[rexor]

Hi, I'm particularly interested if someone is aware of what 0x20 flag means?

UPDATE

BOOL WINAPI CreateProcess(
_In_opt_ LPCTSTR lpApplicationName,
_Inout_opt_ LPTSTR lpCommandLine,
_In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes,
_In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes,
_In_ BOOL bInheritHandles,
_In_ DWORD dwCreationFlags,
_In_opt_ LPVOID lpEnvironment,
_In_opt_ LPCTSTR lpCurrentDirectory,
_In_ LPSTARTUPINFO lpStartupInfo,
_Out_ LPPROCESS_INFORMATION lpProcessInformation
);

So, dwCreationFlags is 0x20.

Thanks.

[N3mes1s]

http://www.catch22.net/tuts/undocumented-createprocess

STARTF_RUNFULLSCREEN 0x20 Indicates that the process should be run in full-screen mode, rather than in windowed mode.

[rexor]

I've updated the post, so it's not the parameter in the STARTUPINFO but rather CreationFlags param.

[N3mes1s]

uhm ok, i've searched on the net.

dwCreationFlags

A bitwise combination of the Win32 Process Creation Flags that control the priority class and the behavior of the launched process. For STARTUPINFOEX, the flag EXTENDED_STARTUPINFO_PRESENT is supported. See RtInitializeProcThreadAttributeList for more information.

http://www.intervalzero.com/library/RTX ... rocess.htm

[rexor]

So you are saying that EXTENDED_STARTUPINFO_PRESENT is 0x20?

After checking MSDN and links you've given and trying to sum various flags I still can not get 0x20.

If I'm wrong, please point me to the error.

[r2nwcnydc]

It means the process is created with normal priority class; NORMAL_PRIORITY_CLASS.

From winbase.h:

Code: Select all

//
// dwCreationFlag values
//

#define DEBUG_PROCESS                     0x00000001
#define DEBUG_ONLY_THIS_PROCESS           0x00000002

#define CREATE_SUSPENDED                  0x00000004

#define DETACHED_PROCESS                  0x00000008

#define CREATE_NEW_CONSOLE                0x00000010

#define NORMAL_PRIORITY_CLASS             0x00000020
#define IDLE_PRIORITY_CLASS               0x00000040
#define HIGH_PRIORITY_CLASS               0x00000080
#define REALTIME_PRIORITY_CLASS           0x00000100

#define CREATE_NEW_PROCESS_GROUP          0x00000200
#define CREATE_UNICODE_ENVIRONMENT        0x00000400

#define CREATE_SEPARATE_WOW_VDM           0x00000800
#define CREATE_SHARED_WOW_VDM             0x00001000
#define CREATE_FORCEDOS                   0x00002000

#define BELOW_NORMAL_PRIORITY_CLASS       0x00004000
#define ABOVE_NORMAL_PRIORITY_CLASS       0x00008000

#define STACK_SIZE_PARAM_IS_A_RESERVATION 0x00010000    // Threads only

#define INHERIT_CALLER_PRIORITY           0x00020000
#define CREATE_PROTECTED_PROCESS          0x00040000
#define EXTENDED_STARTUPINFO_PRESENT      0x00080000

#define PROCESS_MODE_BACKGROUND_BEGIN     0x00100000
#define PROCESS_MODE_BACKGROUND_END       0x00200000

#define CREATE_BREAKAWAY_FROM_JOB         0x01000000
#define CREATE_PRESERVE_CODE_AUTHZ_LEVEL  0x02000000

#define CREATE_DEFAULT_ERROR_MODE         0x04000000

#define CREATE_NO_WINDOW                  0x08000000

#define PROFILE_USER                      0x10000000
#define PROFILE_KERNEL                    0x20000000
#define PROFILE_SERVER                    0x40000000

#define CREATE_IGNORE_SYSTEM_DEFAULT      0x80000000