C++ CreateProcess fail receiving path from socket on Windows 7 (64)

Question

I'm trying to make a simple application controller using CreateProcess() function. The program receives te path of the program who will be executed by a socket and store it in to a char[] variable, later it sends the variable to a function who will execute it.

The error i'm getting is

Client: Received data is: C:\Windows\System32\calc.exe
Server: Bytes received: 30.
CreateProcess failed (123).

(2) = ERROR_FILE_NOT_FOUND

I tryed with doble slash (//) and i receive error (123)

Client: Received data is: C:\\Windows\\System32\\calc.exe
Server: Bytes received: 33.
CreateProcess failed (123).

(123) = ERROR_INVALID_NAME

The function who receive the path of program to execute:

bytesRecv = recv(m_socket, recvbuf, 200, 0);

if (bytesRecv == SOCKET_ERROR)
   printf("Server: recv() error %ld.\n", WSAGetLastError());
else
{
   printf("\nClient: Received data is: %s\n", recvbuf);
   printf("Server: Bytes received: %ld.\n", bytesRecv );
   NewProcess(1,LPWSTR(recvbuf)); // <---- Call to NewProcess function with path
}

and the function who start the process:

void NewProcess(int count,LPWSTR cmd)
{
    LPTSTR concatenation = _T(" ");
    LPTSTR cmdArgs = NULL;


    STARTUPINFO si;
    PROCESS_INFORMATION pi;

    ZeroMemory( &si, sizeof(si) );
    si.cb = sizeof(si);
    ZeroMemory( &pi, sizeof(pi) );
    si.wShowWindow = SW_HIDE;
    si.dwFlags = STARTF_USESHOWWINDOW;

    // Start the child process. 

    if( !CreateProcess( NULL,       // Program full path
    cmd,                    // Arguments
    NULL,                       // Process handle not inheritable
    NULL,                       // Thread handle not inheritable
    FALSE,                      // Set handle inheritance to FALSE
    0,                          // No creation flags
    NULL,                       // Use parent's environment block
    NULL,                       // Use parent's starting directory 
    &si,                        // Pointer to STARTUPINFO structure
    &pi )                       // Pointer to PROCESS_INFORMATION structure
    ) 
    {
        printf( "CreateProcess failed (%d).\n", GetLastError() );
        return;
    }

    // Wait until child process exits.

    WaitForSingleObject( pi.hProcess, INFINITE );
    printf("\nProcess ID: %d Terminated!",pi.dwProcessId);

    // Close process and thread handles.

    CloseHandle( pi.hProcess );
    CloseHandle( pi.hThread );
}

Can you tell me what's wrong, i supose is something about variable types, but i can't find the error.

Thanks in advance.

Answer 1

The problem is here:

LPWSTR(recvbuf)

You have cast the buffer to be a pointer to a wide character array, but it is not. We can tell that because just before you wrote:

printf("\nClient: Received data is: %s\n", recvbuf);

This means that recvbuf is a pointer to an 8 bit ANSI character array. Either use CreateProcessA, or convert from ANSI to UTF-16.

The lesson you should take away from this is that every time you cast a character array you are quite likely getting it wrong. The compiler presumably objected to you passing recvbuf because it correctly determined that recvbuf was in the wrong format. By casting you are simply suppressing the compiler and lying to it. Your cast does not make recvbuf be an LPWSTR. It is still LPSTR, but you've told the compiler to ignore that error.

You will need to be sure that recvbuf is null-terminated. If there is a transmission failure, and recvbuf is not null-terminated, then you have a buffer overrun condition.

Finally, escaping backslashes is something that you do in source code only.