IsWow64Process PROCESS_QUERY_INFORMATION check on process handle
https://stackoverflow.com/questions/10713320
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Simple question, but is there a win32 API call to retrieve if a process handle has the PROCESS_QUERY_INFORMATION access flag in order to successfully call IsWow64Process? AccessCheck Function - MSDN seems like it'd work but I'm not sure if that's checking the same sort of flags.
Solution
Have a look at the NtQueryObject() function. Set its ObjectInformationClass parameter to ObjectBasicInformation to request the handle's PUBLIC_OBJECT_BASIC_INFORMATION struct, which has a GrantedAccess member of type ACCESS_MASK, which might contain PROCESS_QUERY_INFORMATION.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
