We will look at how to launch a Windows executable and call the CreateProcess function using C in this tutorial.
What is a CreateProcess?
The CreateProcess function in C is used to create a new independent process. This new process is launched using an executable file, which contains instructions and options to perform a task on the computer. Despite being present on a majority of modern operating systems, executable files are frequently connected using the Windows EXE file format.
How to Call CreateProcess in C to Launch a Windows Executable?
The CreateProcess function is useful in C programming for launching new processes in Windows. The function takes several arguments, which are defined by the syntax provided below. This syntax includes several parameters that are marked as optional, meaning they can be omitted if not needed.
[in, optional] LPCSTR lpApplicationName,
[in, out, optional] LPSTR lpCommandLine,
[in, optional] LPSECURITY_ATTRIBUTES lpProcessAttributes,
[in, optional] LPSECURITY_ATTRIBUTES lpThreadAttributes,
[in] BOOL bInheritHandles,
[in] DWORD dwCreationFlags,
[in, optional] LPVOID lpEnvironment,
[in, optional] LPCSTR lpCurrentDirectory,
[in] LPSTARTUPINFOA lpStartupInfo,
[out] LPPROCESS_INFORMATION lpProcessInformation
);
Details About Parameters
lpApplicationName: This argument specifies the name of the executable to be launched. If it is set to NULL, CreateProcess will use the name provided in the lpCommandLine argument.
lpCommandLine: A pointer to the command line string that is used for specifying the command which needs to be executed. If lpApplicationName is not NULL, the command line should begin with the application name.
lpProcessAttributes and lpThreadAttributes: Optional parameters that allow the caller to specify security attributes for the new process and thread objects. If NULL is provided, the new process and thread objects are created without any security attributes.
bInheritHandles: Specifies when a new process should inherit handles from a calling process. If TRUE, the new process will inherit all of the calling process’s handles.
dwCreationFlags: Flags that are used to control the creation of a new process. This parameter can be used to create a new process with a different priority or to create a process that is hidden from the user.
lpEnvironment: A pointer towards an environment block for a new process. This parameter can be used to set environment variables for a new process.
lpCurrentDirectory: Identifies a current directory of a new process. If NULL, the new process will use a current directory of a calling process.
lpStartupInfo: The pointer to a STARTUPINFO structure that defines the new process’s desktop, window station, standard handles, as well as other attributes.
lpProcessInformation: A pointer to the PROCESS_INFORMATION structure which gets new process information such as its handle and ID.
What Does the CreateProcess Return?
If the CreateProcess function successfully runs, it returns the PROCESS_INFORMATION structure. It includes handles and identifiers for a new process as well as its primary thread. The thread and process handles get created with complete access rights, but access can be restricted by specifying security descriptors. After creating a process when we no longer need the handles we can close them by utilizing the CloseHandle function.
The following code describes the usage of CreateProcess in C to create a new windows executable process.
#include <stdio.h>
#include <tchar.h>
int _tmain( int argc, TCHAR *argv[] )
{
if(argc != 2)
{
printf("Hello Linux Hint Followers\n", argv[0]);
return 1;
}
STARTUPINFO stInfo;
PROCESS_INFORMATION proInfo;
ZeroMemory( &stInfo, sizeof(stInfo) );
stInfo.cb = sizeof(stInfo);
ZeroMemory( &proInfo, sizeof(proInfo) );
if(!CreateProcess(NULL, argv[1], NULL, NULL, FALSE, 0, NULL, NULL, &stInfo, &proInfo))
{
printf("CreateProcess failed (%d).\n", GetLastError());
return 0;
}
WaitForSingleObject( proInfo.hProcess, INFINITE );
CloseHandle(proInfo.hProcess);
CloseHandle(proInfo.hThread);
return 0;
}
The code checks if there is one argument passed in the command line. If there is only one argument passed, it starts the process by calling CreateProcess with the argument passed in. If CreateProcess returns false, it prints an error message along with the error code, and the program returns with a non-zero value. If CreateProcess succeeds, the code waits for the process to finish using WaitForSingleObject and closes the process and thread handles using CloseHandle.
How to Run the Code
To run the above code, you have to paste the code inside the text file and then rename the file according to your choice with the .c extension. The files should be created in the user directory.
After that, you have to run the file using the following command:
Note: Replace the source_file and output_file names in the above command.
Here in my case, the source file is komal.c, while the output file we want to generate is with the name komal.exe.
After the successful execution of the above code komal.c, it will create an exe file named komal.exe on the system.
Now we will use komal.exe to execute another exe file program.exe. It will print Komal Batool in the console. Note that the program.exe is created by compiling another program.
Conclusions
In C programming, the CreateProcess function is used to start a new process that works independently from the original process. This guide can help programmers use the CreateProcess function to open a Windows program. They will find the necessary instructions on how to write the CreateProcess code correctly, and what information they need to give the function a go.