On Jul 11, 1:12 am, Tim Roberts <t...@probo.com> wrote:
> Jesse R <jessr...@gmail.com> wrote:
>
> >Hey I've been trying to convert this to run through ctypes and i'm
> >having a hard time
>
> >typedef struct _SYSTEM_PROCESS_ID_INFORMATION
> >{
> > HANDLE ProcessId;
> > UNICODE_STRING ImageName;
> >} SYSTEM_PROCESS_IMAGE_NAME_INFORMATION,
> >*PSYSTEM_PROCESS_IMAGE_NAME_INFORMATION;
>
> >to
>
> >class SYSTEM_PROCESS_ID_INFORMATION(ctypes.Structure):
> > _fields_ = [('pid', ctypes.c_ulong),
> > ('imageName', ctypes.c_wchar_p)]
> >...
> >does anyone know how to get this working?
>
> UNICODE_STRING is not just a pointer to wide characters. It is itself a
> structure:
>
> typedef struct _UNICODE_STRING {
> USHORT Length;
> USHORT MaximumLength;
> PWSTR Buffer;
>
> } UNICODE_STRING;
>
> So, I think you want fields of ctypes.c_ulong, ctypes.c_ushort,
> ctypes.c_ushort, and ctypes.c_wchar_p. MaximumLength gives the allocated
> size of the buffer. Length gives the length of the string currently held
> in the buffer. It can be less than the maximum length, and the buffer does
> NOT necessarily contain a zero-terminator.
>
> UNICODE_STRING and ANSI_STRING are used in kernel programming to avoid the
> potential ambiguities of counted strings.
> --
> Tim Roberts, t...@probo.com
> Providenza & Boekelheide, Inc.
if UNICODE_STRING is a structure you will want a structure for it
class UNICODE_STRING(ctypes.Structure):
_fields_ = [("Length", ctypes.c_ushort),
("MaximumLength" ,ctypes.c_ushort),
("Buffer", ctypes.c_wchar_p)]
class SYSTEM_PROCESS_ID_INFORMATION(ctypes.Structure):
_fields_ = [("pid", ctypes.c_ulong),
("imageName", UNICODE_STRING)]
--
http://mail.python.org/mailman/listinfo/python-list
