Add flag for getting command line arguments of processes

binding.gyp

@@ -5,7 +5,8 @@
       "sources": [
         "src/addon.cc",
         "src/process.cc",
-        "src/worker.cc"
+        "src/worker.cc",
+        "src/process_commandline.cc"
       ],
       "include_dirs": [
         "<!(node -e \"require('nan')\")"

lib/index.ts

@@ -8,7 +8,8 @@ import { IProcessInfo, IProcessTreeNode, IProcessCpuInfo } from 'windows-process
 
 export enum ProcessDataFlag {
   None = 0,
-  Memory = 1
+  Memory = 1,
+  CommandLine = 2
 }
 
 interface  IRequest {
@@ -41,6 +42,7 @@ function buildProcessTree( rootPid: number, processList: IProcessInfo[]): IProce
     pid: rootProcess.pid,
     name: rootProcess.name,
     memory: rootProcess.memory,
+    commandLine: rootProcess.commandLine,
     children: childIndexes.map(c => buildProcessTree(c.pid, processList))
   };
 }

lib/test.ts

@@ -68,6 +68,19 @@ describe('getRawProcessList', () => {
       }, ProcessDataFlag.Memory);
     }, ProcessDataFlag.None);
   });
+
+  it('should return command line information only when the flag is set', (done) => {
+    // commandLine should be undefined when flag is not set
+    native.getProcessList((list) => {
+      assert.equal(list.every(p => p.commandLine === undefined), true);
+
+      // commandLine should be a string when flag is set
+      native.getProcessList((list) => {
+        assert.equal(list.every(p => typeof p.commandLine === 'string'), true);
+        done();
+      }, ProcessDataFlag.CommandLine);
+    }, ProcessDataFlag.None);
+  });
 });
 
 describe('getProcessList', () => {
@@ -89,6 +102,7 @@ describe('getProcessList', () => {
       assert.equal(list[0].name, 'node.exe');
       assert.equal(list[0].pid, process.pid);
       assert.equal(list[0].memory, undefined);
+      assert.equal(list[0].commandLine, undefined);
       done();
     });
   });
@@ -103,6 +117,19 @@ describe('getProcessList', () => {
     }, ProcessDataFlag.Memory);
   });
 
+  it('should return command line information only if the flag is set', (done) => {
+    getProcessList(process.pid, (list) => {
+      assert.equal(list.length, 1);
+      assert.equal(list[0].name, 'node.exe');
+      assert.equal(list[0].pid, process.pid);
+      assert.equal(typeof list[0].commandLine, 'string');
+      // CommandLine is "<path to node> <path to mocha> lib/test.js"
+      assert.equal(list[0].commandLine.indexOf('mocha') > 0, true);
+      assert.equal(list[0].commandLine.indexOf('lib/test.js') > 0, true);
+      done();
+    }, ProcessDataFlag.CommandLine);
+  });
+
   it('should return a list containing this process\'s child processes', done => {
     cps.push(child_process.spawn('cmd.exe'));
     pollUntil(() => {
@@ -162,6 +189,7 @@ describe('getProcessTree', () => {
       assert.equal(tree.name, 'node.exe');
       assert.equal(tree.pid, process.pid);
       assert.equal(tree.memory, undefined);
+      assert.equal(tree.commandLine, undefined);
       assert.equal(tree.children.length, 0);
       done();
     });
@@ -177,6 +205,16 @@ describe('getProcessTree', () => {
     }, ProcessDataFlag.Memory);
   });
 
+  it('should return a tree containing this process\'s command line if the flag is set', done => {
+    getProcessTree(process.pid, (tree) => {
+      assert.equal(tree.name, 'node.exe');
+      assert.equal(tree.pid, process.pid);
+      assert.equal(typeof tree.commandLine, 'string');
+      assert.equal(tree.children.length, 0);
+      done();
+    }, ProcessDataFlag.CommandLine);
+  });
+
   it('should return a tree containing this process\'s child processes', done => {
     cps.push(child_process.spawn('cmd.exe'));
     pollUntil(() => {

src/process.cc

@@ -4,6 +4,7 @@
  *--------------------------------------------------------------------------------------------*/
 
 #include "process.h"
+#include "process_commandline.h"
 
