Get process info: Difference between revisions

From NSIS Wiki
Jump to navigationJump to search
mNo edit summary
mNo edit summary
Line 1: Line 1:
== Description ==
== Description ==
Get process info by process id
Get process info by process id (0 - current process)
* Real process id (useful for current process)
* Parent pid
* Parent pid
* Priority
* Priority
* process name
* Process name
* Fully-qualified process name (with path)


== Usage ==
== Usage ==
Line 14: Line 16:
Section
Section
  ;get own process info
  ;get own process info
  ${GetProcessInfo} 0 $0 $1 $2 $3
  ${GetProcessInfo} 0 $0 $1 $2 $3 $4
  DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3"
  DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4"


  ;and now get parent process info!
  ;and now get parent process info!
  ${GetProcessInfo} $1 $0 $1 $2 $3
  ${GetProcessInfo} $1 $0 $1 $2 $3 $5
  DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3"
  DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4"
  ;woila
  ;woila
SectionEnd
SectionEnd
Line 26: Line 28:
== The Script ==
== The Script ==


[[File:GetProcessInfo.nsh]]
[[File:GetProcessInfo.nsh|Download GetProcessInfo.nsh]]


File content:
File content:
Line 34: Line 36:
;Usage example:
;Usage example:
;${GetProcessInfo} 0 $0 $1 $2 $3
;${GetProcessInfo} 0 $0 $1 $2 $3
;DetailPrint "r0=$0 r1=$1 r2=$2 r3=$3" ;return r0=pid, r1=parent pid, r2=priority, r3=process name
;DetailPrint "pid=$0 parent_pid=$1 priority=$2 process_name=$3 exe=$4"
;
;


Line 45: Line 47:
;@out priority
;@out priority
;@out name - name of process
;@out name - name of process
!macro GetProcessInfo pid_in pid_out ppid priority name
;@out fullname - fully-qualified path of process
!macro GetProcessInfo pid_in pid_out ppid priority name fullname
Push ${pid_in}
Push ${pid_in}
Call _GetProcessInfo
Call _GetProcessInfo
Pop ${pid_out}
;name;pri;ppid;fname;pid;
Pop ${name}
Pop ${priority}
Pop ${priority}
Pop ${ppid}
Pop ${ppid}
Pop ${name}
Pop ${fullname}
Pop ${pid_out}
!macroend
!macroend


Function _GetProcessInfo
Function _GetProcessInfo
  Exch $R3 ;pid
  Exch $R3 ;pid
Push $R0 ;hSnapshot
Push $R1 ;result
Push $R9 ;PROCESSENTRY32
  Push $0
  Push $0
  Push $1
  Push $1
Line 64: Line 66:
  Push $3
  Push $3
  Push $4
  Push $4
   
  Push $5
Push $R0 ;hSnapshot
Push $R1 ;result
Push $R9 ;PROCESSENTRY32;MODULEENTRY32 and so on
Push $R8
 
;zero registers to waste trash, if error occurred
StrCpy $0 ""
StrCpy $1 ""
StrCpy $2 ""
StrCpy $3 ""
StrCpy $4 ""
StrCpy $5 ""


  !define TH32CS_SNAPPROCESS 2
  !define TH32CS_SNAPPROCESS 2
Line 74: Line 88:


skip_pid_detection:
skip_pid_detection:
System::Call 'Kernel32::CreateToolhelp32Snapshot(i ${TH32CS_SNAPPROCESS},i $R3) i.R0'
  System::Call 'Kernel32::CreateToolhelp32Snapshot(i ${TH32CS_SNAPPROCESS},i R3) i.R0'


IntCmp $R0 ${INVALID_HANDLE_VALUE} end ;someting wrong
  IntCmp $R0 ${INVALID_HANDLE_VALUE} end ;someting wrong


;$R9=PROCESSENTRY32
;$R9=PROCESSENTRY32
Line 93: Line 107:
;dwSize=4*9+260
;dwSize=4*9+260


System::Alloc 296
  System::Alloc 1024
pop $R9
  pop $R9
System::Call "*$R9(i 296)"
  System::Call "*$R9(i 296)"


System::Call 'Kernel32::Process32First(i R0, i $R9) i.R1'
  System::Call 'Kernel32::Process32First(i R0, i $R9) i.R1'
  StrCmp $R1 0 end


nnext_iteration:
nnext_iteration:
Line 107: Line 122:


exitloop:
exitloop:
;$0 - pid
  ;$0 - pid
;$1 - threads
  ;$1 - threads
;$2 - ppid
  ;$2 - ppid
;$3 - priority
  ;$3 - priority
;$4 - process name
  ;$4 - process name
System::Call "*$R9(i,i,i.r0,i,i,i.r1,i.r2,i.r3,i,&t256.r4)" ; Get next module
  System::Call "*$R9(i,i,i.r0,i,i,i.r1,i.r2,i.r3,i,&t256.r4)" ; Get next module
 
  ;free:
  System::Free $R9
  System::Call "Kernel32::CloseToolhelp32Snapshot(i R0)"
 
;===============
;now get full path and commandline


free:
  System::Call "Kernel32::OpenProcess(i 1040, i 0, i r0)i .R0"
System::Free $R9
 
  StrCmp $R0 0 end
 
  IntOp $R8 0 + 256
  System::Call "Kernel32::QueryFullProcessImageName(i R0,i 0,t .r5, *i $R8)i .R1"


end:
end:


