OpenProcess函数返回无效的句柄

Question

I'm working on an application that creates multiple desktops and gives the user the ability to start whatever applications he desires under the desktop he is currently using.

When that desktop is closed (using a combo key) I want close all applications opened under that desktop. In order to do this I enumarate all processes using the EnumProcesses function and retrive a handle based on every process identifier returned by EnumProcesses using OpenProcess function. Using GetThreadId I retrieve the thread identifier which is used as the parameter for GetThreadDesktop function and the returned handle is compared with the one from my desktop, so I can find out in which desktop the process runs.

At least in theory, this works, because for every process identifier, OpenProcess function returns an invalid handle for GetThreadId (error code 6). I'm running the application as administrator and I enable the SeDebugPrivilege privilege.

I don't understand why the returned handle is always invalid, here is the code that I use:

void iterateProcesses(HDESK threadDesktop)
{
    EnableDebugPriv(); // functions enables the SeDebugPrivilege privilege

    int found = 0;
    int wanted = 0;

    DWORD aProcesses[1024], cbNeeded, cProcesses;
    unsigned int i;

    EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded);
    cProcesses = cbNeeded / sizeof(DWORD);

    for (i = 0; i < cProcesses; i++)
    {
        if (aProcesses[i] != 0)
        {
            found++;
            if (GetThreadDesktop(checkProcess(aProcesses[i])) == threadDesktop)
            {
                wanted++;
            }
        }
    }

}

DWORD checkProcess(DWORD processID)
{
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, TRUE, processID);
    GetLastError(); // if in the manifest file under 'UAC execution level' 
    // the application does not requests for administrator rights
    // GetLastError() will return code 5 (access denied)

    DWORD dwThreadId = GetThreadId(hProcess);
    GetLastError(); // return code 6 (ERROR_INVALID_HANDLE)
    // dwThreadId returned is always 0 because the handle is not valid

    CloseHandle(hProcess);
    return dwThreadId;
}

Answer 1

Your error checking is wrong. Please read the documentation again. Only call GetLastError if the function failed.

It's reasonable that you will only be able to get all access to a process handle if you are executing elevated. But you do need to check the value returned by OpenProcess , as described in the documentation. Only proceed if that value indicates success. Otherwise, call GetLastError to find out why.

You are expected to pass a thread handle to GetThreadId . hProcess is a process handle. Hence the ERROR_INVALID_HANDLE error code. But again, you are not checking for errors properly. You must first check the return value, as stated in the documentation. Only if that indicates failure do you call GetLastError .

I'm not sure how you can expect to get a single thread from a process. Processes can, and do, have many threads. Indeed threads can be created and destroyed so perhaps the thread you are looking for is not there anymore. All the same, here's how to enumerate threads in a process: https://msdn.microsoft.com/en-us/library/windows/desktop/ms686852.aspx