调用API获取进程名——怎么显示中文进程名

我用NtQuerySystemInformation函数调用windows API获取进程信息，如果进程名是英文的可以正常显示，但是如果把某个进程名（例如把"notepad.exe"改为"not记事本.exe"）改了，显示的时候只能显示出not，怎么才能解决呢？显示"not记事本.exe"我的代码如下：
#ifndef T_PMLIST_H
#define T_PMLIST_H#include <windows.h>
#include <stdio.h>
#include <wchar.h>
#include <ctype.h>#define NT_PROCESSTHREAD_INFO        0x05
#define MAX_INFO_BUF_LEN             0x500000
#define STATUS_SUCCESS               ((NTSTATUS)0x00000000L)
#define STATUS_INFO_LENGTH_MISMATCH  ((NTSTATUS)0xC0000004L)typedef LONG NTSTATUS;typedef struct _LSA_UNICODE_STRING
{
    USHORT  Length;
    USHORT  MaximumLength;
    PWSTR   Buffer;
}LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
typedef LSA_UNICODE_STRING UNICODE_STRING, *PUNICODE_STRING;typedef struct _CLIENT_ID
{
    HANDLE UniqueProcess;
    HANDLE UniqueThread;
}CLIENT_ID;
typedef CLIENT_ID *PCLIENT_ID;typedef LONG KPRIORITY;typedef struct _VM_COUNTERS
{
    ULONG PeakVirtualSize;
    ULONG VirtualSize;
    ULONG PageFaultCount;
    ULONG PeakWorkingSetSize;
    ULONG WorkingSetSize;
    ULONG QuotaPeakPagedPoolUsage;
    ULONG QuotaPagedPoolUsage;
    ULONG QuotaPeakNonPagedPoolUsage;
    ULONG QuotaNonPagedPoolUsage;
    ULONG PagefileUsage;
    ULONG PeakPagefileUsage;
}VM_COUNTERS,*PVM_COUNTERS;typedef struct _IO_COUNTERS
{
    LARGE_INTEGER ReadOperationCount;
    LARGE_INTEGER WriteOperationCount;
    LARGE_INTEGER OtherOperationCount;
    LARGE_INTEGER ReadTransferCount;
    LARGE_INTEGER WriteTransferCount;
    LARGE_INTEGER OtherTransferCount;
}IO_COUNTERS,*PIO_COUNTERS;typedef enum _THREAD_STATE
{
    StateInitialized,
    StateReady,
    StateRunning,
    StateStandby,
    StateTerminated,
    StateWait,
    StateTransition,
    StateUnknown
}THREAD_STATE;typedef enum _KWAIT_REASON
{
    Executive,
    FreePage,
    PageIn,
    PoolAllocation,
    DelayExecution,
    Suspended,
    UserRequest,
    WrExecutive,
    WrFreePage,
    WrPageIn,
    WrPoolAllocation,
    WrDelayExecution,
    WrSuspended,
    WrUserRequest,
    WrEventPair,
    WrQueue,
    WrLpcReceive,
    WrLpcReply,
    WrVertualMemory,
    WrPageOut,
    WrRendezvous,
    Spare2,
    Spare3,
    Spare4,
    Spare5,
    Spare6,
    WrKernel
}KWAIT_REASON;typedef struct _SYSTEM_THREADS
{
    LARGE_INTEGER KernelTime;
    LARGE_INTEGER UserTime;
    LARGE_INTEGER CreateTime;
    ULONG         WaitTime;
    PVOID         StartAddress;
    CLIENT_ID     ClientId;
    KPRIORITY     Priority;
    KPRIORITY     BasePriority;
    ULONG         ContextSwitchCount;
    THREAD_STATE  State;
    KWAIT_REASON  WaitReason;
}SYSTEM_THREADS,*PSYSTEM_THREADS;typedef struct _SYSTEM_PROCESSES
{
    ULONG          NextEntryDelta;
    ULONG          ThreadCount;
    ULONG          Reserved1[6];
    LARGE_INTEGER  CreateTime;
    LARGE_INTEGER  UserTime;
    LARGE_INTEGER  KernelTime;
    UNICODE_STRING ProcessName;
    KPRIORITY      BasePriority;
    ULONG          ProcessId;
    ULONG          InheritedFromProcessId;
    ULONG          HandleCount;
    ULONG          Reserved2[2];
    VM_COUNTERS    VmCounters;
    IO_COUNTERS    IoCounters;
    SYSTEM_THREADS Threads[1];
}SYSTEM_PROCESSES,*PSYSTEM_PROCESSES;typedef DWORD    SYSTEM_INFORMATION_CLASS;
typedef NTSTATUS (__stdcall *NTQUERYSYSTEMINFORMATION)
                 (IN     SYSTEM_INFORMATION_CLASS,
            IN OUT PVOID,
            IN     ULONG,
            OUT    PULONG OPTIONAL);
NTQUERYSYSTEMINFORMATION NtQuerySystemInformation;char msgret[30000];DWORD EnumProcess()
{
    PSYSTEM_PROCESSES  pSystemProc;
    HMODULE            hNtDll         = NULL;
    LPVOID             lpSystemInfo   = NULL;
    DWORD              dwNumberBytes  = MAX_INFO_BUF_LEN;
    DWORD              dwTotalProcess = 0;
    DWORD              dwReturnLength;
    NTSTATUS           Status;
    LONGLONG           llTempTime;

