createprocess function (windows)

7/16/2019 CreateProcess Function (Windows)

1/12

10-01-25 reateProcess Function (Windows)

Page 1 sttp://msdn.microsoft.com/en-us/library/ms682425(VS.85,printer).aspx

C++

2010 Microsoft Corporation. All rights reserved.

CreateProcess Function

Creates a new process and its primary thread. The new process runs in the security context ofthe calling process.

If the calling process is impersonating another user, the new process uses the token for the

calling process, not the impersonation token. To run the new process in the security context ofthe user represented by the impersonation token, use the CreateProcessAsUser [http://msdn.microsoft.com/en-us/library/ms682429(VS.85).aspx ] or

CreateProcessWithLogonW [ http://msdn.microsoft.com/en-us/library/ms682431(VS.85).aspx] function.

Syntax

BOOL WINAPI CreateProcess(

__in_opt LPCTSTR lpApplicationName,__inout_opt LPTSTR lpCommandLine,__in_opt LPSECURITY_ATTRIBUTES lpProcessAttributes,__in_opt LPSECURITY_ATTRIBUTES lpThreadAttributes,__in BOOL bInheritHandles,__in DWORD dwCreationFlags,

__in_opt LPVOID lpEnvironment,__in_opt LPCTSTR lpCurrentDirectory,__in LPSTARTUPINFO lpStartupInfo,__out LPPROCESS_INFORMATION lpProcessInformation

);

Parameters

lpApplicationName [in, optional]The name of the module to be executed. This module can be a Windows-basedapplication. It can be some other type of module (for example, MS-DOS or OS/2) ifthe appropriate subsystem is available on the local computer.

The string can specify the full path and file name of the module to execute or it canspecify a partial name. In the case of a partial name, the function uses the currentdrive and current directory to complete the specification. The function will not use thesearch path. This parameter must include the file name extension; no defaultextension is assumed.

The lpApplicationName parameter can be NULL. In that case, the module name mustbe the first white spacedelimited token in the lpCommandLine string. If you are usinga long file name that contains a space, use quoted strings to indicate where the filename ends and the arguments begin; otherwise, the file name is ambiguous. Forexample, consider the string "c:\program files\sub dir\program name". This string canbe interpreted in a number of ways. The system tries to interpret the possibilities inthe following order:

c:\program.exe files\sub dir\program namec:\program files\sub.exe dir\program name
http://msdn.microsoft.com/en-us/library/ms682431(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682429(VS.85,printer).aspx


2/12



c:\program files\sub dir\program.exe namec:\program files\sub dir\program name.exe

If the executable module is a 16-bit application, lpApplicationName should be NULL,and the string pointed to by lpCommandLine should specify the executable module aswell as its arguments.

To run a batch file, you must start the command interpreter; set lpApplicationName tocmd.exe and set lpCommandLine to the following arguments: /c plus the name of the

batch file.

lpCommandLine [in, out, optional]The command line to be executed. The maximum length of this string is 32,768characters, including the Unicode terminating null character. IflpApplicationName isNULL, the module name portion oflpCommandLine is limited to MAX_PATH characters.

The Unicode version of this function, CreateProcessW , can modify the contents ofthis string. Therefore, this parameter cannot be a pointer to read-only memory (suchas a const variable or a literal string). If this parameter is a constant string, thefunction may cause an access violation.

The lpCommandLine parameter can be NULL. In that case, the function uses the string

pointed to by lpApplicationName as the command line.

If both lpApplicationName and lpCommandLine are non-NULL, the null-terminatedstring pointed to by lpApplicationName specifies the module to execute, and the null-terminated string pointed to by lpCommandLine specifies the command line. The newprocess can use GetCommandLine [ http://msdn.microsoft.com/en-us/library/ms683156(VS.85).aspx ] to retrieve the entire command line. Consoleprocesses written in C can use the argcand argvarguments to parse the commandline. Because argv[0] is the module name, C programmers generally repeat themodule name as the first token in the command line.

