I'm currently writing some software that has two different programs using the winapi (a parser and an interpreter). I would like to call the parser from the interpreter, so I am using the CreateProcessA
function. However, when the parser tries to open a file, it throws a Permission Denied error, and I'm not too sure why.
Calling the parser on its own, and not from the interpreter, works perfectly fine.
According to CreateProcessA, "The new process runs in the security context of the calling process," so it seems like this other program shouldn't have any issues with permissions since I can open files from the interpreter.
Is there something that I'm missing with CreateProcessA
that would make it change file permissions for the child process?
Here is a snippet of code for the interpreter (note that I've left out error checking to make the code simpler to show here):
// These are just used to open pipes so I can extract stdout
SECURITY_ATTRIBUTES sec = {0};
sec.nLength = sizeof(SECURITY_ATTRIBUTES);
sec.bInheritHandle = TRUE;
sec.lpSecurityDescriptor = NULL;
HANDLE stdout_rd, stdout_wr;
CreatePipe(&stdout_rd, &stdout_wr, &sec, 0);
SetHandleInformation(stdout_rd, HANDLE_FLAG_INHERIT, 0);
STARTUPINFO startInfo = {0};
startInfo.cb = sizeof(startInfo);
startInfo.hStdError = stdout_wr;
startInfo.hStdOutput = stdout_wr;
startInfo.hStdInput = NULL;
startInfo.dwFlags |= STARTF_USESTDHANDLES;
PROCESS_INFORMATION processInfo = {0};
char *command = "parser /path/to/file.txt";
CreateProcessA(NULL, command, NULL, NULL, TRUE,
NORMAL_PRIORITY_CLASS, NULL, NULL, &startInfo, &processInfo);
// Do more stuff to print out stdout from child process
Here is a snippet of code from the parser:
int main(int argc, char **argv) {
// This call throws the error:
// Error: Permission denied
FILE *file = fopen(argv[1], "rb");
if (!file) {
printf("Error: %s\n", strerror(errno));
}
// Parse File
}
Here is a snippet of code from the interpreter that opens and closes the file.
HANDLE file = CreateFileA("/path/to/file.txt", GENERIC_READ,
0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
FILETIME writeTime = {0};
GetFileTime(file, NULL, NULL, &writeTime);
CloseHandle(file);
Thank you!
CodePudding user response:
I dont think that problem is in the file permissions. If you could write file somewhere, you clearly should be able to read it with the same access token. You could get Access Denied
error because file is still open by the interpreter process in the exclusive mode. You could either check that file is closed before calling CreateProcess
, or use CreateFile
to read and write with FILE_SHARE_*
flags. However it could lead to other errors, if interpreter does not complete all file write operations before parser tries to use it.
As an alternative to files in this scenario you could use memory mapped files (CreateFileMapping
, MapViewOfFile
), to share data buffers between different processes.