Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Thread ID to thread handle

1 view
Skip to first unread message

ZUBSoft

unread,
Oct 2, 1998, 3:00:00 AM10/2/98
to
Is it possible to get a thread handle from a thread id?

I have tried several ways:
- Calling DebugActiveProcess(), which sends you all the handles,
but there's no way how to stop the debugging (??), and when
the process calling DebugActiveProcess() terminates, the "debugged"
process is also terminated... ??

- I also tried just an brute-force handle enumeration, something like this:
(of course, this source is executed in the target process)

HANDLE hIter=(HANDLE)0;
DWORD dwFound=0;
DWORD dwCntThreads=pe.cntThreads; // pe.cntThreads is obtained by
TOOLHELP32, it's the tocal thread coun

while ((dwFound<dwCntThreads)&&((DWORD)hIter<0xffffffff)) {
printf("trying handle %lx",hIter);

if (GetThreadPriority(hIter)!=THREAD_PRIORITY_ERROR_RETURN) {
puts(" - found!");
dwFound++;
} else puts("");
hIter=(HANDLE)(((DWORD)hIter)+1);
}
dwTemp=dwCntThreads-dwFound;
if (dwFound<dwCntThreads) printf("# of threads not found: %lu",dwTemp);
else puts("All threads found!");

But there's at least one problem: the threads that are not opened by the
process
aren't found (usually the primary one...+more)

any solution?

thanx in advance

David
ZUB...@usa.net


Andy Lutomirski

unread,
Oct 3, 1998, 3:00:00 AM10/3/98
to
On NT5, OpenThread (in the September SDK) :-)

On NT4, hack the NtOpenThread routine.

On 9x, forget it.

Andy


Mike Taylor

unread,
Oct 3, 1998, 3:00:00 AM10/3/98
to
I'm trying to do the same thing under '95.

I want to suspend / resume all the threads in a process.

The best I've managed to do so far is:

DebugActiveProcess()
while( WaitForDebugEvent(&debug_event, ...))
{
....
ContinueDebugEvent()
}

Which will enumerate every thread in a process, filling a DEBUG_EVENT
structure with each thread's handle.

This works, but it's not the prettiest way to do it.
It also has the very unfortunate side-effect of attaching the process as a
child of this one.

Why is there no OpenThread() in windows 95 ?

All of the thread enumeration functions use thread-id's, and all the thread
manipulation functions use thread handles.
To do anything with threads belonging to alien processes, you need to
convert from thread-id to handle.
It looks like you can't do this under '95.

Anyone got any idea why ?


Andy Lutomirski wrote in message
<6v5jcs$1s8$1...@holly.prod.itd.earthlink.net>...

ZUBSoft

unread,
Oct 4, 1998, 3:00:00 AM10/4/98
to
>I'm trying to do the same thing under '95.
>
>I want to suspend / resume all the threads in a process.
>
>The best I've managed to do so far is:
>
> DebugActiveProcess()
> while( WaitForDebugEvent(&debug_event, ...))
> {
> ....
> ContinueDebugEvent()
> }
>
>Which will enumerate every thread in a process, filling a DEBUG_EVENT
>structure with each thread's handle.
>
>This works, but it's not the prettiest way to do it.
>It also has the very unfortunate side-effect of attaching the process as a
>child of this one.
>
>Why is there no OpenThread() in windows 95 ?
>
>All of the thread enumeration functions use thread-id's, and all the thread
>manipulation functions use thread handles.
>To do anything with threads belonging to alien processes, you need to
>convert from thread-id to handle.
>It looks like you can't do this under '95.
>
>Anyone got any idea why ?
>


I have an idea: The shitty M$ says it's cause of the system stability: you
shouldn't
control threads unless you have created 'em.

btw, the DebugActiveProcess() is the best, adn it would be ok, bet there's
no way
how to stop it - to stop the system from sending you the debug information.
It slows down
both the processes. And, the most serious side-effect, when your program
terminates,
the one you specified in DebugActiveProcess() is also terminated... :-((

David
ZUB...@usa.net


0 new messages