Process IdentitiesA process can obtain the identity and handle of a new child process from the PROCESS_INFORMATION structure. Closing the child handle does not, of course, destroy the child process; it destroys only the parent's access to the child. A pair of functions obtain current process identification.HANDLE GetCurrentProcess (VOID)DWORD GetCurrentProcessId (VOID)GetCurrentProcess actually returns a pseudohandle and is not inheritable. This value can be used whenever a process needs its own handle. You create a real process handle from a process ID, including the one returned by GetCurrent- ProcessId, by using the OpenProcess function. As is the case with all sharable objects, the open call will fail if you do not have sufficient security rights.HANDLE OpenProcess (DWORD dwDesiredAccess,BOOL bInheritHandle,DWORD dwProcessId)Return: A process handle, or NULL on failure.ParametersdwDesiredAccess determines the handle's access to the process. Some of the values are as follows.
bInheritHandle specifies whether the new process handle is inheritable. dwProcessId is the identifier of the process to be opened, and the returned process handle will reference this process. Finally, a running process can determine the full pathname of the executable used to run it with GetModuleFileName or GetModuleFileNameEx, using a NULL value for the hModule parameter. A call with a non-null hModule value will return the DLL's file name, not that of the .EXE file that uses the DLL.Duplicating HandlesThe parent and child processes may require different access to an object identified by a handle that the child inherits. A process may also need a real, inheritable process handle-rather than the pseudohandle produced by GetCurrent- Process-for use by a child process. To address this issue, the parent process can create a duplicate handle with the desired access and inheritability. Here is the function to duplicate handles:BOOL DuplicateHandle (HANDLE hSourceProcessHandle,HANDLE hSourceHandle,HANDLE hTargetProcessHandle,LPHANDLE lphTargetHandle,DWORD dwDesiredAccess,BOOL bInheritHandle,DWORD dwOptions)Upon completion, lphTargetHandle receives a copy of the original handle, hSourceHandle. hSourceHandle is a handle in the process indicated byhSourceProcessHandle and must have PROCESS_DUP_HANDLE access; DuplicateHandle will fail if the source handle does not exist in the source process. The new handle, which is pointed to by lphTargetHandle, is valid in the target process, hTargetProcessHandle. Note that three processes are involved, including the calling process. Frequently, these target and source processes are the calling process, and the handle is obtained from GetCurrentProcess. Also notice that it is possible, but generally not advisable, to create a handle in another process; if you do this, you then need a mechanism for informing the other process of the new handle's identity. DuplicateHandle can be used for any handle type.If dwDesiredAccess is not overridden by DUPLICATE_SAME_ACCESS in dwOptions, it has many possible values (see MSDN). dwOptions is any combination of two flags.
Reminder: The Windows kernel maintains a reference count for all objects; this count represents the number of distinct handles referring to the object. This count is not available to the application program. An object cannot be destroyed (e.g., deleting a file) until the last handle is closed and the reference count becomes zero. Inherited and duplicate handles are both distinct from the original handles and are represented in the reference count. Program 6-1, later in the chapter, uses inheritable handles. Next, we learn how to determine whether a process has terminated. Exiting and Terminating a ProcessAfter a process has finished its work, the process (actually, a thread running in the process) can call ExitProcess with an exit code. VOID ExitProcess (UINT uExitCode)This function does not return. Rather, the calling process and all its threads terminate. Termination handlers are ignored, but there will be detach calls to DllMain (see Chapter 5). The exit code is associated with the process. A return from the main program, with a return value, will have the same effect as calling ExitProcess with the return value as the exit code. Another process can use GetExitCodeProcess to determine the exit code.BOOL GetExitCodeProcess (HANDLE hProcess,LPDWORD lpExitCode)The process identified by hProcess must have PROCESS_QUERY_INFORMATION access (see OpenProcess, discussed earlier). lpExitCode points to the DWORD that receives the value. One possible value is STILL_ACTIVE, meaning that the process has not terminated. Finally, one process can terminate another process if the handle has PROCESS_TERMINATE access. The terminating function also specifies the exit code. Caution: Before exiting from