enumerating kernel objects for process

delphi package - easy access to kernel objects etc.
Post Reply
treker
Posts: 3
Joined: Fri Jun 10, 2005 12:35 am

enumerating kernel objects for process

Post by treker »

when I execute this code

Code: Select all

app := Process(2036);
  with app.Handles do
    for i1:=0 to ItemCount do
      s1 := s1 + #13#10 + Items[i1].KernelObj.ObjName;
  MessageBox(0, pchar(s1), 'kernel objects', 0);
my app freezes and CPU is at 100% for 2-3 seconds. is it possible to avoid this?
madshi
Site Admin
Posts: 10749
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

First of all please loop from "0 to ItemCount - 1".

What exactly do you want to avoid? Getting the handles of another process costs CPU time, there's no way around it.

You can avoid the freezing by executing that code in a thread.
treker
Posts: 3
Joined: Fri Jun 10, 2005 12:35 am

Post by treker »

Yup, putting code in thread solved freezing problem. Can you tell me how can I get "c:\" like path from Items[i1].KernelObj.ObjName?
madshi
Site Admin
Posts: 10749
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

What do you get, if not C:\?
treker
Posts: 3
Joined: Fri Jun 10, 2005 12:35 am

Post by treker »

I get

\Device\HarddiskVolume1\Documents and Settings\User\My Documents\document.doc
madshi
Site Admin
Posts: 10749
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Ah well, try this one:

Code: Select all

var arrCh : array [0..MAX_PATH] of char;
begin
  if QueryDosDevice('C:', arrCh, MAX_PATH) <> 0 then
    ShowMessage(arrCh);
The problem is that I don't know a way to get from \Device\whatever to the drive letter. But you can go the other way round like shown in the code.
iconic
Site Admin
Posts: 1064
Joined: Wed Jun 08, 2005 5:08 am

Post by iconic »

@madshi,
I know of no API that allows you to map a symbolic link to a logical drive letter. But, if you call QueryDosDevice() with the first param as nil you will receive a buffer of null terminated device names including all logical devices (a-z drive letters and so on). After that just run a loop and use the logical names to get their own respective symbolic link names (\Device\whatever).

I had to do it a few months ago so here is my code, hope it helps.

Code: Select all


Procedure MapSymbolicLinks(const LV: TListView);
const mem_sz = 16000;
var
     p: PChar;
 sz, i: cardinal;
   buf: array [0..MAX_PATH] of char;
    sl: TStringList;
begin
   sl := TStringList.Create();
   try
    GetMem(p, mem_sz);
    ZeroMemory(@buf, sizeof(buf));
    sz := QueryDosDevice(nil, @p^, mem_sz);
    for i := 1 to sz do
    if p[i] = #0 then
    p[i] := #10;
    sl.CommaText := p;
    lv.Items.BeginUpdate();
   for i := 0 to sl.count-1 do
   begin
   with
    Lv.Items.Add() do
    begin
    Caption := sl[i];
    QueryDosDevice(@PChar(sl[i])^, @buf, sizeof(buf));
      with Subitems do
      Add(buf);
     end;
   end;
   finally
    FreeMem(p);
    sl.Free;
    Lv.Items.EndUpdate();
   end;
end;

--Iconic
madshi
Site Admin
Posts: 10749
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Cool - thanks!
Post Reply