网上冲浪 | 反毒杀毒 | 菜鸟进阶 | 网络安全 | 实用技术 | 网络安全 | 操作系统 |
工具软件 | 电脑医院 | 网上赚钱 | 网页制作 | 网络营销 | 经典教程 | IT趣 谈 |
当前位置:IT快活林网上冲浪网络安全

SuspendThread返回-1怎么解决

SuspendThread返回-1,怎么解决?选定一个process,再选定当中的一部分thread,把该process中未选中的线程挂起,可是SuspendThread不成功返回0XFFFFFFFF,为什么或者说怎么会?怎么解决?
程序(Procedures)(Procedures)如下:

    hSnapshot:=CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD,GetCurrentProcessId);
    ThreadEntry.dwSize :=Sizeof(ThreadEntry);
    existsthread :=Thread32First(hSnapshot,ThreadEntry);
    while existsthread do
    begin
      if ThreadEntry.th32OwnerProcessID =Integer(SelectedProcID) then
      begin
        if pos(IntToStr(ThreadEntry.th32ThreadID),SelectedThreadIDs)=0 then
        begin
          SuspendThread(ThreadEntry.th32ThreadID);
        end;
      end;
      existsthread :=Thread32Next(hSnapshot,ThreadEntry);
    end;
    CloseHandle(hSnapshot);--
SuspendThread

Suspends the specified thread.

A 64-bit application can suspend a WOW64 thread using the Wow64SuspendThread function.


DWORD WINAPI SuspendThread(
  HANDLE hThread
);

Parameters
hThread
[in] A handle to the thread that is to be suspended.
The handle must have the THREAD_SUSPEND_RESUME access right. For more information, see Thread Security and Access Rights.

Return Value
If the function succeeds, the return value is the thread's previous suspend count; otherwise, it is (DWORD) -I. To get extended error information, use the GetLastError function.


SuspendThread(hThread)注意hThread是线程句柄不是线程ID,最开始要OpenThread得到线程句柄hThread然后再SuspendThread,如果权限不够还可能OpenThread失败,这时就需要提升权限
//提升进程令牌函数
function AdjustProcessPrivilege(ProcessHandle:THandle;Token_Name:Pchar):boolean;
var
Token:Cardinal;
TokenPri:_TOKEN_PRIVILEGES;
ProcessDest:int64;
l:DWORD;
begin
  Result:=False;
  if OpenProcessToken(ProcessHandle,TOKEN_Adjust_Privileges,Token) then
  begin
    if LookupPrivilegeValue(nil,Token_Name,ProcessDest) then
    begin
      TokenPri.PrivilegeCount:=1;
      TokenPri.Privileges[0].Attributes:=SE_PRIVILEGE_ENABLED;
      TokenPri.Privileges[0].Luid:=ProcessDest;
      l:=0;
      //更新进程令牌,成功返回TRUE
      if AdjustTokenPrivileges(Token,False,TokenPri,sizeof(TokenPri),nil,l) then
        Result:=True;
    end;
  end;
end;

---
SuspendThread的参数应该是线程的句柄,而不能是不是线程ID.
线程句柄可以通过OpenThread的返回值获得,
OpenThread(THREAD_SUSPEND_RESUME, FALSE, ThreadEntry.th32ThreadID);
至于OpenThread函数并未在TlHelp32单元中导出,可如下自己导出:
function OpenThread(dwDesiredAccess: DWORD; bInheritHandle: BOOL; dwProcessId: DWORD): THandle; stdcall; external 'kernel3II.dll' name 'OpenThread';

PS:如果还失败,则有可能是权限不够,请参考上面coffeemay的方法提升自身进程的权限.
[]作者:本站整理  来源:不祥  
日收入过300的方法,信不信也得看完 麻烦您再把腿张开一点,我插不进去