Reputation: 980
What happen when you open/close a handle?
I'm introduced to C++. I'm confused about the idea of "handle" Here's a little snippet I wrote today:
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, a valid pid);
printf("%d", hProcess);
I find out that the output is "48" every time. It make sense, because handles are identifiers of resources like array indices. But even I replace PROCESS_ALL_ACCESS with other flags, the return value is still the same. What exactly happened when you open a handle? How does the Operating System know the access right of a handle? If handles are identifiers of resources, why doesn't the following code work?
HANDLE hProces = 48;
Furthermore, what happened when you call CloseHandle(hProcess)? why is the output still 48?
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, a valid pid);
CloseHandle(hProcess);
printf("%d\n", hProcess);
Upvotes: 3
Views: 2328
Answers (2)
Reputation: 15229
hProcess is just a value associated a process. The handle itsself is managed and associated with the process by the Operating System.
What exactly happened when you open a handle?
OpenProcess creates an entry in some data structure of the OS, does the initialization stuff, and associates the handle (48) with the entry.
How does the Operating System know the access right of a handle of a specific handle?
It stores them in a seperate data structure, which the handle refers to (e.g., if it's a table, the handle is an index into that table). The handle's value is independent of the access rights associated to it.
If handles are identifiers of resources, why doesn't the following code work?
HANDLE hProces = 48;
Because the OS hasn't added the corresponding entry yet, so the handle 48 isn't associated with anything.
As an example, if you did
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, a valid pid);
HANDLE alias = hProcess;
alias would refer to the same process as hProcess does.
why is the output still 48?
CloseHandle removes that entry from the data structure and disassociates the handle from the entry.1
Printing hProcess is well-defined. It is just a value, which is not augmented by CloseHandle. Only the associated entry is removed and with it the meaning of the handle (48) to the entry.
I think you can imagine the whole thing like this: there's a data structure, which contains data of your process, among it data for opened processes. The handles are "pointers" to these process entries. If a process entry exist, the handle points to some well-known process. However, if it does not, the handle does not point to a process. Just like with pointers:
char* ptr;
{
char c = 'a'; /* similar to the call to OpenProcess itsself */
ptr = &c; /* similar to hProcess initialized with the return value
* of OpenProcess */
} /* c goes out of scope, similar to CloseHandle */
1 As @IInspectable said in the comments to this answer, that's actually not quite true. The OS maintains a counter for the handle, which counts the number of entities referencing the associated process. OpenProcess and CloseHandle only increment/decrement that counter, respectively to make multiple "possessors" of the handle possible.
Upvotes: 5
Reputation: 1666
We could guess that the local variable hProcess is not changed by the CloseHandle function.
You have to check the return value of CloseHandle in order to know if this function worked or not, but you can't rely on the hProcess value.
Upvotes: 0
Related Questions
- WinAPI: who closes an inherited handle?
- Handle to window handle
- Checking and closing HANDLE
- Source of a HANDLE on windows
- Who's responsibility is it to call CloseHandle() for Thread handle
- What happens to the handle of a window when the latter is closed?
- Closing Handles/Stored Handles
- Duplicating a handle and closing the original one afterwards
- CloseHandle confusion - Must I call CloseHandle on multiple "copies" of a handle?
- Is it safe to "double-close" a handle using CloseHandle?