6 Process Instance Handle6.1 once each EXE or DLL is loaded into memory, it is given a unique handle (HINSTANCE), which is passed in when the WinMain function is called. When it comes to getting application-related information (resources, paths), some need to pass in to the Hinstanc, some need to pass in hmodule, in fact Hinstanc and hmodule are exactly the same thing, which is caused by different data types on 16-bit Windows systems.
The first parameter of the WinMain function: How is the instance handle passed in? View CRTEXE.C source code, we will see the following codes
#ifdef wprflag Mainret = wWinMain (#else/ * Wprflag */ Mainret = WinMain (#endif/ * Wprflag * /( HINSTANCE) &__imagebase, NULL, lpszcommandline, startupinfo.dwflags & Startf_useshowwindow ? Startupinfo.wshowwindow : Sw_showdefault ); #else/ * _winmain_ */
The CRT calls our WinMain function here, and the incoming instance handle is: __imagebase address, go to its defined location
extern "C" Image_dos_header __imagebase;
Actually, the instance handle is the address of the DOS header that the PE file is loaded into memory, the CRT source code is visible, and the vc\crt\src\ can be seen under the VS installation path.
6.2 GetModuleHandle (Pctstr Pszmodule) two major points of attention:
1. The API only checks the address space of the master process, and if the pszmodule is not loaded by the main process, even if other processes load the Pszmodule, the call fails, returning null;
2, call the function in the DLL of the process, the returned hmodule is the memory base address of the EXE and not the memory base of the DLL.
7 Terminating a processFour different ways:
1, the main process entry function return (recommended way, the best way);
2, the process of a thread call exitprocess;
3, other process call terminateprocess;
4. All threads in the process die naturally (almost impossible).
7.1 Main Process entry function return, process termination process
However, after the main process WinMain function returns, the C run-time library startup code is returned, and all C runtime resources used by the process are properly cleaned up. When these resources are released, the C run-time startup code displays the call to ExitProcess and passes the process's WinMain function return value to it. As a result, all other processes running in the process will be terminated.
Calling exitprocess should not be displayed at any time, otherwise it is likely that the custom C + + object will not be released correctly.
7.2 terminateprocess Terminate Process
1. The function should only be used if the process cannot be terminated by another method;
2, the terminated process can not know that they will be terminated, although the process does not have the opportunity to perform the cleanup itself, but the system will be completely cleaned up after the process is terminated;
3, the TerminateProcess function is asynchronous, the function returns does not indicate that the process has been terminated, can be waitforsingleobject to wait for judgment.
7.3 Steps to perform when the process terminates the run
1. Terminate any threads left in the process;
2. Release all user objects and GDI objects allocated by the process, close all kernel objects and destroy if the kernel object reference count is 0;
3. The exit code of the process changes from still_active to exitprocess or terminateprocess parameters;
4, the Kernel object state of the process becomes the triggered state;
5, the Kernel object reference count of the process minus one, the reference count is 0, the kernel object is destroyed.
8 Process rights8.1 Windows only allows permission elevation on the process boundary, and once the process is started, it is too late to ask for more permissions. A process that does not elevate permissions can generate another elevated process, which will contain a COM server, and the new process will remain active. Thus, a process that does not have elevated privileges can send an IPC (inter-process communication) call to a process that has elevated privileges without having to open a new instance for elevated privileges and then terminate itself.
8.2 Manual Power-up method
The ShellExecuteEx function, which lpverb specified as "runas" in the SHELLEXECUTEINFO structure, also specifies a path to the executable file with permissions in Lpfile. Returns False,getlasterror () returns error_cancelled if the user denies elevated permissions. When a process runs with elevated privileges, all child processes that it creates have the same permissions and do not need to be ShellExecuteEx.
Not to be continued.
Windows core programming note (2)
