windows 下获取父进程pid

DWORD GetParentProcessID(DWORD dwProcessId)
{
LONG                        status;
DWORD                       dwParentPID = (DWORD)-1;
HANDLE                      hProcess;
PROCESS_BASIC_INFORMATION   pbi;

PROCNTQSIP NtQueryInformationProcess = (PROCNTQSIP)GetProcAddress(
GetModuleHandle(L"ntdll"), "NtQueryInformationProcess");

if(NULL == NtQueryInformationProcess)
{
return (DWORD)-1;
}
// Get process handle
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE, dwProcessId);
if (!hProcess)
{
return (DWORD)-1;
}

// Retrieve information
status = NtQueryInformationProcess( hProcess,
ProcessBasicInformation,
(PVOID)&pbi,
sizeof(PROCESS_BASIC_INFORMATION),
NULL
);

// Copy parent Id on success
if  (!status)
{
dwParentPID = pbi.InheritedFromUniqueProcessId;
}

CloseHandle (hProcess);

return dwParentPID;

}

#include <wtypes.h>:

#define ProcessBasicInformation 0

typedef struct
{
DWORD ExitStatus;
DWORD PebBaseAddress;
DWORD AffinityMask;
DWORD BasePriority;
ULONG UniqueProcessId;
ULONG InheritedFromUniqueProcessId;
}   PROCESS_BASIC_INFORMATION;

// ntdll!NtQueryInformationProcess (NT specific!)
//
// The function copies the process information of the
// specified type into a buffer
//
// NTSYSAPI
// NTSTATUS
// NTAPI
// NtQueryInformationProcess(
//    IN HANDLE ProcessHandle,              // handle to process
//    IN PROCESSINFOCLASS InformationClass, // information type
//    OUT PVOID ProcessInformation,         // pointer to buffer
//    IN ULONG ProcessInformationLength,    // buffer size in bytes
//    OUT PULONG ReturnLength OPTIONAL      // pointer to a 32-bit
//                                          // variable that receives
//                                          // the number of bytes
//                                          // written to the buffer
// );
typedef LONG (__stdcall *PROCNTQSIP)(HANDLE,UINT,PVOID,ULONG,PULONG);