mirrors/rufus
1
0
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2025-05-23 19:27:03 -04:00
Code Issues Projects Releases Packages Wiki Activity

[process] report the full commandline for blocking processes

Browse source 
* This can be useful to find which Service instance an 'svchost.exe'
  is attached to.
This commit is contained in:
Pete Batard 2019-01-02 16:36:34 +00:00
parent 7b2edbfd6f
commit 5309dc88e2
No known key found for this signature in database
GPG key ID: 38E0CF5E69EDD671
3 changed files with 173 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

33
src/process.h
View file

@ -4,9 +4,9 @@
*
* Modified from Process Hacker:
* https://github.com/processhacker2/processhacker2/
* Copyright © 2009-2016 wj32
* Copyright © 2017-2019 Pete Batard <pete@akeo.ie>
* Copyright © 2017 dmex
* Copyright © 2017 Pete Batard <pete@akeo.ie>
* Copyright © 2009-2016 wj32
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -50,6 +50,11 @@
#define SystemExtendedHandleInformation 64
#define FileProcessIdsUsingFileInformation 47
// MinGW doesn't know this one yet
#if !defined(PROCESSOR_ARCHITECTURE_ARM64)
#define PROCESSOR_ARCHITECTURE_ARM64 12
#endif
#define NtCurrentProcess() ((HANDLE)(LONG_PTR)-1)
typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX
@ -113,8 +118,24 @@ typedef struct _OBJECT_TYPES_INFORMATION
ULONG NumberOfTypes;
} OBJECT_TYPES_INFORMATION, *POBJECT_TYPES_INFORMATION;
typedef struct _PROCESS_BASIC_INFORMATION_WOW64
{
PVOID Reserved1[2];
PVOID64 PebBaseAddress;
PVOID Reserved2[4];
ULONG_PTR UniqueProcessId[2];
PVOID Reserved3[2];
} PROCESS_BASIC_INFORMATION_WOW64;
typedef struct _FILE_PROCESS_IDS_USING_FILE_INFORMATION {
typedef struct _UNICODE_STRING_WOW64
{
USHORT Length;
USHORT MaximumLength;
PVOID64 Buffer;
} UNICODE_STRING_WOW64;
typedef struct _FILE_PROCESS_IDS_USING_FILE_INFORMATION
{
ULONG NumberOfProcessIdsInList;
ULONG_PTR ProcessIdList[1];
} FILE_PROCESS_IDS_USING_FILE_INFORMATION, *PFILE_PROCESS_IDS_USING_FILE_INFORMATION;
@ -123,11 +144,11 @@ typedef struct _FILE_PROCESS_IDS_USING_FILE_INFORMATION {
#define ALIGN_UP(Address, Type) ALIGN_UP_BY(Address, sizeof(Type))
#define PH_FIRST_OBJECT_TYPE(ObjectTypes) \
(POBJECT_TYPE_INFORMATION)((PCHAR)(ObjectTypes) + ALIGN_UP(sizeof(OBJECT_TYPES_INFORMATION), ULONG_PTR))
(POBJECT_TYPE_INFORMATION)((PCHAR)(ObjectTypes) + ALIGN_UP(sizeof(OBJECT_TYPES_INFORMATION), ULONG_PTR))
#define PH_NEXT_OBJECT_TYPE(ObjectType) \
(POBJECT_TYPE_INFORMATION)((PCHAR)(ObjectType) + sizeof(OBJECT_TYPE_INFORMATION) + \
ALIGN_UP(ObjectType->TypeName.MaximumLength, ULONG_PTR))
(POBJECT_TYPE_INFORMATION)((PCHAR)(ObjectType) + sizeof(OBJECT_TYPE_INFORMATION) + \
ALIGN_UP(ObjectType->TypeName.MaximumLength, ULONG_PTR))
// Heaps