2

im trying to make a program witch will get command line of proces by a Process id. Im using eclipse c++ and mingw compiler

So i found a 1 tutorial how to do that, and it needs ntstatus so like in tutorial i included #include <ntstatus.h>

And i added first part of code what is: 

typedef NTSTATUS (NTAPI *_NtQueryInformationProcess)(
    HANDLE ProcessHandle,
    DWORD ProcessInformationClass,
    PVOID ProcessInformation,
    DWORD ProcessInformationLength,
    PDWORD ReturnLength
    );

And im gettig this 3 errors: 

expected primary-expression before '__attribute__

Type 'NTSTATUS' could not be resolved

typedef 'NTSTATUS' is initialized (use decltype instead)

On this line: typedef NTSTATUS (NTAPI *_NtQueryInformationProcess)(

I googled about this problem, and i colud not find it...

sashoalm
  • 75,001
  • 122
  • 434
  • 781
Dushan01
  • 29
  • 1
  • 4
  • Instead of using internal or undocumented or kernel API functions (whatever), consider just using e.g. wmic. E.g. `WMIC PROCESS WHERE Name="notepad.exe" GET CommandLine`. – Cheers and hth. - Alf Feb 05 '16 at 09:16
  • Ahh, im not so good in c++ so i dont even know what is wmic... – Dushan01 Feb 05 '16 at 09:20
  • That's a Windows command, typed in a command interpreter like cmd.exe or powershell.exe. It's short for Windows Management Isometing Csomethingelse. The functionality can also be accessed via COM and Automation interfaces (pure COM easiest for C++, Automation for script languages). – Cheers and hth. - Alf Feb 05 '16 at 09:20
  • Thanks bro, i got the process command line via: wmic process PROCESSID, if you want now go and post answer :) – Dushan01 Feb 05 '16 at 09:32
  • Your example compiles fine for me when I include ``, and at least it doesn't mind `NTSTATUS` when I include ``. What version of g++ are you using ? – ElderBug Feb 05 '16 at 10:09
  • Use mingw_w64 and #include winternl.h so you don't have to do any of this. – Hans Passant Feb 05 '16 at 12:12

2 Answers2

5

NTSTATUS is defined in

#include <winternl.h>

as

typedef _Return_type_success_(return >= 0) LONG NTSTATUS;

and its values are defined in

#include <ntstatus.h>
Hank Chang
  • 199
  • 2
  • 10
2

Thee also needs to be a _WIN32_WINNT defined, otherwise <winternl.h> will generate no code. My DLL project only spat Syntax error: NTSTATUS. How to fix:

#include <windows.h>
#include <winternl.h>
kellogs
  • 2,837
  • 3
  • 38
  • 51