mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

fix

This commit is contained in:
love-code-yeyixiao 2024-05-18 14:02:48 +08:00
parent 48ec5952b8
commit 0346d454c6
1 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Sandboxie/apps/start/start.cpp
View File

@ -1937,6 +1937,12 @@ __kernel_entry NTSTATUS
IN ULONG ProcessInformationLength, IN ULONG ProcessInformationLength,
OUT PULONG ReturnLength OPTIONAL OUT PULONG ReturnLength OPTIONAL
); );
typedef BOOL (*QFPIN)(
HANDLE hProcess,
DWORD dwFlags,
LPTSTR lpExeName,
PDWORD lpdwSize
);
DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD ErrCodeForBuffer) { DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD ErrCodeForBuffer) {
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, ProcessID); HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, ProcessID);
@ -1957,7 +1963,18 @@ DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD
CloseHandle(hProcess); CloseHandle(hProcess);
return 0; return 0;
} }
HMODULE hKer32 = GetModuleHandle(L"kernel32.dll");
if (!hKer32) {
CloseHandle(hProcess);
return 0;
}
QFPIN _QueryFullProcessImageNameW = (QFPIN)GetProcAddress(hKer32, "QueryFullProcessImageNameW");
if (!_QueryFullProcessImageNameW) {
CloseHandle(hProcess);
return 0;
}
PROCESS_BASIC_INFORMATION pbi; PROCESS_BASIC_INFORMATION pbi;
NTSTATUS status = _NtQueryInformationProcess( NTSTATUS status = _NtQueryInformationProcess(
hProcess, hProcess,
@ -1974,9 +1991,9 @@ DWORD GetParentPIDAndName(DWORD ProcessID, LPTSTR lpszBuffer_Parent_Name, PDWORD
HANDLE hParentProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwParentID); HANDLE hParentProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwParentID);
if (hParentProcess) { if (hParentProcess) {
//DWORD bufs; DWORD bufs;
BOOL ret = GetProcessImageFileNameW(hParentProcess, lpszBuffer_Parent_Name, 255); BOOL ret = _QueryFullProcessImageNameW(hParentProcess, 0,lpszBuffer_Parent_Name,&bufs);