Add flag for getting command line arguments of processes

binding.gyp

@@ -5,7 +5,8 @@
       "sources": [
         "src/addon.cc",
         "src/process.cc",
-        "src/worker.cc"
+        "src/worker.cc",
+        "src/process_arguments.cc"
       ],
       "include_dirs": [
         "<!(node -e \"require('nan')\")"

lib/index.ts

@@ -8,7 +8,8 @@ import { IProcessInfo, IProcessTreeNode, IProcessCpuInfo } from 'windows-process
 
 export enum ProcessDataFlag {
   None = 0,
-  Memory = 1
+  Memory = 1,
+  Arguments = 2
 }
 
 interface  IRequest {
@@ -41,6 +42,7 @@ function buildProcessTree( rootPid: number, processList: IProcessInfo[]): IProce
     pid: rootProcess.pid,
     name: rootProcess.name,
     memory: rootProcess.memory,
+    arguments: rootProcess.arguments,
     children: childIndexes.map(c => buildProcessTree(c.pid, processList))
   };
 }

lib/test.ts

@@ -68,6 +68,19 @@ describe('getRawProcessList', () => {
       }, ProcessDataFlag.Memory);
     }, ProcessDataFlag.None);
   });
+
+  it('should return argument information only when the flag is set', (done) => {
+    // Arguments should be undefined when flag is not set
+    native.getProcessList((list) => {
+      assert.equal(list.every(p => p.arguments === undefined), true);
+
+      // Arguments should be a string when flag is set
+      native.getProcessList((list) => {
+        assert.equal(list.every(p => typeof p.arguments === 'string'), true);
+        done();
+      }, ProcessDataFlag.Arguments);
+    }, ProcessDataFlag.None);
+  });
 });
 
 describe('getProcessList', () => {
@@ -89,6 +102,7 @@ describe('getProcessList', () => {
       assert.equal(list[0].name, 'node.exe');
       assert.equal(list[0].pid, process.pid);
       assert.equal(list[0].memory, undefined);
+      assert.equal(list[0].arguments, undefined);
       done();
     });
   });
@@ -103,6 +117,19 @@ describe('getProcessList', () => {
     }, ProcessDataFlag.Memory);
   });
 
+  it('should return argument information only if the flag is set', (done) => {
+    getProcessList(process.pid, (list) => {
+      assert.equal(list.length, 1);
+      assert.equal(list[0].name, 'node.exe');
+      assert.equal(list[0].pid, process.pid);
+      assert.equal(typeof list[0].arguments, 'string');
+      // Arguments is "<path to node> <path to mocha> lib/test.js"
+      assert.equal(list[0].arguments.indexOf('mocha') > 0, true);
+      assert.equal(list[0].arguments.indexOf('lib/test.js') > 0, true);
+      done();
+    }, ProcessDataFlag.Arguments);
+  });
+
   it('should return a list containing this process\'s child processes', done => {
     cps.push(child_process.spawn('cmd.exe'));
     pollUntil(() => {
@@ -162,6 +189,7 @@ describe('getProcessTree', () => {
       assert.equal(tree.name, 'node.exe');
       assert.equal(tree.pid, process.pid);
       assert.equal(tree.memory, undefined);
+      assert.equal(tree.arguments, undefined);
       assert.equal(tree.children.length, 0);
       done();
     });
@@ -177,6 +205,16 @@ describe('getProcessTree', () => {
     }, ProcessDataFlag.Memory);
   });
 
+  it('should return a tree containing this process\'s arguments if the flag is set', done => {
+    getProcessTree(process.pid, (tree) => {
+      assert.equal(tree.name, 'node.exe');
+      assert.equal(tree.pid, process.pid);
+      assert.equal(typeof tree.arguments, 'string');
+      assert.equal(tree.children.length, 0);
+      done();
+    }, ProcessDataFlag.Arguments);
+  });
+
   it('should return a tree containing this process\'s child processes', done => {
     cps.push(child_process.spawn('cmd.exe'));
     pollUntil(() => {

src/process.cc

@@ -4,6 +4,7 @@
  *--------------------------------------------------------------------------------------------*/
 
 #include "process.h"
+#include "process_arguments.h"
 
 #include <tlhelp32.h>
 #include <psapi.h>
@@ -27,6 +28,10 @@ void GetRawProcessList(ProcessInfo process_info[1024], uint32_t* process_count,
           GetProcessMemoryUsage(process_info, process_count);
         }
 
+        if (ARGUMENTS & *process_data_flags) {
+          GetProcessCommandLineArguments(process_info, process_count);
+        }
+
         strcpy(process_info[*process_count].name, process_entry.szExeFile);
         (*process_count)++;
       }

src/process.h

@@ -21,11 +21,13 @@ struct ProcessInfo {
   DWORD pid;
   DWORD ppid;
   DWORD memory; // Reported in bytes
+  TCHAR arguments[512];
 };
 
 enum ProcessDataFlags {
   NONE = 0,
-  MEMORY = 1
+  MEMORY = 1,
+  ARGUMENTS = 2
 };
 
 void GetRawProcessList(ProcessInfo process_info[1024], uint32_t* process_count, DWORD* flags);