a process, be certain to free all resources that might be shared with other processes. In particular, the synchronization resources of Chapter 8 (mutexes, semaphores, and events) must be treated carefully. SEH (Chapter 4) can be helpful in this regard, and the ExitProcess call can be in the handler. However, _finally and _except handlers are not executed when ExitProcess is called, so it is not a good idea to exit from inside a program. TerminateProcess is especially risky because the terminated process will not have an opportunity to execute its SEH or DLL DllMain functions. Console control handlers (Chapter 4 and later in this chapter) are a limited alternative,allowing one process to send a signal to another process, which can then shut itself down cleanly.Program 6-3 shows a technique whereby processes cooperate. One process sends a shutdown request to a second process, which proceeds to perform an orderly shutdown. UNIX processes have a process ID, or pid, comparable to the Windows process ID. getpid is similar to GetCurrentProcessId, but there are no Windows equivalents to getppid and getgpid because Windows has no process parents or UNIX-like groups.Conversely, UNIX does not have process handles, so it has no functions comparable to GetCurrentProcess or OpenProcess. UNIX allows open file descriptors to be used after an exec if the file descriptor does not have the close-on-exec flag set. This applies only to file descriptors, which are then comparable to inheritable file handles. UNIX exit, actually in the C library, is similar to ExitProcess; to terminate another process, signal it with SIGKILL.Waiting for a Process to TerminateThe simplest, and most limited, method to synchronize with another process is to wait for that process to complete. The general-purpose Windows wait functions introduced here have several interesting features.
The two general-purpose wait functions wait for synchronization objects to become signaled. The system sets a process handle, for example, to the signaled state when the process terminates or is terminated. The wait functions, which will get lots of future use, are as follows:DWORD WaitForSingleObject (HANDLE hObject,DWORD dwMilliseconds)DWORD WaitForMultipleObjects (DWORD nCount,CONST HANDLE *lpHandles,BOOL fWaitAll,DWORD dwMilliseconds)Return: The cause of the wait completion, or 0XFFFFFFFF for an error (use GetLastError for more information).Specify either a single process handle (hObject) or an array of distinct object handles in the array referenced by lpHandles. nCount, the size of the array, should not exceed MAXIMUM_WAIT_OBJECTS (defined as 64 in winnt.h). dwMilliseconds is the time-out period in milliseconds. A value of 0 means that the function returns immediately after testing the state of the specified objects, thus allowing a program to poll for process termination. Use INFINITE for no time-out to wait until a process terminates. fWaitAll, a parameter of the second function, specifies (if TRUE) that it is necessary to wait for all processes, rather than only one, to terminate. The possible successful return values for this function are as follows.
Determine the exit code of a process using GetExitCodeProcess, as described in the preceding section. Environment Blocks and StringsFigure 6-1 includes the process environment block. The environment block contains a sequence of strings of the form Name = Value Each environment string, being a string, is NULL-terminated, and the entire block of strings is itself NULL-terminated. PATH is one example of a commonly used environment variable. To pass the parent's environment to a child process, set lpEnvironment to NULL in the CreateProcess call. Any process, in turn, can interrogate or modify its environment variables or add new environment variables to the block. The two functions used to get and set variables are as follows: DWORD GetEnvironmentVariable (LPCTSTR lpName,LPTSTR lpValue,DWORD cchValue)BOOL SetEnvironmentVariable (LPCTSTR lpName,LPCTSTR lpValue)lpName is the variable name. On setting a value, the variable is added to the block if it does not exist and if the value is not NULL. If, on the other hand, the value is NULL, the variable is removed from the block. The "=" character cannot appear in an environment variable name, since it's used as a separator.There are additional requirements. Most importantly, the environment block strings must be sorted alphabetically by name (case-insensitive, Unicode order).See MSDN for more details.GetEnvironmentVariable returns the length of the value string, or 0 on failure. If the lpValue buffer is not long enough, as indicated by cchValue, then the return value is the number of characters actually required to hold the complete string. Recall that GetCurrentDirectory (Chapter 2) uses a similar mechanism.