-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproc_windows.go
65 lines (54 loc) · 1.63 KB
/
proc_windows.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package proc
import (
"syscall"
"unsafe"
)
var (
kernel = syscall.NewLazyDLL("kernel32.dll")
processFirst = kernel.NewProc("Process32First")
processNext = kernel.NewProc("Process32Next")
createSnapshot = kernel.NewProc("CreateToolhelp32Snapshot")
)
// processEntry describes a process snapshot.
type processEntry struct {
dwSize uint32 // REQUIRED: FILL THIS OUT WITH unsafe.Sizeof(processEntry{})
cntUsage uint32
pid uint32
th32DefaultHeapID uintptr
th32ModuleID uint32
cntThreads uint32
ppid uint32
pcPriClassBase int32
dwFlags uint32
szExeFile [260]byte // MAX_PATH is 260, only use byte if using ascii ver procs.
}
// listProcs returns a list of the running processes.
func listProcs() ([]*Proc, error) {
handle, _, err := createSnapshot.Call(2, 0)
if syscall.Handle(handle) == syscall.InvalidHandle {
return nil, err
}
defer syscall.CloseHandle(syscall.Handle(handle))
procs := make([]*Proc, 0)
procEntry := new(processEntry)
procEntry.dwSize = uint32(unsafe.Sizeof(*procEntry))
ret, _, err := processFirst.Call(handle, uintptr(unsafe.Pointer(procEntry)))
if ret == 0 {
if err == syscall.ERROR_NO_MORE_FILES {
return procs, nil
}
return nil, err
}
procs = append(procs, &Proc{Pid: int(procEntry.pid), Ppid: int(procEntry.ppid)})
for {
ret, _, err := processNext.Call(handle, uintptr(unsafe.Pointer(procEntry)))
if ret == 0 {
if err == syscall.ERROR_NO_MORE_FILES {
break
}
return nil, err
}
procs = append(procs, &Proc{Pid: int(procEntry.pid), Ppid: int(procEntry.ppid)})
}
return procs, nil
}