Skip to content

Commit

Permalink
support getting Object Name
Browse files Browse the repository at this point in the history
  • Loading branch information
@BeneficialCode
BeneficialCode committed Jul 15, 2024
1 parent c8ce7d8 commit eb33494
Showing 1 changed file with 14 additions and 1 deletion.
15 changes: 14 additions & 1 deletion WinSysCore/ObjectManager.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -519,8 +519,21 @@ bool ObjectManager::GetStats(ObjectAndHandleStats& stats) {

std::wstring ObjectManager::GetObjectName(HANDLE hObject, ULONG pid, USHORT type) const {
auto hDup = DriverHelper::DupHandle(hObject, pid, 0);
if (hDup == nullptr) {
OBJECT_ATTRIBUTES procAttr = RTL_CONSTANT_OBJECT_ATTRIBUTES(nullptr, 0);
CLIENT_ID cid{};
cid.UniqueProcess = UlongToHandle(pid);
HANDLE hProcess;
NTSTATUS status = NtOpenProcess(&hProcess, PROCESS_DUP_HANDLE, &procAttr, &cid);
if (!NT_SUCCESS(status))
return L"";
status = NtDuplicateObject(hProcess, hObject, NtCurrentProcess(), &hDup, READ_CONTROL, 0, 0);
if (!NT_SUCCESS(status))
return L"";
}
std::wstring name = GetObjectName(hDup, type);
::CloseHandle(hDup);
if (hDup != nullptr)
::CloseHandle(hDup);
return name;
}

Expand Down

0 comments on commit eb33494

Please sign in to comment.