没看明白,CreateProcessWithLogonW 第二个参数明明要求LPCWSTR,上面却用GetComputerNameA((LPSTR)&pcName,(LPDWORD)&nameSize);
来取ANSI的计算机名,下面又强制转为(LPCWSTR)&pcName,为什么不定义成WCHAR pcName[MAX_COMPUTERNAME_LENGTH + 1]然后用
GetComputerNameW来取计算机名呢?这样强制转换就算不出错也是严重的逻辑错误,还有si结构体中的三个handle(hStdError、hStdInput、hStdOutput)是做为参数送进去做重定向的,前面赋值都没有赋值,后面CloseHandle哪门子的句柄呢?还是先好好看看各个API的说明再来说别人句柄泄不泄漏吧。
使用LOGON_WITH_PROFILE参数时,微软的说明如下:
Log on, then load the user profile in the HKEY_USERS registry key. The function returns after the profile is loaded. Loading the profile can be time-consuming, so it is best to use this value only if you must access the information in the HKEY_CURRENT_USER registry key.
Windows Server 2003: The profile is unloaded after the new process is terminated, whether or not it has created child processes.
Windows XP: The profile is unloaded after the new process and all child processes it has created are terminated.
There is a limit to the number of child processes that can be created by this function and run simultaneously. For example, on Windows XP, this limit is MAXIMUM_WAIT_OBJECTS*4. However, you may not be able to create this many processes due to system-wide quota limits.
请看25楼那位兄弟的回复,再看看这个:
Windows Server 2003: The profile is unloaded after the new process is terminated, whether or not it has created child processes.
Windows XP: The profile is unloaded after the new process and all child processes it has created are terminated.
There is a limit to the number of child processes that can be created by this function and run simultaneously. For example, on Windows XP, this limit is MAXIMUM_WAIT_OBJECTS*4. However, you may not be able to create this many processes due to system-wide quota limits.
另外建议先把你的程序改好,句柄有则关闭,无则加勉,看起来没什么关系,最多就是多写句话,但是在程序逻辑里不该有的就是不能有,这种习惯即让你自己将来理解起来困难,别人看你的代码也会莫名其妙。
另外按MSDN的说明,第六个参数你至少应该定义为一个可读写的字符串变量再传递进去,否则可能引起错误,只所以没有出错是因为你的编译器在编译时可能把L"C:\\Users\\Administrator\\Desktop\\selfDestroy.exe"这个字符串放在了可读写的初始节内,尽管这样,它仍有可能被改变,导致下次循环时送进去的参数就不是你设想的这个字符串,还是尽量遵守API的调用说明吧。
lpCommandLine [in, out, optional]
The command line to be executed. The maximum length of this string is 1024 characters. If lpApplicationName is NULL, the module name portion of lpCommandLine is limited to MAX_PATH characters.
The function can modify the contents of this string. Therefore, this parameter cannot be a pointer to read-only memory (such as a const variable or a literal string). If this parameter is a constant string, the function may cause an access violation.