 #include <tlhelp32.h>
 #include <psapi.h>
@@ -27,6 +28,10 @@ void GetRawProcessList(ProcessInfo process_info[1024], uint32_t* process_count,
           GetProcessMemoryUsage(process_info, process_count);
         }
 
+        if (COMMANDLINE & *process_data_flags) {
+          GetProcessCommandLine(process_info, process_count);
+        }
+
         strcpy(process_info[*process_count].name, process_entry.szExeFile);
         (*process_count)++;
       }

src/process.h

@@ -21,11 +21,13 @@ struct ProcessInfo {
   DWORD pid;
   DWORD ppid;
   DWORD memory; // Reported in bytes
+  TCHAR commandLine[512];
 };
 
 enum ProcessDataFlags {
   NONE = 0,
-  MEMORY = 1
+  MEMORY = 1,
+  COMMANDLINE = 2
 };
 
 void GetRawProcessList(ProcessInfo process_info[1024], uint32_t* process_count, DWORD* flags);

src/process_commandline.cc

@@ -0,0 +1,79 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+#include "process.h"
+#include "process_commandline.h"
+#include <windows.h>
+#include <winternl.h>
+#include <psapi.h>
+
+bool GetProcessCommandLine(ProcessInfo process_info[1024], uint32_t *process_count) {
+  pfnNtQueryInformationProcess gNtQueryInformationProcess = (pfnNtQueryInformationProcess)GetProcAddress(
+      GetModuleHandleA("ntdll.dll"), "NtQueryInformationProcess");
+
+  PPROCESS_BASIC_INFORMATION pbi = NULL;
+  PEB peb = {NULL};
+  RTL_USER_PROCESS_PARAMETERS process_parameters = {NULL};
+
+  // Get process handle
+  DWORD pid = process_info[*process_count].pid;
+  HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pid);
+  if (hProcess == INVALID_HANDLE_VALUE) {
+    return FALSE;
+  }
+
+  // Get process basic information
+  HANDLE heap = GetProcessHeap();
+  DWORD pbi_size = sizeof(PROCESS_BASIC_INFORMATION);
+  pbi = (PROCESS_BASIC_INFORMATION *)HeapAlloc(heap, HEAP_ZERO_MEMORY, pbi_size);
+  if (!pbi) {
+    CloseHandle(hProcess);
+    return FALSE;
+  }
+
+  // Get Process Environment Block (PEB)
+  DWORD size_needed;
+  NTSTATUS status = gNtQueryInformationProcess(hProcess, ProcessBasicInformation, pbi, pbi_size, &size_needed);
+  if (status >= 0 && pbi->PebBaseAddress) {
+
+    // Read PEB
+    SIZE_T bytes_read;
+    if (ReadProcessMemory(hProcess, pbi->PebBaseAddress, &peb, sizeof(peb), &bytes_read)) {
+
+      // Read the processs parameters
+      bytes_read = 0;
+      if (ReadProcessMemory(hProcess, peb.ProcessParameters, &process_parameters, sizeof(RTL_USER_PROCESS_PARAMETERS), &bytes_read)) {
+        if (process_parameters.CommandLine.Length > 0) {
+
+          // Allocate space to read the command line parameter
+          WCHAR *buffer = NULL;
+          buffer = (WCHAR *)HeapAlloc(heap, HEAP_ZERO_MEMORY, process_parameters.CommandLine.Length);
+          if (buffer) {
+            if (ReadProcessMemory(hProcess, process_parameters.CommandLine.Buffer, buffer, process_parameters.CommandLine.Length, &bytes_read)) {
+
+              // Copy only as much as will fit in the commandLine property
+              DWORD buffer_size = process_parameters.CommandLine.Length >= sizeof(process_info[*process_count].commandLine)
+                                     ? sizeof(process_info[*process_count].commandLine) - sizeof(TCHAR)
+                                     : process_parameters.CommandLine.Length;
+
+              WideCharToMultiByte(CP_ACP, 0, buffer,
+                                  (int)(buffer_size / sizeof(WCHAR)),
+                                  process_info[*process_count].commandLine, sizeof(process_info[*process_count].commandLine),
+                                  NULL, NULL);
+
+              CloseHandle(hProcess);
+              HeapFree(heap, 0, pbi);
+              return true;
+            }
+          }
+        }
+      }
+    }
+  }
+
+  CloseHandle(hProcess);
+  HeapFree(heap, 0, pbi);
+  return false;
+}

