274 查看 
#include <windows.h>
#include <stdio.h>

typedef enum enumSYSTEM_INFORMATION_CLASS
{
SystemBasicInformation,
SystemProcessorInformation,
SystemPerformanceInformation,
SystemTimeOfDayInformation,
}SYSTEM_INFORMATION_CLASS;

typedef struct tagPROCESS_BASIC_INFORMATION
{
DWORD ExitStatus;
DWORD PebBaseAddress;
DWORD AffinityMask;
DWORD BasePriority;
ULONG UniqueProcessId;
ULONG InheritedFromUniqueProcessId;
}PROCESS_BASIC_INFORMATION;

typedef LONG (WINAPI *PNTQUERYINFORMATIONPROCESS)(HANDLE,UINT,PVOID,ULONG,PULONG);
PNTQUERYINFORMATIONPROCESS	NtQueryInformationProcess = NULL;

#define PRINT_LINE	printf("---------------------------------------------\n")

int GetParentProcessID(DWORD dwId)
{
LONG                      status;
DWORD                     dwParentPID = 0;
HANDLE                    hProcess;
PROCESS_BASIC_INFORMATION pbi;

hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwId);
if(!hProcess)
return -1;

status = NtQueryInformationProcess(hProcess,SystemBasicInformation,(PVOID)&pbi,sizeof(PROCESS_BASIC_INFORMATION),NULL);
if(!status)
dwParentPID = pbi.InheritedFromUniqueProcessId;

CloseHandle (hProcess);
return dwParentPID;
}

void main(int argc, char* argv[])
{
NtQueryInformationProcess = (PNTQUERYINFORMATIONPROCESS)GetProcAddress(GetModuleHandle("ntdll"),"NtQueryInformationProcess");
if (!NtQueryInformationProcess)
return;

int nID   = GetCurrentProcessId();
int nTemp = 0;

PRINT_LINE;
nTemp = GetParentProcessID(nID);
if(nTemp == -1)
{
printf(" 获取失败!\n");
return;
}

printf(" 子进程:%lu ---->>>>> 进程PID为:%lu\n",nID,nTemp);
while (true)
{
nID = GetParentProcessID(nTemp);
if(nID == -1)
break;

printf(" 子进程:%lu ---->>>>> 进程PID为:%lu\n",nTemp,nID);
nTemp = nID;
}

PRINT_LINE;
getchar();
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  VC
相关文章推荐
新的分享
章节导航