Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how do I inspect a handle?

15 views
Skip to first unread message

sds

unread,
Oct 9, 2009, 1:10:18 PM10/9/09
to
Is there a way to "inspect" a handle?
E.g., how do I figure out if the handle is open for output or input?
POSIX offers fcntl(fd,F_GETFL,0) which returns a flag which contains
the access mode.
Note that I do not want to write to the handle or read from it
(because I do not want to pollute the terminal with test i/o).
thanks.

PS. Thanks to Remy Lebeau for answering my previous question about
FormatMessage

gleaves@hotmail.com > <hugh<underbar>

unread,
Oct 9, 2009, 2:47:03 PM10/9/09
to
Not sure of that info can be ascertained easily.

Why not look at this:

http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx

Let me know if this isn't sufficient, there may be some undocumented calls
NtXXX that can be used.

H

sds

unread,
Oct 9, 2009, 4:09:01 PM10/9/09
to
On Oct 9, 2:47 pm, Hugo glea...@hotmail.com> <hugh<underbar> wrote:
> Not sure of that info can be ascertained easily.
>
> Why not look at this:
> http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx

this is a binary, I need to get this info inside my source code

> Let me know if this isn't sufficient, there may be some undocumented calls
> NtXXX that can be used.

yes, please!

Remy Lebeau

unread,
Oct 9, 2009, 9:30:01 PM10/9/09
to

"sds" <sam.st...@gmail.com> wrote in message
news:2d585cbb-6b29-4cd4...@w19g2000yqk.googlegroups.com...

> this is a binary, I need to get this info inside my source code

Read the article again more carefully. It points you to information about
how the Handle app gets its information from the OS.

--
Remy Lebeau (TeamB)


gleaves@hotmail.com > <hugh<underbar>

unread,
Oct 10, 2009, 6:34:01 AM10/10/09
to
OK, I've done this in C code myself, if I recall correctly it can be a
problem doing it from a 32-bit process running under 64-bit OS, but is
otherwise OK.

You need to enumerate all processes in the machine
(NtQuerySystemInformation), and pass in SystemHandleInformation as the
argiument (this is a constant with value 16 decimal).

See here for more:

http://forum.sysinternals.com/forum_posts.asp?TID=18892

Pavel A.

unread,
Oct 10, 2009, 4:08:26 PM10/10/09
to

"sds" <sam.st...@gmail.com> wrote in message
news:85e704c4-cece-46d6...@b15g2000yqd.googlegroups.com...

> Is there a way to "inspect" a handle?
> E.g., how do I figure out if the handle is open for output or input?
> POSIX offers fcntl(fd,F_GETFL,0) which returns a flag which contains
> the access mode.
> Note that I do not want to write to the handle or read from it
> (because I do not want to pollute the terminal with test i/o).

Maybe NtQueryInformationFile with FileAccessInformation, FileNameInformation
is what you need.

--pa

sds

unread,
Oct 12, 2009, 2:45:15 PM10/12/09
to
On Oct 10, 4:08 pm, "Pavel A." <pave...@12fastmail34.fm> wrote:
> "sds" <sam.steing...@gmail.com> wrote in message

Indeed, this looks like what I need.
(http://msdn.microsoft.com/en-us/library/ms804359.aspx)
Alas, it does not quite work.
Specifically,
NtQueryInformationFile(1736,&iosb,(void*)&fai,sizeof
(fai),FileAccessInformation)
returns STATUS_SUCCESS(0), but
fai.AccessFlags(0x120196) & STANDARD_RIGHTS_READ(0x020000) is 1
so the system claims that I can read from the handle(1736, which is my
stdin).
However, when I actually try to read from it, I get error 5
(ERROR_ACCESS_DENIED).
I.e., NtQueryInformationFile fails to detect that the handle is not
valid for input.

m

unread,
Oct 14, 2009, 8:49:03 PM10/14/09
to
Remember that this info is volatile too. I doubt that this information is
actually useful to you in any case, but if you try to explain what you are
trying to do, we may be able to help better.

"sds" <sam.st...@gmail.com> wrote in message

news:07f91cce-7575-4324...@l9g2000yqi.googlegroups.com...

0 new messages