def get_process_image_path(proc_id):
"""
Return the full path of the PE image of the given process ID.
Raises a OSError exception on error.
"""
# get process handle
# PROCESS_QUERY_INFORMATION = 0x400
hproc = ctypes.windll.kernel32.OpenProcess(0x400, False, proc_id)
if not hproc:
raise ctypes.WinError()
# get image path
# MAX_PATH is 260 but we're using the Unicode variant of the API
max_length = 1024
length = ctypes.c_ulong(max_length)
buff = ctypes.create_unicode_buffer(max_length)
ctypes.windll.kernel32.SetLastError(0)
res = ctypes.windll.kernel32.QueryFullProcessImageNameW(
hproc, 0, buff, ctypes.byref(length))
error = ctypes.GetLastError()
ctypes.windll.kernel32.CloseHandle(hproc)
ctypes.windll.kernel32.SetLastError(error)
if not res:
raise ctypes.WinError()
return buff.value
评论列表
文章目录
