Open Handles

Hi all,

Is there a way I can enumerate all the Open handles in a Process??
That is, at one point of time in my execution thread I need
to know what/how many open handles do I have.

thanx in advance
Tushar


Get Your Private, Free Email at http://www.hotmail.com

Hello,

Use NtQuerySystemInformation with information class
16. It returns list of handles for all the processes
in the system. The data is returned in the following
structure format.

typedef struct HandleInfo{
ULONG Pid;
USHORT ObjectType;
USHORT HandleValue;
PVOID ObjectPointer;
ULONG AccessMask;
} HANDLEINFO, *PHANDLEINFO;

typedef struct SystemHandleInfo {
ULONG nHandleEntries;
HANDLEINFO HandleInfo[1];
} SYSTEMHANDLEINFO, *PSYSTEMHANDLEINFO;

Example code…

char Buffer[100000];

void HandleInformation()
{
PSYSTEMHANDLEINFO pSystemHandleInfo;
NTSTATUS rc;
ULONG i;

memset(Buffer, 0, sizeof(Buffer));

rc=NtQuerySystemInformation(16,
Buffer,
sizeof(Buffer),
NULL);

if (rc!=STATUS_SUCCESS) {
printf(“NtQuerySystemInformation failed, rc=%x\n”,
rc);
return;
}

pSystemHandleInfo=(PSYSTEMHANDLEINFO)Buffer;

printf(“Number of Handle Entries = %x\n”,
pSystemHandleInfo->nHandleEntries);

printf(“Pid ObjType ObjHnd ObjPtr
AccessMask\n”);

for (i=0; inHandleEntries; i++) {
printf(“%-8x %-8x %-8x %-8x %-8x\n”,
pSystemHandleInfo->HandleInfo[i].Pid,
pSystemHandleInfo->HandleInfo[i].ObjectType,
pSystemHandleInfo->HandleInfo[i].HandleValue,

pSystemHandleInfo->HandleInfo[i].ObjectPointer,
pSystemHandleInfo->HandleInfo[i].AccessMask);
}

printf(“\n\n”);
}

-Prasad

— Tushar Banerjee wrote:
> Hi all,
>
> Is there a way I can enumerate all the Open handles
> in a Process??
> That is, at one point of time in my execution thread
> I need
> to know what/how many open handles do I have.
>
> thanx in advance
> Tushar
>
____
> Get Your Private, Free Email at
> http://www.hotmail.com
>
>
> —
> You are currently subscribed to ntdev as:
> xxxxx@yahoo.com
> To unsubscribe send a blank email to
> $subst(‘Email.Unsub’)
>
>

=====
Prasad S. Dabak
Director of Engineering, Windows NT/2000 Division
Cybermedia Software Private Limited
http://www.cybermedia.co.in
Co-author of the book “Undocumented Windows NT”
ISBN 0764545698


Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com