Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Open Handles
OSR_Community_User-50
Member Posts: 7
in NTDEV
Hi all,
Is there a way I can enumerate all the Open handles in a Process??
That is, at one point of time in my execution thread I need
to know what/how many open handles do I have.
thanx in advance
Tushar
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Is there a way I can enumerate all the Open handles in a Process??
That is, at one point of time in my execution thread I need
to know what/how many open handles do I have.
thanx in advance
Tushar
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Internals & Software Drivers | 19-23 June 2023 | Live, Online |
| Writing WDF Drivers | 10-14 July 2023 | Live, Online |
| Kernel Debugging | 16-20 October 2023 | Live, Online |
| Developing Minifilters | 13-17 November 2023 | Live, Online |
Comments
Use NtQuerySystemInformation with information class
16. It returns list of handles for all the processes
in the system. The data is returned in the following
structure format.
typedef struct HandleInfo{
ULONG Pid;
USHORT ObjectType;
USHORT HandleValue;
PVOID ObjectPointer;
ULONG AccessMask;
} HANDLEINFO, *PHANDLEINFO;
typedef struct SystemHandleInfo {
ULONG nHandleEntries;
HANDLEINFO HandleInfo[1];
} SYSTEMHANDLEINFO, *PSYSTEMHANDLEINFO;
Example code..
char Buffer[100000];
void HandleInformation()
{
PSYSTEMHANDLEINFO pSystemHandleInfo;
NTSTATUS rc;
ULONG i;
memset(Buffer, 0, sizeof(Buffer));
rc=NtQuerySystemInformation(16,
Buffer,
sizeof(Buffer),
NULL);
if (rc!=STATUS_SUCCESS) {
printf("NtQuerySystemInformation failed, rc=%x\n",
rc);
return;
}
pSystemHandleInfo=(PSYSTEMHANDLEINFO)Buffer;
printf("Number of Handle Entries = %x\n",
pSystemHandleInfo->nHandleEntries);
printf("Pid ObjType ObjHnd ObjPtr
AccessMask\n");
for (i=0; i<pSystemHandleInfo->nHandleEntries; i++) {
printf("%-8x %-8x %-8x %-8x %-8x\n",
pSystemHandleInfo->HandleInfo[i].Pid,
pSystemHandleInfo->HandleInfo[i].ObjectType,
pSystemHandleInfo->HandleInfo[i].HandleValue,
pSystemHandleInfo->HandleInfo[i].ObjectPointer,
pSystemHandleInfo->HandleInfo[i].AccessMask);
}
printf("\n\n");
}
-Prasad
--- Tushar Banerjee <[email protected]> wrote:
> Hi all,
>
> Is there a way I can enumerate all the Open handles
> in a Process??
> That is, at one point of time in my execution thread
> I need
> to know what/how many open handles do I have.
>
> thanx in advance
> Tushar
>
______________________________________________________
> Get Your Private, Free Email at
> http://www.hotmail.com
>
>
> ---
> You are currently subscribed to ntdev as:
> [email protected]
> To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
>
=====
Prasad S. Dabak
Director of Engineering, Windows NT/2000 Division
Cybermedia Software Private Limited
http://www.cybermedia.co.in
Co-author of the book "Undocumented Windows NT"
ISBN 0764545698
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com