Search code examples
c++winapiopenprocess

Stuck with OpenProcess, always returns 0


Something weird happens when I run my program. When I run it by using "Start Without Debugging" option in VS 2010, OpenProcess returns the process handle as usual, but when I run my program in Windows Explorer, OpenProcess always return 0?!! I called GetLastError and it returns 6 (INVALID_HANDLE_VALUE) in both case. I'm using Windows XP SP3 Could anybody help me please? Here is the code I wrote:

HANDLE GetProcessHandle(TCHAR* szProcessName)
{
    //Get the snapshot of all processes in the system
    HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, NULL);
    if (hSnap == INVALID_HANDLE_VALUE)
    {
        return INVALID_HANDLE_VALUE;
    }

    PROCESSENTRY32 pe32;
    pe32.dwSize = sizeof(PROCESSENTRY32);

    //Get the information of the first process
    if (!Process32First(hSnap, &pe32))
    {
        CloseHandle(hSnap);
        return INVALID_HANDLE_VALUE;
    }

    //Loop through all processes
    do
    {
        if (_tcscmp(szProcessName, pe32.szExeFile) == 0)
        {
            //Got the process ID
            CloseHandle(hSnap);
            printf("sz = %s; exe = %s; pid = %d\n", szProcessName, pe32.szExeFile, pe32.th32ProcessID);
                            //Error here, correct PID was found in both case
            return OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
        }
    } 
    while (Process32Next(hSnap, &pe32));

    CloseHandle(hSnap);
    return INVALID_HANDLE_VALUE;
}

Solution

  • To open a handle to another local process and obtain full access rights, you must enable the SeDebugPrivilege privilege.

    VS2010 has this privilege, but the explore doesn't. Since your program is a child process, it will inherit privilege from parents.

    For details, check this MSDN doc.