VC calls an external executable program

Method 1:
Winexec ("notepad.exe, sw_show ");
Method 2:
ShellExecute (null, "open", "notepad.exe", null, null, sw_showmaximized)
Method 3:
Startupinfo Si;
: Zeromemory (& Si, sizeof (startupinfo ));
Si. cb = sizeof (startupinfo );
Process_information PI;

If (: CreateProcess (null, _ T ("notepad.exe"), null, null, false, normal_priority_class, null, null, & Si, & PI ))
{
: Closehandle (PI. hthread );
: Waitforsingleobject (PI. hprocess );

}

CreateProcess, createprocessasuser, createprocesswithlogonw
Security Evaluation
The first parameter lpapplicationname can be null. In this case, the name of the executable program must be the first string separated by spaces in lpcommandline. However, if the name or path name of the executable program contains spaces, there is a certain risk, because if the space is not properly handled, malicious executable programs may run. The following example is dangerous. In this example, run the program program.exe.pdf (if the program exists, it is not foo.exe ".

CreateProcess (null, "C: \ Program Files \ foo ",...)

If a malicious user wants to create a trojan program named program program.exe in the system, any program that uses the "Program Files" directory to call CreateProcess incorrectly will start the trojan program, not the application to be called.

Do not pass NULL for lpapplicationname to avoid the function from analyzing and determining the executable file path based on its runtime parameters. Otherwise, if lpapplicationname is null, the executable path in lpcommandline is enclosed in quotation marks, as shown in the following example.

CreateProcess (null, "\" C: \ Program Files \ foo.exe \ "-l-S ",...)

Winexec
Security Evaluation
The executable name is considered as the first string in the lpcmdline that is separated by spaces. However, if the name or path name of the executable program contains spaces, there is a certain risk, because if the space is not properly handled, malicious executable programs may run. The following example is dangerous. In this example, run the program program.exe.pdf (if the program exists, it is not foo.exe ".

Winexec ("C: \ Program Files \ foo ",...)
If a malicious user wants to create a trojan program named program program.exe in the system, any program that uses the "Program Files" directory to call winexec incorrectly will start the trojan program, not the application to be called.

For security, we strongly recommend that you use CreateProcess instead of winexec. However, if you must use winexec due to a legacy issue, you must enclose the application name in quotation marks, as shown in the following example:

Winexec ("\" C: \ Program Files \ foo.exe \ "-l-S ",...)

System
Winexec
ShellExecute
CreateProcess

Note: The first parameter path backslash of winexec () should be a double backslash.

Return Value:

 

If the function is successfully called, the return value is greater than 31. If the function call fails, the return value is one of the following:
① 0: The system memory or resources are used up.
② Error_bad_format: the EXE file is invalid (non-win32.exe or. EXE image error ).
③ Error_file_not_found: the specified file is not found.
④ Error_path_not_found: the specified path is not found.
 
More than 31 {successful call}
Equal to 0 {insufficient memory}
Error_file_not_found = 2; {file name error}
Error_path_not_found = 3; {path name error}
Error_bad_format = 11; {the EXE file is invalid}
 
// Optional values of the ucmdshow parameter:
Sw_hide = 0; {hide, and the taskbar is not minimized}
Sw_shownormal = 1; {display with the nearest size and position, activate}
Sw_normal = 1; {same as sw_shownormal}
Sw_showminimized = 2; {minimize, activate}
Sw_showmaximized = 3; {maximize, activate}
Sw_maximize = 3; {same as sw_showmaximized}
Sw_shownoactivate = 4; {display with the nearest size and position, not activated}
Sw_show = 5; {same as sw_shownormal}
Sw_minimize = 6; {minimized, not activated}
Sw_showminnoactive = 7; {same as sw_minimize}
Sw_showna = 8; {same as sw_shownoactivate}
Sw_restore = 9; {same as sw_shownormal}
Sw_showdefault = 10; {same as sw_shownormal}
Sw_max = 10; {same as sw_shownormal}

Differences between winexec, ShellExecute, and CreateProcessThe WinexecSimplest, ShellExecuteRatio WinexecFlexible, CreateProcessMost complex.

