C++.进程命令行参数

CString GetCmdLine(IN DWORD dwPid)
{
    CString ret;
    try
    {
        if (GetCurrentProcessId() == dwPid)
        {
            return GetCommandLine();
        }
        PBYTE pFunc = (PBYTE)GetProcAddress(LoadLibrary(_T("kernelBase.dll")), "GetCommandLineW");
        if (pFunc && pFunc[0] == 0xA1) /*mov eax, [0x????????]*/
        {
            HANDLE hProcess = OpenProcess(PROCESS_VM_READ, 0, dwPid);
            if (hProcess)
            {
                DWORD dwAddr = 0;
                if (ReadProcessMemory(hProcess, (PVOID)*(DWORD*)(pFunc + 1), &dwAddr, sizeof(DWORD), 0))
                {
                    TCHAR sz[MAX_PATH] = { 0 };
                    ReadProcessMemory(hProcess, (PVOID)dwAddr, sz, MAX_PATH * sizeof(TCHAR) - sizeof(TCHAR), 0);
                    ret.Format(_T("%s"), sz);
                }
                CloseHandle(hProcess);
            }
        }
    }
    catch (...)
    {
        OutputDebugStringA(__FUNCTION__);
    }
    return  ret;
}

#include <iostream>
int main()
{
    STARTUPINFO si = { 0 };
    si.cb = sizeof(si);
    PROCESS_INFORMATION pi = { 0 };
    BOOL b = CreateProcess(_T("C:\\Using\\winmine.exe"), 0, 0, 0, 0, 0, 0, 0, &si, &pi);
    HWND h = 0;
    if (b)
    {
        Sleep(1000);
        CString str = GetCmdLine(pi.dwProcessId);
        wcout.imbue(locale("chs"));    
        wprintf(L"%s\r\n", str.GetString());
        wcout << str.GetString() << endl;   
        TerminateProcess(OpenProcess(PROCESS_ALL_ACCESS, 0, pi.dwProcessId), 0);
    }

    return 0;
}