Start a paused process c++

i have this function:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
HANDLE Startpausedprocess(char *cmd, PHANDLE hthread)//Not const char* because CreateProcess may write on it
{
    PROCESS_INFORMATION pi;
    STARTUPINFOA si;//STARTUPINFOA is the ANSI version of STARTUPINFO.
    ZeroMemory(&si, sizeof(STARTUPINFOA));
    si.cb = sizeof(STARTUPINFOA);
 
    if (!CreateProcessA(NULL, cmd, NULL, NULL, false, CREATE_SUSPENDED, NULL, NULL, &si, &pi))//The flag "CREATE_SUSPENDED" will create the process and pause the main thread.
    {
        cout << "CreateProcess failed, " << GetLastError() << endl;
        return NULL;
    }
    *hthread = pi.hThread;
    return pi.hProcess;
}

First i dont understand well about:
CreateProcessA(NULL, cmd, NULL, NULL, false, CREATE_SUSPENDED, NULL, NULL, &si, &pi))

cmd -> it's the name of process i will create?

Second. how i can call this function since my main function, i can include my char like "mychar" in this case process but not sure how to include phandle:
1
2
3
4
int main(int argc, char *argv[])
{
Startpausedprocess("argument1",argument2);
}


Thanks in advance..
Last edited on
https://msdn.microsoft.com/en-us/library/windows/desktop/ms684863(v=vs.85).aspx

CREATE_SUSPENDED
0x00000004
The primary thread of the new process is created in a suspended state, and does not run until the ResumeThread function is called.

yes, cmd is window's command prompt program. You can run it as an executable.

I have no idea what you are trying to ask for #2. I think it relates to the resume command above

Last edited on
I mean how i can call phandle and in the first argument i can put "cmd.exe" to call example:
Startpausedprocess("cmd.exe",HERE WHAT I PUT TO CALL PHANDLE);

i was asking that i will check the link you put.
Last edited on
You have to read the documentation, but it is most likely the handle to the current process, which is returned from an aptly named function, something like (I don't know the exact function) phandle = getcurrentprocess();

it may be a handle to the suspended process, in which case, it should have been given to you somewhere along the way as you created it, but if not, there is a function to get it as well, and I don't know the exact name of that one either.

a fair number of the current process handle functions work fine with null. Some of them, this attaches to the windows main process instead of your program.


Last edited on
> cmd -> it's the name of process i will create?

It is the full command line: the name of (path to) the executable and the command line arguments if any.

> HERE WHAT I PUT TO CALL PHANDLE

The second argument is a pointer to the HANDLE of the thread; it receives the handle to the start up thread of the process. (That handle is required; at some point of time you would need to resume the suspended thread).

Example usage:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#include <iostream>
#include <windows.h>

HANDLE Startpausedprocess( char* cmd, PHANDLE ptr_thread ) // cleaned up a bit, but no RAII
{
    if( ptr_thread == nullptr ) return nullptr ;

    PROCESS_INFORMATION pi;
    STARTUPINFOA si {} ; // initialize with zeroes.
    si.cb = sizeof(STARTUPINFOA);

    if( !CreateProcessA( nullptr, cmd, nullptr, nullptr, false, CREATE_SUSPENDED,
                         nullptr, nullptr, std::addressof(si), std::addressof(pi) ) )
    {
        std::cerr << "CreateProcess failed, " << GetLastError() << '\n' ;
        *ptr_thread = nullptr ;
        return nullptr;
    }

    *ptr_thread = pi.hThread;
    return pi.hProcess;
}

int main()
{
    char cmd[] = "notepad.exe" ; // note: non-const (writeable array)
    HANDLE thread = nullptr ;
    auto process = Startpausedprocess( cmd, std::addressof(thread) ) ;

    if( process )
    {
        std::cout << "press enter to resume process... " && std::cin.get() ;
        ResumeThread(thread) ;

        CloseHandle(thread) ;
        CloseHandle(process) ;
    }
}
sorry i was wrong im checking
Last edited on
Topic archived. No new replies allowed.