GetModuleFileNameEx returns exe path of 64 bit application from a 32 bit application on win10 os but not on win 8.1 and win12server R2

amrut anegundi 1 Reputation point
2021-07-22T07:06:09.097+00:00

I am calling GetModuleFileNameEx from 32 bit com dll to get the path of a 64bit exe and it works fine on win10 enterprise and other os but fails with PARTIAL_COPY error in windows 8.1 and win12 server R2.
Why does it work on win10 but not on win8.1?

Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,613 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Castorix31 85,131 Reputation points
    2021-07-22T07:24:20.167+00:00

    Usually, QueryFullProcessImageName or GetProcessImageFileName should work
    (they use NtQueryInformationProcess instead of ReadProcessMemory)

    0 comments No comments

  2. RLWA32 45,476 Reputation points
    2021-07-22T08:31:05.42+00:00

    A possible reason why GetModuleFileNameEx can fail with PARTIAL_COPY is discussed here - https://devblogs.microsoft.com/oldnewthing/20160310-00

    Also, the docs for the function seem to indicate that its not really for general usage -

    The GetModuleFileNameEx function is primarily designed for use by debuggers and similar applications that must extract module information from another process. If the module list in the target process is corrupted or is not yet initialized, or if the module list changes during the function call as a result of DLLs being loaded or unloaded, GetModuleFileNameEx may fail or return incorrect information. ....
    To retrieve the name of the main executable module for a remote process, use the GetProcessImageFileName or QueryFullProcessImageName function. This is more efficient and more reliable than calling the GetModuleFileNameEx function with a NULL module handle.

    0 comments No comments

  3. amrut anegundi 1 Reputation point
    2021-07-25T10:35:15.983+00:00

    @Castorix31 @RLWA32

    The problem I am facing is although the QueryFullProcessImageName works for me but the COM dll is compatible with even the older OSs and somehow we have WINDEF macro defined less than 6 meaning the QueryFullProcessImageName is not defined for us.

    Coming to GetProcessImageFileName although it works but the code gets complicated to extract the actual path from the device form path and also it does not work for network path.
    Correct me if I am wrong.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.