src/process_arguments.cc

@@ -0,0 +1,79 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+#include "process.h"
+#include "process_arguments.h"
+#include <windows.h>
+#include <winternl.h>
+#include <psapi.h>
+
+bool GetProcessCommandLineArguments(ProcessInfo process_info[1024], uint32_t *process_count) {
+  pfnNtQueryInformationProcess gNtQueryInformationProcess = (pfnNtQueryInformationProcess)GetProcAddress(
+      GetModuleHandleA("ntdll.dll"), "NtQueryInformationProcess");
+
+  PPROCESS_BASIC_INFORMATION pbi = NULL;
+  PEB peb = {NULL};
+  RTL_USER_PROCESS_PARAMETERS process_parameters = {NULL};
+
+  // Get process handle
+  DWORD pid = process_info[*process_count].pid;
+  HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, pid);
+  if (hProcess == INVALID_HANDLE_VALUE) {
+    return FALSE;
+  }
+
+  // Get process basic information
+  HANDLE heap = GetProcessHeap();
+  DWORD pbi_size = sizeof(PROCESS_BASIC_INFORMATION);
+  pbi = (PROCESS_BASIC_INFORMATION *)HeapAlloc(heap, HEAP_ZERO_MEMORY, pbi_size);
+  if (!pbi) {
+    CloseHandle(hProcess);
+    return FALSE;
+  }
+
+  // Get Process Environment Block (PEB)
+  DWORD size_needed;
+  NTSTATUS status = gNtQueryInformationProcess(hProcess, ProcessBasicInformation, pbi, pbi_size, &size_needed);
+  if (status >= 0 && pbi->PebBaseAddress) {
+
+    // Read PEB
+    SIZE_T bytes_read;
+    if (ReadProcessMemory(hProcess, pbi->PebBaseAddress, &peb, sizeof(peb), &bytes_read)) {
+
+      // Read the processs parameters
+      bytes_read = 0;
+      if (ReadProcessMemory(hProcess, peb.ProcessParameters, &process_parameters, sizeof(RTL_USER_PROCESS_PARAMETERS), &bytes_read)) {
+        if (process_parameters.CommandLine.Length > 0) {
+
+          // Allocate space to read the command line parameter
+          WCHAR *buffer = NULL;
+          buffer = (WCHAR *)HeapAlloc(heap, HEAP_ZERO_MEMORY, process_parameters.CommandLine.Length);
+          if (buffer) {
+            if (ReadProcessMemory(hProcess, process_parameters.CommandLine.Buffer, buffer, process_parameters.CommandLine.Length, &bytes_read)) {
+
+              // Copy only as much as will fit in the arguments property
+              DWORD buffer_size = process_parameters.CommandLine.Length >= sizeof(process_info[*process_count].arguments)
+                                     ? sizeof(process_info[*process_count].arguments) - sizeof(TCHAR)
+                                     : process_parameters.CommandLine.Length;
+
+              WideCharToMultiByte(CP_ACP, 0, buffer,
+                                  (int)(buffer_size / sizeof(WCHAR)),
+                                  process_info[*process_count].arguments, sizeof(process_info[*process_count].arguments),
+                                  NULL, NULL);
+
+              CloseHandle(hProcess);
+              HeapFree(heap, 0, pbi);
+              return true;
+            }
+          }
+        }
+      }
+    }
+  }
+
+  CloseHandle(hProcess);
+  HeapFree(heap, 0, pbi);
+  return false;
+}

src/process_arguments.h

@@ -0,0 +1,21 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+#ifndef SRC_PROCESS_ARGUMENTS_H_
+#define SRC_PROCESS_ARGUMENTS_H_
+
+#include "process.h"
+#include <winternl.h>
+
+typedef NTSTATUS(NTAPI *pfnNtQueryInformationProcess)(
+  IN HANDLE ProcessHandle,
+  IN PROCESSINFOCLASS ProcessInformationClass,
+  OUT PVOID ProcessInformation,
+  IN ULONG ProcessInformationLength,
+  OUT PULONG ReturnLength OPTIONAL);
+
+bool GetProcessCommandLineArguments(ProcessInfo process_info[1024], uint32_t *process_count);
+
+#endif

src/worker.cc

@@ -42,6 +42,11 @@ void Worker::HandleOKCallback() {
               Nan::New<v8::Number>(process_info[i].memory));
     }
 
+    if (ARGUMENTS & *process_data_flags) {
+      Nan::Set(object, Nan::New<v8::String>("arguments").ToLocalChecked(),
+        Nan::New<v8::String>(process_info[i].arguments).ToLocalChecked());
+    }
+
     Nan::Set(result, i, Nan::New<v8::Value>(object));
   }
   v8::Local<v8::Value> argv[] = { result };

typings/windows-process-tree.d.ts

@@ -6,14 +6,16 @@
 declare module 'windows-process-tree' {
   export enum ProcessDataFlag {
     None = 0,
-    Memory = 1
+    Memory = 1,
+    Arguments = 2
   }
 
   export interface IProcessInfo {
     pid: number;
     ppid: number;
     name: string;
     memory?: number;
+    arguments?: string;
   }
 
   export interface IProcessCpuInfo extends IProcessInfo {
@@ -24,11 +26,10 @@ declare module 'windows-process-tree' {
     pid: number;
     name: string;
     memory?: number;
+    arguments?: string;
     children: IProcessTreeNode[];
   }
 
-
-
   /**
    * Returns a tree of processes with the rootPid process as the root.
    * @param {number} rootPid - The pid of the process that will be the root of the tree.