在Windows体系统中,windows通过一些结构体来保存windows信息。这些许多就关系到微软未公开的文档。SYSTEM_BASE_INFORMATION结构就是其中的一个。它通过调用ntdll.dll中的ZwQuerySystemInformation函数可以得到这个结构的值。下面是演示代码:
#include "stdafx.h"
#include <conio.h>
#include <windows.h>
typedef LONG NTSTATUS;
typedef enum _SYSTEM_INFORMATION_CLASS
{
SystemBasicInformat
}SYSTEM_INFORMATION_CLASS;
typedef struct _SYSTEM_BASIC_INFORMATION
{
ULONG Unknown; //Always contains zero
ULONG MaximumIncrement; //一个时钟的计量单位
ULONG PhysicalPageSize; //一个内存页的大小
ULONG NumberOfPhysicalPages; //系统管理着多少个页
ULONG LowestPhysicalPage; //低端内存页
ULONG HighestPhysicalPage; //高端内存页
ULONG AllocationGranularity;
ULONG LowestUserAddress; //地端用户地址
ULONG HighestUserAddress; //高端用户地址
ULONG ActiveProcessors; //激活的处理器
UCHAR NumberProcessors; //有多少个处理器
}SYSTEM_BASIC_INFORMATION,*PSYSTEM_BASIC_INFORMATION;
typedef NTSTATUS (__stdcall *ZWQUERYSYSTEMINFORMATION) (IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
IN OUT PVOID SystemInformat,
IN ULONG SystemInformatLength,
OUT PULONG ReturnLength OPTIONAL);
static ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformation = NULL;
int _tmain(int argc, _TCHAR* argv[])
{
SYSTEM_BASIC_INFORMATION SysBaseInfo;
NTSTATUS status;
if( !(ZwQuerySystemInformation = (ZWQUERYSYSTEMINFORMATION)GetProcAddress(GetModuleHandle("ntdll.dll"),"ZwQuerySystemInformation")))
{
printf("GetProcAddress failed");
return -1;
}
status = ZwQuerySystemInformation(SystemBasicInformat,&SysBaseInfo,sizeof(SysBaseInfo),0);
if(status != NO_ERROR)
{
printf("ZwQuerySystemInformation failed");
return -1;
}
printf("MaximumIncrement = %d\n",SysBaseInfo.MaximumIncrement );
printf("PhysicalPageSize = %d\n",SysBaseInfo.PhysicalPageSize );
printf("NumberOfPhysicalPages = %d\n",SysBaseInfo.NumberOfPhysicalPages );
printf("LowestPhysicalPage = %d\n",SysBaseInfo.LowestPhysicalPage );
printf("HighestPhysicalPage = %d\n",SysBaseInfo.HighestPhysicalPage );
printf("AllocationGranularity = %d\n",SysBaseInfo.AllocationGranularity );
printf("LowestUserAddress = %X\n",SysBaseInfo.LowestUserAddress );
printf("HighestUserAddress = %X\n",SysBaseInfo.HighestUserAddress );
printf("ActiveProcessors = %d\n",SysBaseInfo.ActiveProcessors );
printf("NumberProcessors = %d\n",SysBaseInfo.NumberProcessors );
getch();
return 0;
}