Archives For closehandle

I recently needed to get the command line arguments that an external process was started with (one that was not started by my application, svchost.exe to be specific) and found that the only way I could get this information was with Windows APIs. The API in question just returned pointers that references locations in the memory of the external process (which meant I could not use the .NET Marshal methods as they would treat the pointers as references to my own process’s memory – thanks to wj32 for helping me understand that) so I had to use the Windows API ReadProcessMemory. I will be posting my full example of how to get the command line parameters for an external process soon but for now I thought I would just post this .NET class I wrote that makes reading process memory a bit easier as it does all of the API work for you.

Continue Reading…