    char name[5000];
    __try
    {
        hNtDll = LoadLibrary("NtDll.dll");
               if(hNtDll == NULL)
        {
                    printf("LoadLibrary Error: %d\n",GetLastError());
               __leave;
        }        NtQuerySystemInformation = (NTQUERYSYSTEMINFORMATION)GetProcAddress(hNtDll,"NtQuerySystemInformation");
              if(NtQuerySystemInformation == NULL)
        {
               printf("GetProcAddress for NtQuerySystemInformation Error: %d\n",GetLastError());
                __leave;
        }        lpSystemInfo = (LPVOID)malloc(dwNumberBytes);
        Status = NtQuerySystemInformation(NT_PROCESSTHREAD_INFO,
                                       lpSystemInfo,
                            dwNumberBytes,
                            &dwReturnLength);
        if(Status == STATUS_INFO_LENGTH_MISMATCH)
        {
            printf("STATUS_INFO_LENGTH_MISMATCH\n");
            __leave;
        }
        else if(Status != STATUS_SUCCESS)
        {
            printf("NtQuerySystemInformation Error: %d\n",GetLastError());
            __leave;
        }
        pSystemProc = (PSYSTEM_PROCESSES)lpSystemInfo;
        while(pSystemProc->NextEntryDelta != 0)//循环获得进程信息
        {
            strcat(msgret,"name=");
            if(pSystemProc->ProcessId != 0)
            {
                //wprintf(L"%-20s",pSystemProc->ProcessName.Buffer);
            sprintf(name, "%S",pSystemProc->ProcessName.Buffer);
            strcat(msgret,name);
            strcat(msgret,",");
            }
            else
            {
                //wprintf(L"%-20s",L"System Idle Process");

            sprintf(name,"%s","System Idle Process");
            strcat(msgret,"System Idle Process");
            strcat(msgret,",");
            }
            printf("\n");
            dwTotalProcess ++;
            pSystemProc = (PSYSTEM_PROCESSES)((char *)pSystemProc + pSystemProc->NextEntryDelta);
        }    }
    __finally
    {
        if(lpSystemInfo != NULL)
        {
            free(lpSystemInfo);
        }
        if(hNtDll != NULL)
        {
               FreeLibrary(hNtDll);
        }
    }    return 0;
}VOID Start()
{
    printf("T-PMList, by TOo2y\n");
    printf("E-mail: [email protected]\n");
    printf("HomePage: www.safechina.net\n");
    printf("Date: 05-10-2003\n\n");
    return ;
}VOID Usage()
{
    printf("Usage:\tT-PMList  [-e] | [-s PID]\n");
    printf("  -e\t  Enumerate All Processes\n");
    printf("  -s PID  Show Special Process Information with PID\n\n");
    return ;
}#endifint main()
{
    EnumProcess();
    printf("%s",msgret);
    return 0;
}

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

分析代码，是Unicode的问题
pSystemProc->ProcessName.Buffer 返回的是UNICODE string
而以下处理字符串的函数都是用于char *的所以，遇\0则结束字符串，中文肯定无法显示sprintf(name, "%S",pSystemProc->ProcessName.Buffer);
strcat(msgret,name);
strcat(msgret,",");以上代码作如下改动LPTSTR pname=new TCHAR[pSystemProc->ProcessName.Length+1];
memset(pname,0,sizeof(TCHAR)*(pSystemProc->ProcessName.Length+1));
WideCharToMultiByte( CP_ACP, 0, pSystemProc->ProcessName.Buffer, -1,
pname,pSystemProc->ProcessName.Length+1, NULL, NULL );sprintf(name, "%s",pname);
strcat(msgret,name);
strcat(msgret,",");
delete [] pname;
经过测试，正确显示了中文name=name=System,name=smss.exe,name=csrss.exe,name=winlogon.exe,name=services.ex
e,name=lsass.exe,name=svchost.exe,name=svchost.exe,name=svchost.exe,name=svchost
.exe,name=svchost.exe,name=spoolsv.exe,name=explorer.exe,name=fpdisp5a.exe,name=
inetinfo.exe,name=daemon.exe,name=magentservice.exe,name=ctfmon.exe,name=wcescom
m.exe,name=sqlmangr.exe,name=rapimgr.exe,name=mdm.exe,name=sqlservr.exe,name=wdf
mgr.exe,name=mssearch.exe,name=alg.exe,name=wscntfy.exe,name=conime.exe,name=svc
host.exe,name=msnmsgr.exe,name=iexplore.exe,name=OUTLOOK.EXE,name=JMC_WM.exe,nam
e=iexplore.exe,name=XDICT.EXE,name=devenv.exe,name=WINWORD.EXE,name=cmd.exe,name
=WCESMgr.exe,name=dexplore.exe,name=iexplore.exe,name=复件 notepad.exe,name=hh.e
xe,
我也用widechartomultibyte写出来了
WideCharToMultiByte( CP_ACP, 0, pSystemProc->ProcessName.Buffer, -1,
        name, 256, NULL, NULL );呵呵，还是很感谢你哈，分以发出，查收，希望以后常帮忙哦