WinexecThere are two parameters: the first one specifies the path, and the last one specifies the display mode.

ShellExecuteYou can specify a working directory and search for file associations to directly open applications that do not need to be loaded with the file. ShellExecute can also open the webpage and start related emails to send emails.

CreateProcessThere are a total of ten parameters, but most of them can be replaced by null. It can specify the process's security attributes, Inheritance Information, class priority, and so on. If we want to get enough information about the new process and control the detailed attributes of the new process, to achieve this, we need to use the CreateProcess function. The usage is as follows:

Winexec

This function is the simplest and has only two parameters. The prototype is as follows:
Uint winexec (
Maid, // command path
Uint ucmdshow // display mode. There are 11 display modes. For details, refer to the showwindow function of msdn.
);

The usage is as follows:
Winexec ("notepad.exe", sw_show); // open notepad
Winexec ("d :\\ Program Files \ test \ test.exe", sw_showmaximized); // open test.exe in simplified format (note that the file name must be exactly the same in case)
Note that if you use the sw_showmaxmized method to load a program without the maximum button, such as calc (calculator), the normal form will not appear, but it has been added to the task list.

ShellExecute

The prototype is as follows:

Hinstance ShellExecute (
Hwnd, // parent window handle
Lpctstr lpoperation, // operation, opening method "edit", "lead E", "open", "find", "print", "null"
Lptstr lpfile, // file name, which can be added to the path above
Lptstr lpparameters, // Parameter
Lptstr lpdirectory, // Default Folder
Int nshowcmd // Display Mode
);

The usage is as follows:

ShellExecute (null, "open", "C: \ test.txt", null, null, sw_shownormal); // open the c: \ test.txt File
ShellExecute (null, "open", "http://www.google.com", null, null, sw_shownormal); // open the webpage www.google.com
ShellExecute (null, "Explore", "d: \ c ++", null, null, sw_shownormal); // open the Directory D: \ c ++
ShellExecute (null, "print", "C: \ test.txt", null, null, sw_hide); // print the file c: \ test.txt

Note: ShellExecute does not support targeted output.

CreateProcess

The prototype is as follows:

Bool CreateProcess (
Lptstr lpapplicationname, // name of the execution Program
Lptstr lpcommandline, // Parameter Line
// The following two parameters describe the security attributes of the created process and thread. If it is null, the default security attribute is used.
Lpsecurity_attributes lpprocessattributes, // process security attributes
Lpsecurity_attributes lpthreadattributes, // thread security attributes
Bool binherithandles, // inheritance flag
DWORD dwcreationflags, // create a flag
Lpvoid lpenvironment, // environment variable
Maid directory, // The initial directory where the process is running
Lpstartupinfo, // used to set various attributes when creating a sub-process
Lpprocess_information lpprocessinformation // used to receive relevant information after a process is created.
);

The usage is as follows:
Process_information PI; // information of the startup window
Startupinfo Si; // Process Information
Memset (& Si, 0, sizeof (SI ));
Si. cb = sizeof (SI );
Si. wshowwindow = sw_show;
Si. dwflags = startf_useshowwindow;
Bool fret = CreateProcess ("D: \ putty.exe", null, null, false, null, & Si, & PI );

As a result, I have designed three buttons to call three applications using these three functions, which are set in the onclick message of each button:

Winexec ("taskmgr", sw_normal); // call the System Task Manager
ShellExecute (null, "open", "C: \ readme.txt", "", "", sw_show); // open the README file in drive C.
Startupinfo Si = {sizeof (SI )};
Process_information PI;
CreateProcess (null, "cleanmgr", null, null, false, normal_priority_class, null, null, & Si, & PI); // call the system's disk cleanup Program