fix: undetected games when ran with administrator

[farhannz]

Root Cause

Windows built-in tools such as wmic or gcim or gwmi doesn't have enough privilege even if those tools were running with administrator. Consequently, the game isn't detected due to the empty result when querying executable path.

Solution

This fix uses windows undocumented api calls NtQuerySystemInformation() to get the ImageFileName of a process by supplying pid into the api. It uses koffi package to load those windows libraries.

Result

As a result, it can detect games that ran with administrator without the need to run arrpc with administrator.

This might also fix #33

Remark

The usage of NtQuerySystemInformation() may be altered or unavailable in future versions of Windows

[wahfl2]

Hello, I know I'm new here but I saw some potential improvements, and I would really like to see this merged, since the current WMIC solution can cause quite a bit of CPU usage.

[wahfl2]

Suggested change

	if (bufferSize >= 0xffff) {
	console.error(`NtQuerySystemInformation() failed with pid = ${pid}, result could not fit in buffer of size 0xffff`)
	return null;
	}

Just to prevent infinite loops

[wahfl2]

Suggested change

	// https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/ex/sysinfo/process_id.htm

It's officially undocumented but you could put this here, it has some good information

[wahfl2]

Likely fixes #142

[hazzuk]

Evaluating this change on the basis of performance, I observed a big reduction in latency.

Enabling the logging in src\process\index.js, "got processed" before was 280ms, after it became 15ms.

Running clinic.js clinic doctor -- node src shows some changes to performance in other areas:

Before

After

(109+123)

But, if you combine this work with the change done to scanning in #123, a lot of those charts become much less concerning.

And the combined finished time of "got processed" and "scan", goes from a before of 375ms (main branch), down to 17ms.

Great work on this change.