src/process_commandline.h

@@ -0,0 +1,21 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+#ifndef SRC_PROCESS_COMMANDLINE_H_
+#define SRC_PROCESS_COMMANDLINE_H_
+
+#include "process.h"
+#include <winternl.h>
+
+typedef NTSTATUS(NTAPI *pfnNtQueryInformationProcess)(
+  IN HANDLE ProcessHandle,
+  IN PROCESSINFOCLASS ProcessInformationClass,
+  OUT PVOID ProcessInformation,
+  IN ULONG ProcessInformationLength,
+  OUT PULONG ReturnLength OPTIONAL);
+
+bool GetProcessCommandLine(ProcessInfo process_info[1024], uint32_t *process_count);
+
+#endif

src/worker.cc

@@ -42,8 +42,14 @@ void Worker::HandleOKCallback() {
               Nan::New<v8::Number>(process_info[i].memory));
     }
 
+    if (COMMANDLINE & *process_data_flags) {
+      Nan::Set(object, Nan::New<v8::String>("commandLine").ToLocalChecked(),
+        Nan::New<v8::String>(process_info[i].commandLine).ToLocalChecked());
+    }
+
     Nan::Set(result, i, Nan::New<v8::Value>(object));
   }
+
   v8::Local<v8::Value> argv[] = { result };
   callback->Call(1, argv);
 }

typings/windows-process-tree.d.ts

@@ -6,14 +6,24 @@
 declare module 'windows-process-tree' {
   export enum ProcessDataFlag {
     None = 0,
-    Memory = 1
+    Memory = 1,
+    CommandLine = 2
   }
 
   export interface IProcessInfo {
     pid: number;
     ppid: number;
     name: string;
+
+    /**
+     * The working set size of the process, in bytes.
+     */
     memory?: number;
+
+    /**
+     * The string returned is at most 512 chars, strings exceeding this length are truncated.
+     */
+    commandLine?: string;
   }
 
   export interface IProcessCpuInfo extends IProcessInfo {
@@ -24,31 +34,30 @@ declare module 'windows-process-tree' {
     pid: number;
     name: string;
     memory?: number;
+    commandLine?: string;
     children: IProcessTreeNode[];
   }
 
-
-
   /**
    * Returns a tree of processes with the rootPid process as the root.
-   * @param {number} rootPid - The pid of the process that will be the root of the tree.
-   * @param {(tree: IProcessTreeNode) => void} callback - The callback to use with the returned list of processes.
-   * @param {ProcessDataFlag} flags - The flags for what process data should be included.
+   * @param rootPid - The pid of the process that will be the root of the tree.
+   * @param callback - The callback to use with the returned list of processes.
+   * @param flags - The flags for what process data should be included.
    */
   export function getProcessTree(rootPid: number, callback: (tree: IProcessTreeNode) => void, flags?: ProcessDataFlag): void;
 
   /**
    * Returns a list of processes containing the rootPid process and all of its descendants.
-   * @param {number} rootPid - The pid of the process of interest.
-   * @param {(processList: IProcessInfo[]) => void} callback - The callback to use with the returned set of processes.
-   * @param {ProcessDataFlag} flags - The flags for what process data should be included.
+   * @param rootPid - The pid of the process of interest.
+   * @param callback - The callback to use with the returned set of processes.
+   * @param flags - The flags for what process data should be included.
    */
   export function getProcessList(rootPid: number, callback: (processList: IProcessInfo[]) => void, flags?: ProcessDataFlag): void;
 
   /**
    * Returns the list of processes annotated with cpu usage information.
-   * @param {processList: IProcessInfo[]} processList - The list of processes.
-   * @param {(processListWithCpu: IProcessCpuInfo[]) => void} callback - The callback to use with the returned list of processes.
+   * @param processList - The list of processes.
+   * @param callback - The callback to use with the returned list of processes.
    */
   export function getProcessCpuUsage(processList: IProcessInfo[], callback: (processListWithCpu: IProcessCpuInfo[]) => void);
 }