IflpApplicationName is NULL, the first white spacedelimited token of the commandline specifies the module name. If you are using a long file name that contains a

space, use quoted strings to indicate where the file name ends and the argumentsbegin (see the explanation for the lpApplicationName parameter). If the file name doesnot contain an extension, .exe is appended. Therefore, if the file name extension is.com, this parameter must include the .com extension. If the file name ends in aperiod (.) with no extension, or if the file name contains a path, .exe is not appended.If the file name does not contain a directory path, the system searches for theexecutable file in the following sequence:

1. The directory from which the application loaded.2. The current directory for the parent process.3. The 32-bit Windows system directory. Use the GetSystemDirectory [

http://msdn.microsoft.com/en-us/library/ms724373(VS.85).aspx ] functionto get the path of this directory.

4. The 16-bit Windows system directory. There is no function that obtains thepath of this directory, but it is searched. The name of this directory isSystem.

5. The Windows directory. Use the GetWindowsDirectory [http://msdn.microsoft.com/en-us/library/ms724454(VS.85).aspx ] functionto get the path of this directory.

6. The directories that are listed in the PATH environment variable. Note thatthis function does not search the per-application path specified by the AppPaths registry key. To include this per-application path in the searchsequence, use the ShellExecute [ http://msdn.microsoft.com/en-
http://msdn.microsoft.com/en-us/library/bb762153(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms724454(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms724373(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms683156(VS.85,printer).aspx


3/12



us/library/bb762153(VS.85).aspx ] function.

The system adds a terminating null character to the command-line string to separatethe file name from the arguments. This divides the original string into two strings forinternal processing.

lpProcessAttributes [in, optional]A pointer to a SECURITY_ATTRIBUTES [ http://msdn.microsoft.com/en-us/library/aa379560(VS.85).aspx ] structure that determines whether the returned

handle to the new process object can be inherited by child processes. IflpProcessAttributes is NULL, the handle cannot be inherited.

The lpSecurityDescriptor member of the structure specifies a security descriptor forthe new process. IflpProcessAttributes is NULL or lpSecurityDescriptor is NULL, theprocess gets a default security descriptor. The ACLs in the default security descriptorfor a process come from the primary token of the creator.

Windows XP/2000: The ACLs in the default security descriptor fora process come from the primary or impersonation token of thecreator. This behavior changed with Windows XP with SP2 andWindows Server 2003.

lpThreadAttributes [in, optional]A pointer to a SECURITY_ATTRIBUTES structure that determines whether thereturned handle to the new thread object can be inherited by child processes. IflpThreadAttributes is NULL, the handle cannot be inherited.

The lpSecurityDescriptor member of the structure specifies a security descriptor forthe main thread. IflpThreadAttributes is NULL or lpSecurityDescriptor is NULL, thethread gets a default security descriptor. The ACLs in the default security descriptorfor a thread come from the process token.

Windows XP/2000: The ACLs in the default security descriptor fora thread come from the primary or impersonation token of thecreator. This behavior changed with Windows XP with SP2 and

Windows Server 2003.

bInheritHandles [in]If this parameter TRUE, each inheritable handle in the calling process is inherited bythe new process. If the parameter is FALSE, the handles are not inherited. Note thatinherited handles have the same value and access rights as the original handles.

dwCreationFlags [in]The flags that control the priority class and the creation of the process. For a list ofvalues, see Process Creation Flags [ http://msdn.microsoft.com/en-us/library/ms684863(VS.85).aspx ] .

This parameter also controls the new process's priority class, which is used to

determine the scheduling priorities of the process's threads. For a list of values, seeGetPriorityClass [ http://msdn.microsoft.com/en-us/library/ms683211(VS.85).aspx ]. If none of the priority class flags is specified, the priority class defaults toNORMAL_PRIORITY_CLASS unless the priority class of the creating process isIDLE_PRIORITY_CLASS or BELOW_NORMAL_PRIORITY_CLASS. In this case, the childprocess receives the default priority class of the calling process.

lpEnvironment[in, optional]A pointer to the environment block for the new process. If this parameter is NULL, thenew process uses the environment of the calling process.
http://msdn.microsoft.com/en-us/library/ms683211(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684863(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/aa379560(VS.85,printer).aspx


4/12



An environment block consists of a null-terminated block of null-terminated strings.Each string is in the following form:

name=value\0

Because the equal sign is used as a separator, it must not be used in the name of anenvironment variable.

An environment block can contain either Unicode or ANSI characters. If theenvironment block pointed to by lpEnvironmentcontains Unicode characters, be surethat dwCreationFlags includes CREATE_UNICODE_ENVIRONMENT. If this parameter isNULL and the environment block of the parent process contains Unicode characters,you must also ensure that dwCreationFlags includesCREATE_UNICODE_ENVIRONMENT.

The ANSI version of this function, CreateProcessA fails if the total size of theenvironment block for the process exceeds 32,767 characters.

Note that an ANSI environment block is terminated by two zero bytes: one for the laststring, one more to terminate the block. A Unicode environment block is terminated byfour zero bytes: two for the last string, two more to terminate the block.

lpCurrentDirectory[in, optional]The full path to the current directory for the process. The string can also specify aUNC path.

If this parameter is NULL, the new process will have the same current drive anddirectory as the calling process. (This feature is provided primarily for shells that needto start an application and specify its initial drive and working directory.)

lpStartupInfo [in]A pointer to a STARTUPINFO [ http://msdn.microsoft.com/en-us/library/ms686331(VS.85).aspx ] or STARTUPINFOEX [http://msdn.microsoft.com/en-us/library/ms686329(VS.85).aspx ] structure.

To set extended attributes, use a STARTUPINFOEX structure and specifyEXTENDED_STARTUPINFO_PRESENT in the dwCreationFlags parameter.

lpProcessInformation [out]A pointer to a PROCESS_INFORMATION [ http://msdn.microsoft.com/en-us/library/ms684873(VS.85).aspx ] structure that receives identification informationabout the new process.

Handles in PROCESS_INFORMATION must be closed with CloseHandle [http://msdn.microsoft.com/en-us/library/ms724211(VS.85).aspx ] when they are nolonger needed.

Return Value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call

GetLastError [ http://msdn.microsoft.com/en-us/library/ms679360(VS.85).aspx ] .

Note that the function returns before the process has finished initialization. If a required DLLcannot be located or fails to initialize, the process is terminated. To get the termination status

of a process, call GetExitCodeProcess [ http://msdn.microsoft.com/en-
http://msdn.microsoft.com/en-us/library/ms683189(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms679360(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms724211(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684873(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686329(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686331(VS.85,printer).aspx


5/12



us/library/ms683189(VS.85).aspx ] .

Remarks

The process is assigned a process identifier. The identifier is valid until the process terminates.It can be used to identify the process, or specified in the OpenProcess [

http://msdn.microsoft.com/en-us/library/ms684320(VS.85).aspx ] function to open a handle tothe process. The initial thread in the process is also assigned a thread identifier. It can be

specified in the OpenThread [ http://msdn.microsoft.com/en-us/library/ms684335(VS.85).aspx

] function to open a handle to the thread. The identifier is valid until the thread terminates andcan be used to uniquely identify the thread within the system. These identifiers are returned inthe PROCESS_INFORMATION [ http://msdn.microsoft.com/en-us/library/ms684873(VS.85).aspx ] structure.

The name of the executable in the command line that the operating system provides to a

process is not necessarily identical to that in the command line that the calling process gives tothe CreateProcess function. The operating system may prepend a fully qualified path to an

executable name that is provided without a fully qualified path.

The calling thread can use the WaitForInputIdle [ http://msdn.microsoft.com/en-us/library/ms687022(VS.85).aspx ] function to wait until the new process has finished its

initialization and is waiting for user input with no input pending. This can be useful forsynchronization between parent and child processes, because CreateProcess returns without

waiting for the new process to finish its initialization. For example, the creating process woulduse WaitForInputIdle before trying to find a window associated with the new process.

The preferred way to shut down a process is by using the ExitProcess [http://msdn.microsoft.com/en-us/library/ms682658(VS.85).aspx ] function, because this

function sends notification of approaching termination to all DLLs attached to the process. Othermeans of shutting down a process do not notify the attached DLLs. Note that when a thread

calls ExitProcess, other threads of the process are terminated without an opportunity toexecute any additional code (including the thread termination code of attached DLLs). For more

information, see Terminating a Process [ http://msdn.microsoft.com/en-us/library/ms686722(VS.85).aspx ] .

A parent process can directly alter the environment variables of a child process during process

creation. This is the only situation when a process can directly change the environment settingsof another process. For more information, see Changing Environment Variables [http://msdn.microsoft.com/en-us/library/ms682009(VS.85).aspx ] .

If an application provides an environment block, the current directory information of the system

drives is not automatically propagated to the new process. For example, there is anenvironment variable named =C: whose value is the current directory on drive C. An application

must manually pass the current directory information to the new process. To do so, theapplication must explicitly create these environment variable strings, sort them alphabetically

(because the system uses a sorted environment), and put them into the environment block.Typically, they will go at the front of the environment block, due to the environment block sortorder.

One way to obtain the current directory information for a drive X is to make the following call:

GetFullPathName("X:", ...)

. That avoids an application having to scan the environment block. If the full path returned is

X:\, there is no need to pass that value on as environment data, since the root directory is thedefault current directory for drive X of a new process.

When a process is created with CREATE_NEW_PROCESS_GROUP specified, an implicit call to

SetConsoleCtrlHandler [ http://msdn.microsoft.com/en-us/library/ms686016(VS.85).aspx ](NULL,TRUE) is made on behalf of the new process; this means that the new process hasCTRL+C disabled. This lets shells handle CTRL+C themselves, and selectively pass that signal

on to sub-processes. CTRL+BREAK is not disabled, and may be used to interrupt the
http://msdn.microsoft.com/en-us/library/ms686016(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682009(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686722(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682658(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms687022(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684873(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684335(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684320(VS.85,printer).aspx


6/12



process/process group.

Security Remarks

The first parameter, lpApplicationName, can be NULL, in which case the executable name mustbe in the white spacedelimited string pointed to by lpCommandLine. If the executable or path

name has a space in it, there is a risk that a different executable could be run because of theway the function parses spaces. The following example is dangerous because the function willattempt to run "Program.exe", if it exists, instead of "MyApp.exe".

LPTSTR szCmdline = _tcsdup(TEXT("C:\\Program Files\\MyApp -L -S"));CreateProcess(NULL, szCmdline, /* ... */);

If a malicious user were to create an application called "Program.exe" on a system, any

program that incorrectly calls CreateProcess using the Program Files directory will run thisapplication instead of the intended application.

To avoid this problem, do not pass NULL for lpApplicationName. If you do pass NULL for

lpApplicationName, use quotation marks around the executable path in lpCommandLine, asshown in the example below.

LPTSTR szCmdline[] = _tcsdup(TEXT("\"C:\\Program Files\\MyApp\" -L -S"));CreateProcess(NULL, szCmdline, /*...*/);

Examples

For an example, see Creating Processes [ http://msdn.microsoft.com/en-us/library/ms682512(VS.85).aspx ] .

Requirements

Minimum supported client Windows 2000 Professional

Minimum supportedserver

Windows 2000 Server

Header Winbase.h (include Windows.h)

Library Kernel32.lib

DLLKernel32.dll

Unicode and ANSI names

CreateProcessW (Unicode) and CreateProcessA(ANSI)

See Also

CloseHandle [ http://msdn.microsoft.com/en-us/library/ms724211(VS.85).aspx ]CreateProcessAsUser [ http://msdn.microsoft.com/en-us/library/ms682429(VS.85).aspx ]
http://msdn.microsoft.com/en-us/library/ms682429(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms724211(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682512(VS.85,printer).aspx


7/12



CreateProcessWithLogonW [ http://msdn.microsoft.com/en-us/library/ms682431(VS.85).aspx ]ExitProcess [ http://msdn.microsoft.com/en-us/library/ms682658(VS.85).aspx ]GetCommandLine [ http://msdn.microsoft.com/en-us/library/ms683156(VS.85).aspx ]GetEnvironmentStrings [ http://msdn.microsoft.com/en-us/library/ms683187(VS.85).aspx ]GetExitCodeProcess [ http://msdn.microsoft.com/en-us/library/ms683189(VS.85).aspx]GetFullPathName [ http://msdn.microsoft.com/en-us/library/aa364963(VS.85).aspx ]

GetStartupInfo [ http://msdn.microsoft.com/en-us/library/ms683230(VS.85).aspx ]OpenProcess [ http://msdn.microsoft.com/en-us/library/ms684320(VS.85).aspx ]Process and Thread Functions [ http://msdn.microsoft.com/en-us/library/ms684847(VS.85).aspx ]PROCESS_INFORMATION [ http://msdn.microsoft.com/en-us/library/ms684873(VS.85).aspx ]Processes [ http://msdn.microsoft.com/en-us/library/ms682015(VS.85).aspx ]SECURITY_ATTRIBUTES [ http://msdn.microsoft.com/en-us/library/aa379560(VS.85).aspx ]SetErrorMode [ http://msdn.microsoft.com/en-us/library/ms680621(VS.85).aspx ]STARTUPINFO [ http://msdn.microsoft.com/en-us/library/ms686331(VS.85).aspx ]STARTUPINFOEX [ http://msdn.microsoft.com/en-us/library/ms686329(VS.85).aspx ]TerminateProcess [ http://msdn.microsoft.com/en-us/library/ms686714(VS.85).aspx ]

WaitForInputIdle [ http://msdn.microsoft.com/en-us/library/ms687022(VS.85).aspx ]

Send comments about this topic to Microsoft

Build date: 1/21/2010

Tags:

Community Content

I found an inconsistency with this documentationwhen to run a batch file

Last Edit 4:32 PM by

Greg D

I believe you are getting the parameters wrong. The first parameter is just a name, thesecond is the command line, and the third holds the parameters to the process.You almost got it right with your second attempt.

CreateProcess(NULL, "C:\\Windows\\system32\\cmd.exe", "runBat.bat", NULL, FALSE, 0,NULL, NULL, &si, &pi);

Should do the trick

//Magnus

/* The library I used is from Dev-C++ 4.9.9.2. I haven't try the VC's. The OS is Windows
mailto:[email protected]?subject=Documentation%20feedback%20%5Bdllproc%5Cbase%5D:%20CreateProcess%20%20RELEASE:%20(1/21/2010)&body=%0A%0APRIVACY%20STATEMENT%0A%0AThe%20SDK%20team%20uses%20the%20feedback%20submitted%20to%20improve%20the%20SDK%20documentation.%20We%20do%20not%20use%20your%20e-mail%20address%20for%20any%20other%20purpose.%20We%20will%20remove%20your%20e-mail%20address%20from%20our%20system%20after%20the%20issue%20you%20are%20reporting%20has%20been%20resolved.%20While%20we%20are%20working%20to%20resolve%20this%20issue,%20we%20may%20send%20you%20an%20e-mail%20message%20to%20request%20more%20information%20about%20your%20feedback.%20After%20the%20issues%20have%20been%20addressed,%20we%20may%20send%20you%20an%20e-mail%20message%20to%20let%20you%20know%20that%20your%20feedback%20has%20been%20addressed.%0A%0AFor%20more%20information%20about%20Microsoft%27s%20privacy%20policy,%20see%20http://privacy.microsoft.com/en-us/default.aspx.http://msdn.microsoft.com/en-us/library/ms687022(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686714(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686329(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms686331(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms680621(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/aa379560(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682015(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684873(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684847(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms684320(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms683230(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/aa364963(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms683189(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms683187(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms683156(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682658(VS.85,printer).aspxhttp://msdn.microsoft.com/en-us/library/ms682431(VS.85,printer).aspx


8/12



XP, SP2 */

The "Parameters lpApplicationName" section above says "To run a batch file, you muststart the command interpreter; set lpApplicationName to cmd.exe and set lpCommandLineto the name of the batch file." But when I did so in a console program with:

CreateProcess("C:\\Windows\\system32\\cmd.exe", "runBat.bat", NULL, NULL, FALSE, 0,NULL, NULL, &si, &pi);

or

CreateProcess(NULL, "C:\\Windows\\system32\\cmd.exe runBat.bat", NULL, NULL, FALSE,0, NULL, NULL, &si, &pi);, the cmd.exe ignored the "runBat.bat" completely, i.e. the new cmdinstance was bootedsmoothly while my "runBat.bat" wasn't executed. Furthermore, when I specified thecmd.exe without its complete path as:

CreateProcess("cmd.exe", "runBat.bat", NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);CreateProcess() return with FALSE, and GetLastError() return 2.

At last I found the followings work:

CreateProcess(NULL, "runBat.bat file1.txt file2.txt", NULL, NULL, FALSE, 0, NULL, NULL,&si, &pi);

and

CreateProcess("runBat.bat ", "file1.txt file2.txt", NULL, NULL, FALSE, 0, NULL, NULL, &si,&pi);

However, when I wanted to redirect the stdin and stdoutof a called program in runBat.batto the file1.txt and file2.txt respectively, only the former could work as expected. Thelatter caused such situation: file1.txt was opened with notepadand the cmdwindow wasblocked until I closed the notepadmanually. Furthermore, file2.txt had not be written in at

all.

THERE SHOULD BE A WAY TO LAUNCH a process with the window as "ALWAYS ON TOP"USING THIS FUNCTION. This is not a robust enough function.

Note: This is not an appropriate forum for editorializing. A process that is not designed tobe TOPMOST should not be created as TOPMOST. An application that is designed to beTOPMOST should be capable of making itself TOPMOST.

Tags: contentbug and

lpEnvironment ignored on Vista for someapps Last Edit 6:09 PM byvcomrhencke

I found that the lpEnvironment is ignored on Windows Vista for some applications, but Ihaven't not been able to track down when this occurs. One reproducable example occurswhen I name my exe "Photoshop.exe" lpEnvironment is ignored, and when the same EXEis renamed to "p3.exe" it is no longer ignored. I don't know if this is some special case forhandling compatability with photoshop or this issue affects a larger population of apps?

For these applications the environment variables are inherited from the parent process


9/12



rather than using the values specified in lpEnvironment. I have not run into this problemwith any older platforms.

Tags: contentbug

FETCHING THE VALUE RETURNED BY CALLEDEXE

Last Edit 2:41 PM by

Medinoc

how can I fetch the value returned by the called exe?

Answer: Use GetExitCodeProcess() after the process has exited (you can use the waitfunction to make sure it did).

Tags:

32K allocation required to use lpCommandLineargument?

Last Edit 8:42 AM by

Cygon4

"The command line to be executed. The maximum length of this string is 32K characters.[...]

The Unicode version of this function, CreateProcessW , can modify the contents of thisstring."

In other words, I have to allocate a buffer of 32K characters if I want to provideCreateProcessW() with the lpCommandLine argument?

Answer: No; read the part that says "maximum". Questions such as that do not belonghere.

Answer^2: You misunderstood my intention. I think this part of the documentation isunclear and wanted to facilitate clarification. If a function modifies a string argument andthat string argument has a maximum length of 32K characters, for me that means I haveto provide 32K of writable memory when I call the function or risk a theoretically possiblebuffer overflow. This could be clarified by stating "the function can modify the contents ofthis string, but will not enlarge the string (eg. add additional characters to its end)".

Tags: contentbug

Documentation flawed? Last Edit 8:46 PM by JULY IGHOR

lpApplicationName does not work in the least. Either the documentation is flawed or theimplementation. Here is an example that tries to use the lpApplicationName argument aswritten in the documentation that will fail 100% of the time:STARTUPINFO startupInfo = {0};startupInfo.cb = sizeof(startupInfo);

PROCESS_INFORMATION processInformation;

// Try to start the processBOOL result = ::CreateProcess(

L"C:\\Windows\\NOTEPAD.exe",NULL,


10/12



NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS,NULL,NULL,&startupInfo,&processInformation

);

if(result == 0)

throw std::runtime_error("Could not create process");

Answer: You most probably forgot to set the UNICODE define.

Answer^2: Wrong. UNICODE is defined. Besides, passing a wchar_t string where a charstring is expected results in a compiler error, so there's not chance CreateProcessA() wasused. Upon that, CreateProcess() works fine if I use lpCommandLine to specify theexecutable (also as wide char string).

