Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

User-mode process id in kernel-mode

0 views
Skip to first unread message

is...@spam.com

unread,
Jan 27, 1998, 3:00:00 AM1/27/98
to

In user-mode I can get the a processes id with a call to
GetWindowThreadProcessId. How can I get to the corresponding
information in kernel-mode? Calling PsGetCurrentProcess will give
me a PETHREAD which probably contains this information. Is the
_ESTRUCT structure that the PETHREAD points to documented
anywhere? Are there any other options?

Robert W. Fuller

unread,
Jan 27, 1998, 3:00:00 AM1/27/98
to

I think you need to use PsGetCurrentProcessId() which is prototyped in
NTDDK.H. You will have to cast the return value to a ULONG since it is
declared to be a HANDLE.

0 new messages