Pop $R8
Pop $R9
Pop $R1
Pop $R0
Exch $5
Exch 1
  Exch $4
  Exch $4
  Exch 1
  Exch
  Exch $3
  Exch $3
  Exch 2
  Exch 3
  Exch $2
  Exch $2
  Exch 3
  Exch 4
  Pop $1
  Pop $1
  Exch 3
  Exch 4
  Exch $0
  Exch $0
  Exch 4
  Exch 5  
  Pop $R9
Exch 4
Pop $R1
Exch 4
Pop $R0
Exch 4
  Pop $R3
  Pop $R3
FunctionEnd</highlight-nsis>
FunctionEnd</highlight-nsis>


[[Category:System Plugin Examples]]
[[Category:System Plugin Examples]]

Revision as of 13:16, 25 November 2009

Description

Get process info by process id (0 - current process)

  • Real process id (useful for current process)
  • Parent pid
  • Priority
  • Process name
  • Fully-qualified process name (with path)

Usage

!include GetProcessInfo.nsh
 
OutFile GetProcessInfo.exe
 
Section
 ;get own process info
 ${GetProcessInfo} 0 $0 $1 $2 $3 $4
 DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4"
 
 ;and now get parent process info!
 ${GetProcessInfo} $1 $0 $1 $2 $3 $5
 DetailPrint "pid=$0 parent_pid=$1 priority=$2 name=$3 fullname=$4"
 ;woila
SectionEnd

The Script

File:GetProcessInfo.nsh

File content: 

;get process information
;
;Usage example:
;${GetProcessInfo} 0 $0 $1 $2 $3
;DetailPrint "pid=$0 parent_pid=$1 priority=$2 process_name=$3 exe=$4"
;
 
 
!define GetProcessInfo '!insertmacro GetProcessInfo'
 
;@in pid_in - if 0 - get current process info
;@out pid_out - real process id (may be useful, if pid_in=0)
;@out ppid - parent process id
;@out priority
;@out name - name of process
;@out fullname - fully-qualified path of process
!macro GetProcessInfo pid_in pid_out ppid priority name fullname
Push ${pid_in}
Call _GetProcessInfo
;name;pri;ppid;fname;pid;
Pop ${name}
Pop ${priority}
Pop ${ppid}
Pop ${fullname}
Pop ${pid_out}
!macroend
 
Function _GetProcessInfo
 Exch $R3 ;pid
 Push $0
 Push $1
 Push $2
 Push $3
 Push $4
 Push $5
 Push $R0 ;hSnapshot
 Push $R1 ;result
 Push $R9 ;PROCESSENTRY32;MODULEENTRY32 and so on
 Push $R8
 
 ;zero registers to waste trash, if error occurred
 StrCpy $0 ""
 StrCpy $1 ""
 StrCpy $2 ""
 StrCpy $3 ""
 StrCpy $4 ""
 StrCpy $5 ""
 
 !define TH32CS_SNAPPROCESS 2
 !define INVALID_HANDLE_VALUE -1
 
 IntCmp $R3 0 0 skip_pid_detection skip_pid_detection
 System::Call 'kernel32::GetCurrentProcess() i.R0'
 System::Call "Kernel32::GetProcessId(i R0) i.R3"
 
skip_pid_detection:
  System::Call 'Kernel32::CreateToolhelp32Snapshot(i ${TH32CS_SNAPPROCESS},i R3) i.R0'
 
  IntCmp $R0 ${INVALID_HANDLE_VALUE} end ;someting wrong
 
;$R9=PROCESSENTRY32
;typedef struct tagPROCESSENTRY32 {
;  DWORD     dwSize;
;  DWORD     cntUsage;
;  DWORD     th32ProcessID;
;  ULONG_PTR th32DefaultHeapID;
;  DWORD     th32ModuleID;
;  DWORD     cntThreads;
;  DWORD     th32ParentProcessID;
;  LONG      pcPriClassBase;
;  DWORD     dwFlags;
;  TCHAR     szExeFile[MAX_PATH];
;}PROCESSENTRY32, *PPROCESSENTRY32;
;dwSize=4*9+260
 
  System::Alloc 1024
  pop $R9
  System::Call "*$R9(i 296)"
 
  System::Call 'Kernel32::Process32First(i R0, i $R9) i.R1'
  StrCmp $R1 0 end
 
nnext_iteration:
  System::Call "*$R9(i,i,i.R1)" ;get PID
  IntCmp $R1 $R3 exitloop
 
  System::Call 'Kernel32::Process32Next(i R0, i $R9) i.R1'
  IntCmp $R1 0 0 nnext_iteration nnext_iteration
 
exitloop:
  ;$0 - pid
  ;$1 - threads
  ;$2 - ppid
  ;$3 - priority
  ;$4 - process name
  System::Call "*$R9(i,i,i.r0,i,i,i.r1,i.r2,i.r3,i,&t256.r4)" ; Get next module
 
  ;free:
  System::Free $R9
  System::Call "Kernel32::CloseToolhelp32Snapshot(i R0)"
 
;===============
;now get full path and commandline
 
  System::Call "Kernel32::OpenProcess(i 1040, i 0, i r0)i .R0"
 
  StrCmp $R0 0 end
 
  IntOp $R8 0 + 256
  System::Call "Kernel32::QueryFullProcessImageName(i R0,i 0,t .r5, *i $R8)i .R1"
 
end:
 
 Pop $R8
 Pop $R9
 Pop $R1
 Pop $R0
 Exch $5
 Exch 1
 Exch $4
 Exch 2  
 Exch $3
 Exch 3
 Exch $2
 Exch 4
 Pop $1
 Exch 4
 Exch $0
 Exch 5  
 Pop $R3
FunctionEnd
Retrieved from "https://nsis.sourceforge.io/mediawiki/index.php?title=Get_process_info&oldid=17900"