mirror of https://github.com/dahall/Vanara.git
Added another NtQueryProcessInformation test
dahall
parent
8b5979d17c
commit
b06faf0596
|
|
@ -51,6 +51,10 @@
|
|||
<Project>{241f73ee-9298-45c9-b869-a045dff94c03}</Project>
|
||||
<Name>Vanara.Core</Name>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\..\PInvoke\Kernel32\Vanara.PInvoke.Kernel32.csproj">
|
||||
<Project>{842d436f-598c-47d7-b5aa-12399f8ccfe9}</Project>
|
||||
<Name>Vanara.PInvoke.Kernel32</Name>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\..\PInvoke\NtDll\Vanara.PInvoke.NtDll.csproj">
|
||||
<Project>{9e0c0dc0-e1b6-42a7-bd31-9a62eeada780}</Project>
|
||||
<Name>Vanara.PInvoke.NtDll</Name>
|
||||
|
|
|
|||
|
|
@ -1,7 +1,10 @@
|
|||
using NUnit.Framework;
|
||||
using NUnit.Framework.Constraints;
|
||||
using System;
|
||||
using System.Diagnostics;
|
||||
using System.Linq;
|
||||
using Vanara.Extensions;
|
||||
using Vanara.InteropServices;
|
||||
using static Vanara.PInvoke.NtDll;
|
||||
|
||||
namespace Vanara.PInvoke.Tests
|
||||
|
|
@ -54,5 +57,30 @@ namespace Vanara.PInvoke.Tests
|
|||
//Assert.That(Enum.IsDefined(typeof(SUBSYSTEM_INFORMATION_TYPE), psi.Value), Is.True);
|
||||
//TestContext.WriteLine($"SubSys: {psi.Value}");
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void GetCommandLineTest()
|
||||
{
|
||||
var randProc = System.Diagnostics.Process.GetProcesses().Where(p => p.ProcessName.StartsWith("devenv")).First();
|
||||
using var hProc = Kernel32.OpenProcess((uint)(Kernel32.ProcessAccess.PROCESS_QUERY_INFORMATION | Kernel32.ProcessAccess.PROCESS_VM_READ), false, (uint)randProc.Id);
|
||||
Assert.That(hProc, ResultIs.ValidHandle);
|
||||
|
||||
NtQueryResult<PROCESS_BASIC_INFORMATION> info = null;
|
||||
Assert.That(() => info = NtQueryInformationProcess<PROCESS_BASIC_INFORMATION>(hProc, PROCESSINFOCLASS.ProcessBasicInformation), Throws.Nothing);
|
||||
Assert.That(info, Is.Not.Null);
|
||||
Assert.That(info.AsRef().PebBaseAddress, Is.Not.EqualTo(IntPtr.Zero));
|
||||
|
||||
using var pebPtr = new SafeHGlobalStruct<PEB>();
|
||||
Assert.That(Kernel32.ReadProcessMemory(hProc, info.AsRef().PebBaseAddress, pebPtr, pebPtr.Size, out var pebSzRead), ResultIs.Successful);
|
||||
Assert.That(pebSzRead, Is.LessThanOrEqualTo(pebPtr.Size));
|
||||
|
||||
using var rtlUserParamsPtr = new SafeHGlobalStruct<RTL_USER_PROCESS_PARAMETERS>();
|
||||
Assert.That(Kernel32.ReadProcessMemory(hProc, pebPtr.Value.ProcessParameters, rtlUserParamsPtr, rtlUserParamsPtr.Size, out var rtlUserParamsRead), ResultIs.Successful);
|
||||
Assert.That(rtlUserParamsRead, Is.LessThanOrEqualTo(rtlUserParamsPtr.Size));
|
||||
var rtlUser = rtlUserParamsPtr.Value;
|
||||
Assert.That(rtlUser.ImagePathName.Length, Is.GreaterThan(0));
|
||||
StringAssert.StartsWith("C:\\", rtlUser.ImagePathName.ToString());
|
||||
TestContext.WriteLine($"Img: {rtlUser.ImagePathName}; CmdLine: {rtlUser.CommandLine}");
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue