HOW TO CREATE AND KILL PROCESSES USING WIN32 API

Prepared by: Syed Feroz Zainvi Available at: http://www.computer-science-notes.blogspot.com E-mail: zainvi.sf@gmail.com

Creating A Process • A process can be created using CreateProcess function of Win32 API. The prototype of this function is: BOOL CreateProcess (LPCTSTR lpszImageName, // path of executable file LPTSTR lpszCommandLine, // command line LPSECURITY_ATTRIBUTES lpsaProcess, // process security attributes LPSECURITY_ATTRIBUTES lpsaThread, // thread security attributes BOOL fInheritHandles, // does new process inherit handles DWORD fdwCreate, // process creation flags LPVOID lpvEnvironment, // environment block for new process LPCTSTR lpszCurDir, // current folder for new process LPSTARTUPINFO lpsiStartInfo, // specifies window features LPPROCESS_INFORMATION lppiProcInfo); // new process information • To create a process, you can simply pass the name of the process leaving the other parameters to take

the default value NULL except the ninth and tenth parameter. Ninth parameter is the address of the structure STARTUPINFO that you need to fill before calling CreateProcess and contains information required to run the process. Tenth parameter is the address of the uninitialized structure PROCESS_INFORMATION which receives the information about the newly created process.

• STARTUPINFO structure must be initialized to 0 to avoid process crash due to corrupted data. This

initialization can be done using either of the following function calls: memset(&StartupInfo, 0, sizeof(StartupInfo)); ::ZeroMemory(&StartupInfo, sizeof(StartupInfo)); Of the several fields in STARTUPINFO, field ‘cb’ must be set to the size of the STARTUPINFO structure. • Following call will launch the notepad with readme.txt file opened in it. STARTUPINFO StartupInfo; PROCESS_INFORMATION ProcInfo; memset (&StartupInfo, 0, sizeof (STARTUPINFO)); StartupInfo.cb = sizeof (STARTUPINFO); ::CreateProcess ("notepad.exe", _T("readme.txt"),NULL,NULL,FALSE,0,NULL,NULL, &StartupInfo, &ProcInfo); If application path is not in your PATH environment variable then you need to specify to append the complete path to the application name, e.g. “C:\\Windows\\System32\\notepad.exe”. Note the use of double back-slash in the path string. Running A Console Application Silently • To run a console application without starting the associated command prompt, you need to set following

two fields of STARTUPINFO before calling the CreateProcess function. StartupInfo.dwFlags = STARTF_USESHOWWINDOW; StartupInfo.wShowWindow = SW_HIDE; Both these fields are of DWORD type. The first field dwFlags informs the application that we are setting window display information while second field wShowWindow sets the window to hide. Killing A Process • The Win32 API function used to kill a process is:

HOW TO CREATE AND KILL PROCESSES USING WIN32 API

Prepared by: Syed Feroz Zainvi Available at: http://www.computer-science-notes.blogspot.com E-mail: zainvi.sf@gmail.com

BOOL TerminateProcess(HANDLE hProcess, UINT fuExitCode); • Before we can call this function, we require handle to the process. This is done using OpenProcess

function and passing process id as contained in the PROCESS_INFORMATION structure returned by CreateProcess function call. Process id can be retrieved using other means also.

HANDLE hHandle; hHandle = ::OpenProcess(PROCESS_ALL_ACCESS,0,ProcInfo.dwProcessId ); • It is better to check the ExitCode returned by the child process. Following function does this: DWORD dwExitCode = 0; ::GetExitCodeProcess(hHandle,&dwExitCode); • The process is finally killed by TerminateProcess function as follows: If(dwExitCode == STILL_ACTIVE)

::TerminateProcess(hHandle,dwExitCode); Related Win32 API Functions • To wait until the child process has exited. ::WaitForSingleObject(ProcInfo.hProcess, INFINITE); • To change the process priority ::SetPriorityClass • To release the handles in ProcInfo. These functions will not terminate the process itself. CloseHandle(ProcInfo.hThread); and CloseHandle(ProcInfo.hProcess); End Notes • Besides Win32 API functions, following functions can also be used for creating and killing the

processes: o System() o WinExec() o ShellExecute() o PostMessage (WM_CLOSE)

But CreateProcess is the most powerful one. References • Code Project Website:

o Creating a process, and then killing it By ljp o Running console applications silently By Steven Szelei o Kill Application Using Win32 APIs By chaitanya shah

• Books: o Mastering Visual C++ 6, Michael J. Young, Sybex, Inc., ISBN: 0782122736 o Programming Applications for Microsoft Windows, Jeffrey Richter,ISBN 1-57231-996-8