Suspend/resume a process

Wayne Diamond

Member

Join Date: Sep 2000
Posts: 3194

7 Oct 2003, 01:32 AM

Suspending a process is easy - just suspend all of its threads. To do that we simply enumerate all threads in the system, and if they match the process ID we're suspending, we call SuspendThread. Resuming a suspended process is exactly the same, but calling ResumeThread rather than SuspendThread. Interestingly you don't even need to call OpenProcess with this, but OpenThread is still required.

Code:

#COMPILE EXE
#INCLUDE "win32api.inc"
#INCLUDE "tlhelp32.inc"
  
FUNCTION PBMAIN() AS LONG
DIM CMD$, PID AS DWORD, Res AS DWORD
CMD$ = COMMAND$
PID = VAL(CMD$)
IF PID = 0 THEN
   MSGBOX "Usage: suspend <ProcessID>", %MB_OK + %MB_ICONINFORMATION, "Suspend/Resume"
   EXIT FUNCTION
END IF
IF MSGBOX("Suspend threads?" & $CRLF & "(Yes=Suspend, No=Resume)", %MB_YESNO + %MB_ICONQUESTION, "Suspend or Resume?") = 6 THEN
    Res = 6
ELSE
    Res = 0
END IF
    LOCAL hSnapShot AS DWORD, lResult AS DWORD, TE32 AS THREADENTRY32, hThread AS DWORD
     hSnapshot = CreateToolHelp32SnapShot (%TH32CS_SNAPTHREAD, 0)
        IF hSnapshot <> %INVALID_HANDLE_VALUE THEN
            TE32.dwSize         = SIZEOF(TE32)
            lresult             = Thread32First (hSnapshot,TE32)
            WHILE ISTRUE lResult
                IF TE32.th32OwnerProcessID = PID THEN
                  hThread = OpenThread(BYVAL %THREAD_SUSPEND_RESUME, BYVAL 0, BYVAL TE32.th32ThreadID)
                  IF hThread THEN
                        IF Res = 6 THEN
                         SuspendThread hThread
                        ELSE
                         ResumeThread hThread
                        END IF
                  END IF
                END IF
                lResult = Thread32Next (hSnapShot, TE32)
            WEND
            CloseHandle hSnapShot
            FUNCTION = 0
        ELSE
            FUNCTION = -1&
        END IF
END FUNCTION

------------------
The PowerBASIC Crypto Archives - My Email - What's mine is yours...

Tags: None

Announcement

Forum Guidelines

Suspend/resume a process

Suspend/resume a process