How to change the parent process when calling CreateProcess API

Usually, the parent process is the process that creats the new process. But you can change this behavior by setting STARTUPINFOEX.lpAttributeList.

HANDLE hParentProcess{ nullptr };
LPPROC_THREAD_ATTRIBUTE_LIST attrList{ nullptr };


// Initialize LPPROC_THREAD_ATTRIBUTE_LIST
hParentProcess = OpenProcess(PROCESS_CREATE_PROCESS, FALSE, parentProcessId);

SIZE_T attrListSize = 0;
InitializeProcThreadAttributeList(nullptr, 1, 0, &attrListSize);
attrList = (LPPROC_THREAD_ATTRIBUTE_LIST)malloc(attrListSize);

InitializeProcThreadAttributeList(attrList, 1, 0, &attrListSize);

UpdateProcThreadAttribute(attrList, 0, PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, &hParentProcess,
	sizeof(hParentProcess), nullptr, nullptr);


// Set LPPROC_THREAD_ATTRIBUTE_LIST to the STARTUPINFOEX
STARTUPINFOEX  si = { sizeof(si) };
si.StartupInfo.cb = sizeof(si);
si.lpAttributeList = attrList;

PROCESS_INFORMATION pi = { 0 };


CreateProcess(nullptr, argv[1], nullptr, nullptr, FALSE, EXTENDED_STARTUPINFO_PRESENT, nullptr, nullptr, &si.StartupInfo, &pi);