Skip to content

Commit

Permalink
Improve process AppId column (now shows the real AppUserModelId for a…
Browse files Browse the repository at this point in the history 
…ll processes)
  • Loading branch information
@dmex
dmex committed Jan 19, 2018
1 parent 6fa0c7f commit 1573163
Showing 1 changed file with 67 additions and 60 deletions.
127 changes: 67 additions & 60 deletions ProcessHacker/proctree.c
View file
Expand Up @@ -31,6 +31,7 @@
#include <phapp.h>
#include <proctree.h>

#include <appresolver.h>
#include <cpysave.h>
#include <emenu.h>
#include <mapimg.h>
Expand Down Expand Up @@ -1125,71 +1126,77 @@ static VOID PhpUpdateProcessNodeAppId(
if (!(ProcessNode->ValidMask & PHPN_APPID))
{
ULONG windowFlags;
PPH_STRING windowTitle;
PPH_STRING applicationUserModelId;

PhClearReference(&ProcessNode->AppIdText);

if (ProcessNode->ProcessItem->QueryHandle)
if (PhAppResolverGetAppIdForProcess(ProcessNode->ProcessItem->ProcessId, &applicationUserModelId))
{
//if (WindowsVersion >= WINDOWS_8 && ProcessNode->ProcessItem->IsImmersive)
//{
// HANDLE tokenHandle;
// PTOKEN_SECURITY_ATTRIBUTES_INFORMATION info;
//
// if (NT_SUCCESS(PhOpenProcessToken(
// ProcessNode->ProcessItem->QueryHandle,
// TOKEN_QUERY,
// &tokenHandle
// )))
// {
// // rev from GetApplicationUserModelId
// if (NT_SUCCESS(PhQueryTokenVariableSize(tokenHandle, TokenSecurityAttributes, &info)))
// {
// for (ULONG i = 0; i < info->AttributeCount; i++)
// {
// static UNICODE_STRING attributeNameUs = RTL_CONSTANT_STRING(L"WIN://SYSAPPID");
// PTOKEN_SECURITY_ATTRIBUTE_V1 attribute = &info->Attribute.pAttributeV1[i];
//
// if (RtlEqualUnicodeString(&attribute->Name, &attributeNameUs, FALSE))
// {
// if (attribute->ValueType == TOKEN_SECURITY_ATTRIBUTE_TYPE_STRING)
// {
// PPH_STRING attributeValue1;
// PPH_STRING attributeValue2;
//
// attributeValue1 = PH_AUTO(PhCreateStringFromUnicodeString(&attribute->Values.pString[1]));
// attributeValue2 = PH_AUTO(PhCreateStringFromUnicodeString(&attribute->Values.pString[2]));
//
// ProcessNode->AppIdText = PhConcatStrings(
// 3,
// attributeValue2->Buffer,
// L"!",
// attributeValue1->Buffer
// );
//
// break;
// }
// }
// }
//
// PhFree(info);
// }
//
// NtClose(tokenHandle);
// }
//}
//else

if (NT_SUCCESS(PhGetProcessWindowTitle(
ProcessNode->ProcessItem->QueryHandle,
&windowFlags,
&windowTitle
)))
ProcessNode->AppIdText = applicationUserModelId;
}
else
{
if (ProcessNode->ProcessItem->QueryHandle)
{
if (windowFlags & STARTF_TITLEISAPPID)
ProcessNode->AppIdText = windowTitle;
else
PhDereferenceObject(windowTitle);
if (NT_SUCCESS(PhGetProcessWindowTitle(
ProcessNode->ProcessItem->QueryHandle,
&windowFlags,
&applicationUserModelId
)))
{
if (windowFlags & STARTF_TITLEISAPPID)
ProcessNode->AppIdText = applicationUserModelId;
else
PhDereferenceObject(applicationUserModelId);
}

//if (WindowsVersion >= WINDOWS_8 && ProcessNode->ProcessItem->IsImmersive)
//{
// HANDLE tokenHandle;
// PTOKEN_SECURITY_ATTRIBUTES_INFORMATION info;
//
// if (NT_SUCCESS(PhOpenProcessToken(
// ProcessNode->ProcessItem->QueryHandle,
// TOKEN_QUERY,
// &tokenHandle
// )))
// {
// // rev from GetApplicationUserModelId
// if (NT_SUCCESS(PhQueryTokenVariableSize(tokenHandle, TokenSecurityAttributes, &info)))
// {
// for (ULONG i = 0; i < info->AttributeCount; i++)
// {
// static UNICODE_STRING attributeNameUs = RTL_CONSTANT_STRING(L"WIN://SYSAPPID");
// PTOKEN_SECURITY_ATTRIBUTE_V1 attribute = &info->Attribute.pAttributeV1[i];
//
// if (RtlEqualUnicodeString(&attribute->Name, &attributeNameUs, FALSE))
// {
// if (attribute->ValueType == TOKEN_SECURITY_ATTRIBUTE_TYPE_STRING)
// {
// PPH_STRING attributeValue1;
// PPH_STRING attributeValue2;
//
// attributeValue1 = PH_AUTO(PhCreateStringFromUnicodeString(&attribute->Values.pString[1]));
// attributeValue2 = PH_AUTO(PhCreateStringFromUnicodeString(&attribute->Values.pString[2]));
//
// ProcessNode->AppIdText = PhConcatStrings(
// 3,
// attributeValue2->Buffer,
// L"!",
// attributeValue1->Buffer
// );
//
// break;
// }
// }
// }
//
// PhFree(info);
// }
//
// NtClose(tokenHandle);
// }
//}
}
}

Expand Down

0 comments on commit 1573163

Please sign in to comment.