6

I was reading about CreateProcess function in c++ and I wanted to try it. Basic idea of the code is to have my main execute another process (notepad). Really, it’s just the basic code. When I run the program, I get:

First-chance exception at 0x752bb763 in createprocess.exe: 0xC0000005: Access violation writing location 0x00be57b8.
Unhandled exception at 0x752bb763 in createprocess.exe: 0xC0000005: Access violation writing location 0x00be57b8.

When I make a break point for where the error occurs, I get taken to tidtable.c (which is for accessing threads, I guess). Specifically in tidtable.c at CRTIMP PFLS_GETVALUE_FUNCTION __cdecl __set_flsgetvalue() I really don’t know what or how to avoid this problem. The error occurs with the CreateProcess call (ie, it never outputs the “out of create”).

My code is:

#include "stdafx.h"
#include <stdio.h>
#include <windows.h>
#include <strsafe.h>
#include <direct.h>
#include <string.h>
#include <conio.h>

int main(VOID)
{
    STARTUPINFO si;
    PROCESS_INFORMATION pi;

        //allocate memory
    ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
ZeroMemory(&pi, sizeof(pi));


fprintf(stderr, "This is just a test");

//create child process
if (!CreateProcess(NULL,
    L"C:\\Windows\\Notepad.exe",
    NULL,
    NULL,
    FALSE,
    0,
    NULL,
    NULL,
    &si,
    &pi))
{
        fprintf(stderr, "create process failed");

        return -1;
}
fprintf(stderr, "out of create");

    //parent waits for child to complete
WaitForSingleObject(pi.hProcess, INFINITE);

fprintf(stderr, "after wait");

printf("Child Complete");

    //close handle
CloseHandle(pi.hProcess);
//  CloseHandle(pi.hthread);

}

If anyone knows how to overcome this problem, your help would be appreciated.

Robᵩ
  • 163,533
  • 20
  • 239
  • 308
Favn Hghksd
  • 321
  • 6
  • 14
  • 1
    See http://blogs.msdn.com/b/oldnewthing/archive/2009/06/01/9673254.aspx I edited that into Ervin's answer. – 0xC0000022L Apr 09 '12 at 14:24
  • 1
    The link to the article "Why does the CreateProcess function modify its input command line?" posted by @0xC0000022L will redirect you to its TOC. The new link is: https://devblogs.microsoft.com/oldnewthing/20090601-00/?p=18083 – li ki May 18 '21 at 07:04

2 Answers2

21

The problem is that the second parameter of the CreateProcess function is an in/out parameter.

If you specify it as a string like you did, it is a constant string and the function when it is called cannot write to the memory location, thus you have a memory access violation. The correct way is to call your function like this:

LPTSTR szCmdline = _tcsdup(TEXT("C:\\Windows\\Notepad.exe"));

//create child process
if (!CreateProcess(NULL,
    szCmdline,
    NULL,
    NULL,
    FALSE,
    0,
    NULL,
    NULL,
    &si,
    &pi))
{
    fprintf(stderr, "create process failed");

    return -1;
}

You may also want to read this blog article.

0xC0000022L
  • 20,597
  • 9
  • 86
  • 152
ervinbosenbacher
  • 1,720
  • 13
  • 16
1

The 2nd arg to CreateProcess cannot be const or a literal string because the func attempts to modify the string. Copy the literal to a local array and then pass that as the 2nd arg.

Marc Sherman
  • 2,303
  • 14
  • 22
  • Only true for the Unicode version! The ANSI version does not have this, because the buffer with the converted string is always writable. – 0xC0000022L Apr 09 '12 at 14:22