Wow64 环境检测

最新推荐文章于 2024-05-05 22:31:22 发布

songbei6

最新推荐文章于 2024-05-05 22:31:22 发布

阅读量1.2k

点赞数

文章标签： windows

本文链接：https://blog.csdn.net/songbei6/article/details/105234069

版权

1、使用 IsWow64Process2

说明

Determines whether the specified process is running under WOW64; also returns additional machine process and architecture information.

语法

BOOL IsWow64Process2(
 HANDLE hProcess,
 USHORT *pProcessMachine,
 USHORT *pNativeMachine
);

参数

hProcess

A handle to the process. The handle must have the PROCESS_QUERY_INFORMATION or PROCESS_QUERY_LIMITED_INFORMATION access right. For more information, see Process Security and Access Rights.

pProcessMachine

On success, returns a pointer to an IMAGE_FILE_MACHINE_* value. The value will be IMAGE_FILE_MACHINE_UNKNOWN if the target process is not a WOW64 process; otherwise, it will identify the type of WoW process.

pNativeMachine

On success, returns a pointer to a possible IMAGE_FILE_MACHINE_* value identifying the native architecture of host system.

Return Value

If the function succeeds, the return value is a nonzero value.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

IsWow64Process2 provides an improved direct replacement for IsWow64Process. In addition to determining if the specified process is running under WOW64, IsWow64Process2 returns the following information:

Whether the target process, specified by hProcess, is running under Wow or not.
The architecture of the target process.
Optionally, the architecture of the host system.

Requirements

Minimum supported client	Windows 10, version 1511 [desktop apps \| UWP apps]
Minimum supported server	Windows Server 2016 [desktop apps \| UWP apps]

例子：

USHORT uProcessMachine = 0;
USHORT uNativeMachine = 0;
if (IsWow64Process2(GetCurrentProcess(), &uProcessMachine, &uNativeMachine))
{
    std::cout << std::hex << "uProcessMachine: 0x" << uProcessMachine << std::endl;
    std::cout << std::hex << "uNativeMachine: 0x" << uNativeMachine << std::endl;
}

2、使用 IsWow64Process

代码


// hProcess 如果参数为null,INVALID_HANDLE_VALUE 函数将使用 GetCurrentProcess
// Wow64Process指向一个bool值，
// 如果该进程是32位进程，运行在64操作系统下，该值为true，否则为false。
// 如果该进程是一个64位应用程序，运行在64位系统上，该值也被设置为false。
// 返回值：如果函数成功返回值为非零值。
// 如果该函数失败，则返回值为零。要获取扩展的错误的信息，请调用GetLastError.
BOOL IsWow64Process(__in HANDLE hProcess, __out PBOOL Wow64Process)
{
    if (INVALID_HANDLE_VALUE == hProcess || nullptr == hProcess)
        hProcess = ::GetCurrentProcess();

    BOOL bRet = FALSE;
    HMODULE hKernel32 = NULL;
    typedef BOOL(WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);

    do
    {
        hKernel32 = ::LoadLibrary(TEXT("Kernel32.dll"));
        if (NULL == hKernel32)
            break;

        LPFN_ISWOW64PROCESS lpIsWow64Process = (LPFN_ISWOW64PROCESS)::GetProcAddress(hKernel32, "IsWow64Process");
        if (NULL == lpIsWow64Process)
            break;

        bRet = lpIsWow64Process(hProcess, Wow64Process);

    } while (FALSE);

    if (NULL != hKernel32)
        ::FreeLibrary(hKernel32);

    return bRet;
}

songbei6

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Wow64 环境检测

1、使用 IsWow64Process2说明Determines whether the specified process is running under WOW64; also returns additional machine process and architecture information.语法BOOL IsWow64Process2( HANDLE hProcess...
复制链接

扫一扫