Windows c ++ API中是否有任何内容可以为我提供一个具有给定文件句柄的进程列表?
答案 0 :(得分:4)
来自微软的博客:How do I find out which process has a file open?
重新启动管理器的官方目标是帮助关闭和重新启动使用您要更新的文件的应用程序。为此,它需要跟踪哪些进程持有对哪些文件的引用。这是在这里使用的数据库。 (为什么内核会跟踪哪些进程打开文件?因为这与不跟踪您不需要的信息的原则相反:现在它需要信息!)
这是一个简单的程序,它在命令行中获取文件名,并显示哪些进程打开了文件。
#include <windows.h> #include <RestartManager.h> #include <stdio.h> int __cdecl wmain(int argc, WCHAR **argv) { DWORD dwSession; WCHAR szSessionKey[CCH_RM_SESSION_KEY+1] = { 0 }; DWORD dwError = RmStartSession(&dwSession, 0, szSessionKey); wprintf(L"RmStartSession returned %d\n", dwError); if (dwError == ERROR_SUCCESS) { PCWSTR pszFile = argv[1]; dwError = RmRegisterResources(dwSession, 1, &pszFile, 0, NULL, 0, NULL); wprintf(L"RmRegisterResources(%ls) returned %d\n", pszFile, dwError); if (dwError == ERROR_SUCCESS) { DWORD dwReason; UINT i; UINT nProcInfoNeeded; UINT nProcInfo = 10; RM_PROCESS_INFO rgpi[10]; dwError = RmGetList(dwSession, &nProcInfoNeeded, &nProcInfo, rgpi, &dwReason); wprintf(L"RmGetList returned %d\n", dwError); if (dwError == ERROR_SUCCESS) { wprintf(L"RmGetList returned %d infos (%d needed)\n", nProcInfo, nProcInfoNeeded); for (i = 0; i < nProcInfo; i++) { wprintf(L"%d.ApplicationType = %d\n", i, rgpi[i].ApplicationType); wprintf(L"%d.strAppName = %ls\n", i, rgpi[i].strAppName); wprintf(L"%d.Process.dwProcessId = %d\n", i, rgpi[i].Process.dwProcessId); HANDLE hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, rgpi[i].Process.dwProcessId); if (hProcess) { FILETIME ftCreate, ftExit, ftKernel, ftUser; if (GetProcessTimes(hProcess, &ftCreate, &ftExit, &ftKernel, &ftUser) && CompareFileTime(&rgpi[i].Process.ProcessStartTime, &ftCreate) == 0) { WCHAR sz[MAX_PATH]; DWORD cch = MAX_PATH; if (QueryFullProcessImageNameW(hProcess, 0, sz, &cch) && cch <= MAX_PATH) { wprintf(L" = %ls\n", sz); } } CloseHandle(hProcess); } } } } RmEndSession(dwSession); } return 0; }
答案 1 :(得分:3)