Why does WriteFile crash when writing to the standard output?

Question

Here's a "Hello world" program that uses WinAPI's WriteFile (compiled in Microsoft Visual C++ 2008 Express):

int _tmain(int argc, _TCHAR* argv[])
{
    wchar_t str[] = L"Hello world";

    HANDLE out = GetStdHandle(STD_OUTPUT_HANDLE);
    if(out && out!=INVALID_HANDLE_VALUE)
    {
        WriteFile(out, str, sizeof(str), NULL, NULL);
        CloseHandle(out);
    }   

    return 0;
}

If executed in a console window, it happily greets the world. If you try to redirect its standard output, however, as in

hello.exe > output.txt

the program crashes in WriteFile (NULL pointer exception). Nonetheless, output.txt exists and contains the correct output in its entirety.

The call stack on crash:

KernelBase.dll!_WriteFile@20()  + 0x75 bytes    
kernel32.dll!_WriteFileImplementation@20()  + 0x4e bytes    
srgprc2.exe!wmain(int argc=1, wchar_t * * argv=0x00483d88)  Line 15 + 0x16 bytes    C++

The message: "Unhandled exception at 0x75ce85ea (KernelBase.dll) in srgprc2.exe: 0xC0000005: Access violation writing location 0x00000000."

What's going on here? Thanks!

... as should be clear, since you are using a `Get...` function, not an `Open...` function. — Matteo Italia, Nov 19 '11 at 16:55
The CloseHandle is not even called, the crash happens in WriteFile and the program terminates. — user38329, Nov 19 '11 at 16:58
Try duplicating the handle instead of getting it. Also, perhaps your'e getting the standard output stream which is not attached to anything, since the output is redirected? Look deeper into I/O redirection for console processes... — Mordachai, Nov 19 '11 at 17:05
Since output.txt is generated correctly, the problem is not a dangling handle... — user38329, Nov 19 '11 at 17:11

score 18 · Accepted Answer · edited Sep 22 '15 at 18:09

18

The fourth parameter to WriteFile is not optional. You are passing NULL, which is not allowed.

edited Sep 22 '15 at 18:09

vcsjones

128,004
28
283
274

answered Nov 19 '11 at 17:16

Raymond Chen

42,606
11
86
125

3

D'OH! "This parameter can be NULL only when the lpOverlapped parameter is not NULL." http://msdn.microsoft.com/en-us/library/windows/desktop/aa365747%28v=vs.85%29.aspx – Mordachai Nov 19 '11 at 17:18
Thank you. The "__out_opt" in the prototype confused me. – user38329 Nov 19 '11 at 17:20
I'm also having the same problem as OP mentioned in the question. And as far as I remember, I also passed NULL for that parameter. So...Thanks for your great answer. and yes... +1 :) – Farhad Reza Jan 05 '17 at 09:40

score 0 · Answer 2 · answered Aug 05 '17 at 02:07

4th parameter (which tells us how much bytes were actually written) is expecting pointer to DWORD value (a.k.a unsigned int) when you pass NULL to that parameter it attempts to write DWORD to null pointer which causes exception, not only it is mandatory to pass pointer to that argument but also you should always check its value after write because there is probability although slim that WriteFile will write less data than you provided.

Why does WriteFile crash when writing to the standard output?

2 Answers2

Linked

Related