?
Solved

how not to pass environment to child process by using ShellExecute or ShellExecuteEx

Posted on 2016-08-19
16
Medium Priority
?
245 Views
Last Modified: 2016-09-13
Hi, experts
I have a question here, I was asked to do but I could not make it:

We are launching default browser using ShellExecute, when using url, with "open" verb, it automatically launch default browser.

Here is the problem for us:
It brings the environment from launching process. Which will causing some problems for the browser.

I have provided following solutions, which are all rejected by the code reviewer:

1>Set back to system environment before we call shellexecute, and then call set environment to restore the environment variables.
2>Using CMD, by using the command "cmd /c <set environments>&&start "link" "www.myurl.com",

1> rejected is because it can disturb calling process, 2>Rejected because it need another process.

We do not wanted to call createprocess, because that make things too complicated. So the question is

Anyone knows if there is a solutions to launch a process without inherit environments from parent process? Other than the way that I can think of.

Thank you for any help.

Evan
0
Comment
Question by:Evan Li
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
16 Comments
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41763306
If you want, in essence, a null environment (as opposed to setting the inheretence flag to null, which causes the launched process to inherit the parent's environment) simply create a "simple" environment and launch the process.

The mechanics of this are circuitously described in this link from Microsoft's MSDN site.

Specifically:
lpEnvironment [in, optional]
A pointer to the environment block for the new process. If this parameter is NULL, the new process uses the environment of the calling process.
An environment block consists of a null-terminated block of null-terminated strings. Each string is in the following form:
name=value\0
Because the equal sign is used as a separator, it must not be used in the name of an environment variable.
An environment block can contain either Unicode or ANSI characters. If the environment block pointed to by lpEnvironment contains Unicode characters, be sure that dwCreationFlags includes CREATE_UNICODE_ENVIRONMENT. If this parameter is NULL and the environment block of the parent process contains Unicode characters, you must also ensure that dwCreationFlags includes CREATE_UNICODE_ENVIRONMENT.
The ANSI version of this function, CreateProcessA fails if the total size of the environment block for the process exceeds 32,767 characters.
Note that an ANSI environment block is terminated by two zero bytes: one for the last string, one more to terminate the block. A Unicode environment block is terminated by four zero bytes: two for the last string, two more to terminate the block.
0
 

Author Comment

by:Evan Li
ID: 41763718
WalkaboutTigger:
Thank you for your answer, I knew createprocess can do that. But it does not launch default browser like shellexecute. Is there a verb, we can use for it to launch a default browser?

commandline:
start /c "link" "myurl.com"

can do that but we need CMD.exe

, the worry about cmd is that it could run a script automatically. I am not sure if it is a reasonable worry though.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41763914
Rather than risk an exploitation, would it not be prudent to read the registry, determine what the specified default browser's full pathname is and execute the browser and pass it the URL?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Evan Li
ID: 41764433
Different browser way you have use different parameter to launch URL, we do not know the new browser what format to launch URL, so this way was not approved. We need a smarter way to do this. Thanks.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41764653
The appropriate method of determining how a HTTP or HTTPS document is handled is to open HKey Classes Root and look at the Open value of the Shell subkey in the http and https keys.  If this value is blank or null, then you open these document types with no parameters in the default browser.  If these values are not null or empty, then they contain parameters needed to open and render the page.
0
 

Author Comment

by:Evan Li
ID: 41764755
By changing the default browser this registry does not change, I have attached the reg file from my windows 10 machine. Does not look like the right that it reflect default browser registry
shelregistry.reg
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41767265
Look at the Default value in
  HKey Current User\Software\Clients\StartMenu\Internet.

This will tell you the name of the default browser for the current user.

Then, look at the Default value in
  HKey Current User\Software\Classes\http\shell\open\command
or
  HKey Current User\Software\Classes\https\shell\open\command

The User settings always override the system settings which is why Group Policy for browsers is set at the User level.
0
 

Author Comment

by:Evan Li
ID: 41768197
HKey Current User\Software\Classes\http\shell\open\command
 or
   HKey Current User\Software\Classes\https\shell\open\command
When I change the default browser, the value here not in sync at all.
I found it one time but it was only progid. Not in this registry though
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41790523
To determine current default browser, look in the following registry location:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice

Open in new window


That will tell you the designation of the correct default browser 100% of the time.

