How to find which process has a file descriptor from file name

Question

How to find which process has a file descriptor from file name

Is there anything in the C ++ API for Windows to give me a list of processes that have a given file descriptor?

+6

c ++ winapi

Sriram subramanian Aug 3 '11 at 19:14

source share

2 answers

user852830 · Answer 1 · 2011-08-03T21:07:59+0000

http://www.codeproject.com/KB/shell/OpenedFileFinder.aspx?fid=422864&df=90&mpp=25&noise=3&sort=Position&view=Quick&fr=26&select=2277170

This article explains this pretty well. It uses NtQuerySystemInformation to get descriptors.

http://msdn.microsoft.com/en-us/library/ms724509(VS.85).aspx

bit2shift · Answer 2 · 2016-03-30T06:03:09+0000

From the Microsoft blog: How do I know which process is open for a file?

Enter Restart Manager .

The official goal of Restart Manager is to help disable and restart applications that use the file you want to update. To do this, he needs to keep track of which processes contain file links. And its database, which is used here. (Why does the kernel track which processes open the file? Because you don’t need its appeal to the principle of not tracking information: now it needs information!)

Here is a simple program that takes the file name on the command line and shows which processes open the file.

#include <windows.h> #include <RestartManager.h> #include <stdio.h> int __cdecl wmain(int argc, WCHAR **argv) { DWORD dwSession; WCHAR szSessionKey[CCH_RM_SESSION_KEY+1] = { 0 }; DWORD dwError = RmStartSession(&dwSession, 0, szSessionKey); wprintf(L"RmStartSession returned %d\n", dwError); if (dwError == ERROR_SUCCESS) { PCWSTR pszFile = argv[1]; dwError = RmRegisterResources(dwSession, 1, &pszFile, 0, NULL, 0, NULL); wprintf(L"RmRegisterResources(%ls) returned %d\n", pszFile, dwError); if (dwError == ERROR_SUCCESS) { DWORD dwReason; UINT i; UINT nProcInfoNeeded; UINT nProcInfo = 10; RM_PROCESS_INFO rgpi[10]; dwError = RmGetList(dwSession, &nProcInfoNeeded, &nProcInfo, rgpi, &dwReason); wprintf(L"RmGetList returned %d\n", dwError); if (dwError == ERROR_SUCCESS) { wprintf(L"RmGetList returned %d infos (%d needed)\n", nProcInfo, nProcInfoNeeded); for (i = 0; i < nProcInfo; i++) { wprintf(L"%d.ApplicationType = %d\n", i, rgpi[i].ApplicationType); wprintf(L"%d.strAppName = %ls\n", i, rgpi[i].strAppName); wprintf(L"%d.Process.dwProcessId = %d\n", i, rgpi[i].Process.dwProcessId); HANDLE hProcess = OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, rgpi[i].Process.dwProcessId); if (hProcess) { FILETIME ftCreate, ftExit, ftKernel, ftUser; if (GetProcessTimes(hProcess, &ftCreate, &ftExit, &ftKernel, &ftUser) && CompareFileTime(&rgpi[i].Process.ProcessStartTime, &ftCreate) == 0) { WCHAR sz[MAX_PATH]; DWORD cch = MAX_PATH; if (QueryFullProcessImageNameW(hProcess, 0, sz, &cch) && cch <= MAX_PATH) { wprintf(L" = %ls\n", sz); } } CloseHandle(hProcess); } } } } RmEndSession(dwSession); } return 0; }

How to find which process has a file descriptor from file name

More articles: