Something weird happens when I run my program. When I run it by using "Start Without Debugging" option in VS 2010, OpenProcess returns the process handle as usual, but when I run my program in Windows Explorer, OpenProcess always return 0?!! I called GetLastError and it returns 6 (INVALID_HANDLE_VALUE) in both case. I'm using Windows XP SP3 Could anybody help me please? Here is the code I wrote:
HANDLE GetProcessHandle(TCHAR* szProcessName)
{
//Get the snapshot of all processes in the system
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, NULL);
if (hSnap == INVALID_HANDLE_VALUE)
{
return INVALID_HANDLE_VALUE;
}
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
//Get the information of the first process
if (!Process32First(hSnap, &pe32))
{
CloseHandle(hSnap);
return INVALID_HANDLE_VALUE;
}
//Loop through all processes
do
{
if (_tcscmp(szProcessName, pe32.szExeFile) == 0)
{
//Got the process ID
CloseHandle(hSnap);
printf("sz = %s; exe = %s; pid = %d\n", szProcessName, pe32.szExeFile, pe32.th32ProcessID);
//Error here, correct PID was found in both case
return OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
}
}
while (Process32Next(hSnap, &pe32));
CloseHandle(hSnap);
return INVALID_HANDLE_VALUE;
}
To open a handle to another local process and obtain full access rights, you must enable the SeDebugPrivilege privilege.
VS2010 has this privilege, but the explore doesn't. Since your program is a child process, it will inherit privilege from parents.
For details, check this MSDN doc.