Modify STARTUPINFO after CreateProcess

Question

I would like to be able to change the STARTUPINFO values, right after CreateProcess has been called (suspended).

So the new remote/child process can get custom GetStartupInfo values as soon as it starts.

How could I achieve this?

More Info:

I would like to pass arbitary data to the child process. Regarding to this article: http://www.catch22.net/tuts/undocumented-createprocess it is possible to do so with the reserved2 members from the STARTUPINFO structure. This method works but has a limit of 65536 bytes. A theoretical solution in order to pass more than 65536 bytes would be if you:

1. Create the process (suspended)
2. Alloc space with VirtualAllocEx in the child process
3. Write data > 65536 bytes to the child process with WriteProcessMemory
4. Change the reserved2 members with the address from Step 2
5. Resume the process
6. The child process calls GetStartupInfo and gets the data

Answer 1

I'm not aware of any supported way for you to do what you ask. However, I suggest an alternative solution to the root problem.

1. You should not be using lpReserved2 anyway since the documentation tells you to set it to NULL.
2. Have the parent process create a named memory mapped file.
3. Pass the name of this file mapping to the child process as a command line argument.

Indeed, there are many variants on this approach, but command line arguments are the way to pass information to a new process.