Core APIs

This section provides detailed documentation for the fundamental Windows API functions, essential for system-level programming and application development.

Process Management

CreateProcess

Creates a new process and its primary thread. The new process runs in the same address space of the calling process.

BOOL CreateProcess( LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFO lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation );
Parameters:
  • lpApplicationName: The name of the module to be executed.
  • lpCommandLine: The command line for the application.
  • lpProcessAttributes: Security attributes for the process.
  • lpThreadAttributes: Security attributes for the primary thread.
  • bInheritHandles: Whether to inherit handles.
  • dwCreationFlags: Flags that control the execution.
  • lpEnvironment: Pointer to the environment block.
  • lpCurrentDirectory: Pointer to the current directory.
  • lpStartupInfo: Pointer to a STARTUPINFO structure.
  • lpProcessInformation: Pointer to a PROCESS_INFORMATION structure.
Return Value:

TRUE if the function succeeds, FALSE otherwise.

TerminateProcess

Terminates the specified process and any threads that it owns.

BOOL TerminateProcess( HANDLE hProcess, UINT uExitCode );
Parameters:
  • hProcess: A handle to the process to be terminated.
  • uExitCode: The exit code for the process.
Return Value:

TRUE if the function succeeds, FALSE otherwise.

Memory Management

VirtualAlloc

Reserves, commits, or changes the state of a region of pages in the virtual address space of the calling process.

LPVOID VirtualAlloc( LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect );
Parameters:
  • lpAddress: The starting address of the region to allocate.
  • dwSize: The size, in bytes, of the region to allocate.
  • flAllocationType: The type of memory allocation.
  • flProtect: The memory protection for the region of pages.
Return Value:

Returns the base address of the allocated region if successful, or NULL otherwise.

HeapAlloc

Allocates a block of memory from a process's heap.

LPVOID HeapAlloc( HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes );
Parameters:
  • hHeap: A handle to the heap from which the memory will be allocated.
  • dwFlags: The allocation type.
  • dwBytes: The number of bytes to be allocated.
Return Value:

Returns a pointer to the allocated memory block if successful, or NULL otherwise.

File I/O

CreateFile

Creates or opens a file or I/O device.

HANDLE CreateFile( LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile );
Parameters:
  • lpFileName: The name of the file or device.
  • dwDesiredAccess: The desired access to the file or device.
  • dwShareMode: The desired sharing mode.
  • lpSecurityAttributes: Security attributes.
  • dwCreationDisposition: Action to take if file exists or not.
  • dwFlagsAndAttributes: File attributes and flags.
  • hTemplateFile: Handle to a template file.
Return Value:

A handle to the specified file or device, or INVALID_HANDLE_VALUE if the function fails.

ReadFile

Reads data from a specified file or input/output (I/O) device.

BOOL ReadFile( HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped );
Parameters:
  • hFile: A handle to the file or device.
  • lpBuffer: A buffer that receives the data read from the file or device.
  • nNumberOfBytesToRead: The maximum number of bytes to be read.
  • lpNumberOfBytesRead: A pointer to a variable that receives the number of bytes actually read.
  • lpOverlapped: A pointer to an OVERLAPPED structure.
Return Value:

TRUE if the function succeeds, FALSE otherwise.

WriteFile

Writes data to a specified file or I/O device.

BOOL WriteFile( HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped );
Parameters:
  • hFile: A handle to the file or device.
  • lpBuffer: A buffer containing the data to be written.
  • nNumberOfBytesToWrite: The number of bytes to write.
  • lpNumberOfBytesWritten: A pointer to a variable that receives the number of bytes actually written.
  • lpOverlapped: A pointer to an OVERLAPPED structure.
Return Value:

TRUE if the function succeeds, FALSE otherwise.

Threading

CreateThread

Creates a thread to execute within the virtual address space of the calling process.

HANDLE CreateThread( LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId );
Parameters:
  • lpThreadAttributes: Security attributes for the thread.
  • dwStackSize: The initial size of the stack.
  • lpStartAddress: Pointer to the application-defined function.
  • lpParameter: Pointer to a variable to be passed to the thread function.
  • dwCreationFlags: Flags that control the creation.
  • lpThreadId: Pointer to a variable that receives the thread identifier.
Return Value:

A handle to the newly created thread if the function succeeds, or NULL otherwise.

Synchronization

CreateMutex

Creates or opens a mutex object.

HANDLE CreateMutex( LPSECURITY_ATTRIBUTES lpMutexAttributes, BOOL bInitialOwner, LPCSTR lpName );
Parameters:
  • lpMutexAttributes: Security attributes for the mutex object.
  • bInitialOwner: If TRUE, the calling thread is given initial ownership of the mutex object.
  • lpName: The name of the mutex object.
Return Value:

A handle to the newly created mutex object if the function succeeds, or NULL otherwise.

WaitForSingleObject

Waits until the specified object is in the signaled state or the time-out interval elapses.

DWORD WaitForSingleObject( HANDLE hHandle, DWORD dwMilliseconds );
Parameters:
  • hHandle: A handle to the object.
  • dwMilliseconds: The time-out interval in milliseconds.
Return Value:

The return value indicates the reason for returning.

Registry

RegOpenKeyEx

Opens an existing registry key. If the key does not exist, the function can create it.

LONG RegOpenKeyEx( HKEY hKey, LPCSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult );
Parameters:
  • hKey: A handle to an open registry key.
  • lpSubKey: Name of the subkey to open.
  • ulOptions: Reserved; must be zero.
  • samDesired: Desired access rights to the key.
  • phkResult: Pointer to a variable that receives a handle to the opened key.
Return Value:

If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a system error code.