Windows API Browser

System Functions

Registry Functions

File I/O Functions

Windows API Browser

CreateProcess

Creates a new process and its primary thread in the calling process's address space.

BOOL CreateProcess( _In_opt_ LPCTSTR lpApplicationName, _Inout_opt_ LPTSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCTSTR lpCurrentDirectory, _In_ LPSTARTUPINFO lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation );

Parameters

lpApplicationName
The name of the module to be executed. This string must be a fully qualified path. If this parameter is NULL, the module name is taken from the command line string specified by the lpCommandLine parameter.
lpCommandLine
The command line string for the new process. This parameter must be a null-terminated string. The value of this parameter is used to parse command-line arguments and any data passed to the new program.
lpProcessAttributes
A pointer to a SECURITY_ATTRIBUTES structure that specifies the security attributes for the new process. If NULL, the Windows default security descriptor is used.
lpThreadAttributes
A pointer to a SECURITY_ATTRIBUTES structure that specifies the security attributes for the new thread. If NULL, the Windows default security descriptor is used.
bInheritHandles
If this parameter is TRUE, the calling process's environment variables are inherited by the new process. Otherwise, the new process has its own copy of the environment variables from the calling process.
dwCreationFlags
Flags that control the priority class and behavior of the new process.
lpEnvironment
A pointer to the environment block for the new process. If NULL, the new process inherits the environment of the calling process.
lpCurrentDirectory
The fully qualified path of the directory that contains the executable image and that serves as the base path of files in the executable image. If NULL, the new process inherits the current directory of the calling process.
lpStartupInfo
A pointer to a STARTUPINFO structure that specifies the window station, standard handles, and appearance of the main window for the new process.
lpProcessInformation
A pointer to a PROCESS_INFORMATION structure that receives identification information about the new process and its primary thread.

Return Value

If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

The lpCommandLine parameter can be NULL. If lpApplicationName is not NULL, lpCommandLine should be NULL. Otherwise, lpCommandLine must point to a null-terminated string that contains the command-line arguments for the application to be executed.

If lpApplicationName is NULL, the first component of lpCommandLine is the name of the module to be executed. If lpApplicationName is not NULL, it specifies the module to be executed. This parameter can be a full path, or it can be a relative path if it is the first component of the command line string.

Note: For Unicode applications, use CreateProcessW. For ANSI applications, use CreateProcessA. The CreateProcess macro selects the appropriate function based on your project's UNICODE preprocessor definition.

VirtualAlloc

Reserves or commits a region of pages in the virtual address space of the calling process.

LPVOID VirtualAlloc( _In_opt_ LPVOID lpAddress, _In_ SIZE_T dwSize, _In_ DWORD flAllocationType, _In_ DWORD flProtect );

Parameters

lpAddress
The starting address of the region to allocate. If this is the first time memory is being allocated for this region, lpAddress should be NULL. If lpAddress is not NULL, it should be a previously committed page boundary in the virtual address space.
dwSize
The size, in bytes, of the region of memory to allocate. If lpAddress is NULL, the system determines where to allocate the region. If lpAddress is not NULL, the system allocates the region starting at lpAddress and of size dwSize.
flAllocationType
The type of memory allocation. This parameter can be one of the following values: MEM_COMMIT, MEM_RESERVE, or a combination of MEM_COMMIT | MEM_RESERVE.
flProtect
The memory protection for the region of pages to be allocated. This parameter can be one of the following values: PAGE_EXECUTE, PAGE_EXECUTE_READ, PAGE_EXECUTE_READWRITE, PAGE_EXECUTE_WRITECOPY, PAGE_NOACCESS, PAGE_READONLY, PAGE_READWRITE, PAGE_WRITECOPY.

Return Value

If the function succeeds, the return value is the base address of the allocated region of pages. If the function fails, the return value is NULL.

Remarks

This function reserves, commits, or both reserves and commits a region of pages in the process's virtual address space.

Call VirtualFree to free memory allocated by this function.

Important: When specifying MEM_RESERVE, the system determines where to allocate the region. Use the lpAddress parameter to specify the starting address.

ReadFile

Reads data from the specified file or input/output (I/O) device.

BOOL ReadFile( _In_ HANDLE hFile, _Out_ LPVOID lpBuffer, _In_ DWORD nNumberOfBytesToRead, _Out_opt_ LPDWORD lpNumberOfBytesRead, _Inout_opt_ LPOVERLAPPED lpOverlapped );

Parameters

hFile
A handle to the file or device to be read.
lpBuffer
A pointer to the buffer that receives the data read from a file or device.
nNumberOfBytesToRead
The maximum number of bytes to be read.
lpNumberOfBytesRead
A pointer to a variable that receives the number of bytes actually read.
lpOverlapped
A pointer to an OVERLAPPED structure that is used for file asynchronous operations.

Return Value

If the function succeeds, the return value is nonzero. If the function fails, the return value is zero.

Remarks

This function is used for reading from files, devices, and pipes.

For asynchronous operations, use the OVERLAPPED structure.

Warning: Ensure that the buffer pointed to by lpBuffer is large enough to hold the data being read.