Search code examples
c#createprocesslate-bindingkernel32argumentnullexception

Late binding on CreateProcess with C# returns null value

I'm trying to use late binding on CreateProcess function in kernel32.dll, however, it returns a null value unlike any other function.

Here's the code I'm using for the late binding

public abstract class LateBinding
{
    [DllImport("kernel32.dll", CharSet = CharSet.Auto, BestFitMapping = false, SetLastError = true), SuppressUnmanagedCodeSecurity()]
    private static extern LBHandle LoadLibrary(string fileName);

    [DllImport("kernel32.dll"), SuppressUnmanagedCodeSecurity()]
    private static extern IntPtr GetProcAddress(LBHandle hModule, string procname);

    private Delegate Result = default(Delegate);

    public Delegate Call(string library, string method, Type type)
    {
        LBHandle Lib = LoadLibrary(library);
        if (!Lib.IsInvalid && !Lib.IsClosed)
        {
            Result = Marshal.GetDelegateForFunctionPointer(GetProcAddress(Lib, method), type);                
            Lib.Close();
        }
        return Result;
    }
}

[SecurityPermission(SecurityAction.LinkDemand, UnmanagedCode = true)]
public sealed class LBHandle : SafeHandleZeroOrMinusOneIsInvalid
{
    [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
    [DllImport("kernel32.dll", SetLastError = true)]
    [return: MarshalAs(UnmanagedType.Bool)]
    private static extern bool FreeLibrary(IntPtr hModule);

    private LBHandle() : base(true) { }

    protected override bool ReleaseHandle()
    {
        return FreeLibrary(handle);
    }
}

and this how I invoke the function

private delegate bool dCreateProcess(string applicationName, string commandLine, IntPtr processAttributes, IntPtr threadAttributes, bool inheritHandles, uint creationFlags, IntPtr environment, string currentDirectory, ref STARTUP_INFORMATION startupInfo, ref PROCESS_INFORMATION processInformation);
dCreateProcess CreateProcess = Call("kernel32.dll", "CreateProcess", typeof(dCreateProcess)) as dCreateProcess;
Solution

  • There is no function named CreateProcess in kernel32. It exists in two versions CreateProcessA (ANSI) and CreateProcessW (Unicode). You can see that at the button the documentation for CreateProcess on MSDN.

    This is not unique to CreateProcess almost every Win32 API function that takes a string will have an A and a W version.

    The following is what you want:

    dCreateProcess CreateProcess = Call("kernel32.dll", "CreateProcessW", typeof(dCreateProcess)) as dCreateProcess;

    See also What is the difference between CreateProcess and CreateProcessA?