Answer^3: I tried that code right now and it just works; besides I've used CreateProcessthat way countless times. Sorry, both the documentation and the implementation areperfect; the problem must be yours. Check GetLastError's return value.Note:

- I am very surprised to NOT see a ',' after L"C:\\Windows\\NOTEPAD.exe". Like if there isa missing ',' in this exemple. This could explain the "will fail 100% of the time:" Otherwisewith a ',' it work fine (but be carefull!!)- If argument needed, (like "C:\\foobar.txt" in this exemple you NEED to repeat thelpCommandLine as first part of lpCommandLine (this time you better start and end it with'\"'TO make it short. better leave all in lpCommandLine including lpApplicationName. it ismore easy to manage this rather cubersome API which have 2 way to launch same thing.

Tags:

Working code for creating two processes "p1.exe"and "p2.exe" using CreateProcess() Method

Last Edit 12:02 PMby George323232

#include #include #include #include

void _tmain( int argc, TCHAR *argv[] ){STARTUPINFO si;PROCESS_INFORMATION pi;

STARTUPINFO sj;PROCESS_INFORMATION pj;

ZeroMemory( &si, sizeof(si) );si.cb = sizeof(si);ZeroMemory( &pi, sizeof(pi) );

ZeroMemory( &sj, sizeof(sj) );sj.cb = sizeof(sj);ZeroMemory( &pj, sizeof(pj) );


11/12



// Start the child process p1.exe. Make sure p1.exe is in the// same folder as current application. Otherwise write the full path in first argument.if(!CreateProcess(L".\\p1.exe", NULL, NULL, NULL, FALSE, 0, NULL, NULL, &sj, &pj)){printf( "Hello CreateProcess failed (%d)\n", GetLastError() );getch();return;}

// Start child process p2.exe. Make sure p2.exe is in the// same folder as current application. Otherwise write the full path in first argument.if(!CreateProcess(L".\\p2.exe", NULL, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi)){printf( "CreateProcess2 failed (%d)\n", GetLastError() );getch();return;}

// Wait until child processes exit.WaitForSingleObject( pi.hProcess, INFINITE );WaitForSingleObject( pj.hProcess, INFINITE );

// Close process and thread handles.CloseHandle( pi.hProcess );CloseHandle( pi.hThread );CloseHandle( pj.hProcess );CloseHandle( pj.hThread );getch();}

Tags:

Where is the terminating null characterplaced?

Last Edit 5:24 PM byHoneybunny

Q: I'm unclear where the terminating null character is placed, is intended thatlpApplicationName and lpCommand line are both pointers to the same string?For example:["C:/Program Files/MyApplication/MyApp.exe" Arg1 Arg2 Arg3]^lpApplicationName AND lpCommandLineOr can they be different?

Would I get a terminating null here:["C:/Program Files/MyApplication/MyApp.exe"]0x00[Arg1 Arg2 Arg3]

Is the terminating null inserted in all cases, or only if the program name is repeat

Tags: contentbug

CREATE_SEPARATE_WOW_VDM not working onVista with UAC

Last Edit 7:56 AM by

SharpDev

The CREATE_SEPARATE_WOW_VDM flag is ignored under Vista when UAC is enabled and aprocess is launched with elevated permissions. However processes started withoutelevation can run in shared memory.


12/12



Tags: contentbug

lpApplicationName and Image File ExecutionOptions

Last Edit 2:41 AM by Dave

Bakin

If you put the module name as lpApplicationName and do notrepeat it at the beginning oflpCommandLine then the Image File Execution Options registry key will not work: Thesystem will launch the debugger with lpCommandLine only and it won't have a module

name to launch. E.g., lpApplicationName="notepad.exe" and lpCommandLine="foobar" anda "notepad.exe" key under "Image File Execution Options" with stringdebugger=vsjitdebugger.exe will attempt to launch "vsjitdebugger.exe foobar", not"vsjitdebugger.exe notepad.exe foobar". (Observed on Windows XP Pro SP3.)

Tags: contentbug

createprocess function (windows)

Documents

new process

lpcommandline string

createprocess function

thecalling process

type of module

program filessub dirprogram

null c

string canbe