还是学习VLD2.X版本看到的:
在Windows XP及之前的操作系统没有提供GetProcessIdOfThread的API,这里给出了一个替代的实现方式:
头文件:
#if _WIN32_WINNT < 0x0600 // Windows XP or earlier, no GetProcessIdOfThread()
DWORD _GetProcessIdOfThread (HANDLE thread);
#define GetProcessIdOfThread _GetProcessIdOfThread
#endif
源文件:
通过NtQueryInformationThread函数获取:
DWORD _GetProcessIdOfThread (HANDLE thread)
{
typedef struct _CLIENT_ID {
HANDLE UniqueProcess;
HANDLE UniqueThread;
} CLIENT_ID, *PCLIENT_ID;
typedef LONG NTSTATUS;
typedef LONG KPRIORITY;
typedef struct _THREAD_BASIC_INFORMATION {
NTSTATUS ExitStatus;
PVOID TebBaseAddress;
CLIENT_ID ClientId;
KAFFINITY AffinityMask;
KPRIORITY Priority;
KPRIORITY BasePriority;
} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
const static THREADINFOCLASS ThreadBasicInformation = (THREADINFOCLASS)0;
typedef NTSTATUS (WINAPI *PNtQueryInformationThread) (HANDLE thread,
THREADINFOCLASS infoclass, PVOID buffer, ULONG buffersize,
PULONG used);
static PNtQueryInformationThread NtQueryInformationThread = NULL;
THREAD_BASIC_INFORMATION tbi;
NTSTATUS status;
if (NtQueryInformationThread == NULL) {
HMODULE ntdll = GetModuleHandleW(L"ntdll.dll");
if (ntdll)
{
NtQueryInformationThread = (PNtQueryInformationThread)GetProcAddress(ntdll, "NtQueryInformationThread");
}
if (NtQueryInformationThread == NULL) {
return 0;
}
}
status = NtQueryInformationThread(thread, ThreadBasicInformation, &tbi, sizeof(tbi), NULL);
if(status < 0) {
// Shall we go through all the trouble of setting last error?
return 0;
}
return (DWORD)tbi.ClientId.UniqueProcess;
}