The defined Default value there is a pointer to the entry in HKEY_CLASSES_ROOT

And the command for performing the open action will be in

HKEY_CLASSES_ROOT\xxxxxxxxxx\shell\open\command

Open in new window

in the (Default) value, where xxxxxxxxxx is the browser designation found in the above key.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41790534
And here is a VBScript to determine what the default browser is based on the value in the above-specified key.

wscript.echo browser 
 
Function Browser 
    Const HKEY_CURRENT_USER = &H80000001 
    Const strKeyPath = "Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice" 
    Const strValueName = "Progid" 
    Dim strValue, objRegistry, i 
' Browser list: 
    Dim blist(13,1) 
    blist(0,0) = "Internet Explorer"    : blist(0,1) = "ie"
    blist(8,0) = "Internet Explorer"    : blist(8,1) = "IE.HTTP"
    blist(11,0) = "Internet Explorer"    : blist(11,1) = "IE.AssocFile.HTM"
    blist(12,0) = "Internet Explorer"    : blist(12,1) = "IE.FTP"
    blist(13,0) = "Internet Explorer"    : blist(13,1) = "IE.HTTPS"
    blist(1,0) = "Edge"                    : blist(1,1) = "appxq0fevzme2pys62n3e0fbqa7peapykr8v" 
    blist(2,0) = "Firefox"                : blist(2,1) = "firefox" 
    blist(9,0) = "Firefox"                : blist(9,1) = "FirefoxURL"
    blist(10,0) = "Firefox"                : blist(10,1) = "FirefoxHTML"
    blist(3,0) = "Chrome"                : blist(3,1) = "chrome" 
    blist(4,0) = "Chrome"                : blist(3,1) = "ChromeHTML" 
    blist(5,0) = "Safari"                : blist(5,1) = "safari" 
    blist(6,0) = "Avant"                : blist(6,1) = "browserexeurl" 
    blist(7,0) = "Opera"                : blist(7,1) = "opera" 
    Set objRegistry = GetObject("winmgmts:\\.\root\default:StdRegProv") 
    objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue 
    If IsNull(strValue) Then 
        browser = "Internet Explorer (Windows standard)": Exit Function 
    Else 
        For i = 0 To Ubound (blist, 1) 
            If Instr (1, strValue, blist(i,1), vbTextCompare) Then
            	Browser = blist(i,0) & " - User choice"
            	strBrowserPath = strValue
            	strBrowserPath = strBrowserPath & "\shell\open\command"
            	objRegistry.GetStringValue HKEY_CLASSES_ROOT,strBrowserPath,"",strValue
            	Browser = Browser & vbCrLf & "Browser command is: " & strValue
            	Exit Function 
            End If
        Next 
    End If 
    browser = "Unknown web browser! (signature: '" & strValue & "')" 
End Function

Open in new window


I have tested this on Windows 7 Enterprise, Windows 7 Professional, Windows 10 Enterprise, and Windows 10 Pro.
0
 

Author Comment

by:Evan Li
ID: 41790736
Thank you a lot. You are right about this in Windows 10. But it is not working for Windows 7 pro.

under:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell
there are only 2 keys:
BagMRU
Bags

So there is no way I can for the path that you have given. I am not sure how you can do it for windows 7?

Thanks.

Evan
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 41793097
I am looking at 5 different Windows 7 Pro machines right now, and every one of them has the Associations key in Shell.

Tell me more about your Windows 7 Pro installation - is it a fresh install?  Is it using GPO's to set default registry?

Tell me what your goal is - because I can pretty much guarantee you that every FinTech software out there either uses a ShellExec method to launch the browser or specifies which browser and version of said browser they support.

ShellExec cannot launch an unauthorised application if you specify the full path.  In the case of a URL, the system decides which browser to use based on the registry entries outlined in the script I provided unless the user has never changed the default browser, in which case it will look to the HKCR/HTTP or HKCR/HTTPS keys.
0
 

Author Comment

by:Evan Li
ID: 41793734
I have attached the images of the windows 7 version and what windows registry look like. I do not know how do you have extra info.
Windows7registry1.jpg
Windows7registry2.jpg
WindowsVersion.jpg
0
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 2000 total points
ID: 41794765
Does this machine have other browsers installed?
Is the user you're logging in to ever had the default browser changed?
Is this a domain or local user account you are logged in as with these screenshots?

What is the goal of not using ShellExec?  Is there some perceived security risk on the part of your company/auditors?  If so, what is the stated risk?
0
 

Author Comment

by:Evan Li
ID: 41794851
After I setup Chrome. And I setup chrome to be my default browser, I see the registry. Thank you.
0
 

Author Closing Comment

by:Evan Li
ID: 41796707
Close this question, as I know the solution now. Thanks.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Often, when implementing a feature, you won't know how certain events should be handled at the point where they occur and you'd rather defer to the user of your function or class. For example, a XML parser will extract a tag from the source code, wh…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question