On 4/11/19 8:26 PM, Derek Lesho wrote:
Signed-off-by: Derek Lesho <dereklesho52(a)Gmail.com> --- dlls/ntoskrnl.exe/ntoskrnl.c | 16 +++++++++++++++- dlls/ntoskrnl.exe/ntoskrnl_private.h | 4 ++++ 2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/dlls/ntoskrnl.exe/ntoskrnl.c b/dlls/ntoskrnl.exe/ntoskrnl.c index 49592c6dc1..b68de7b250 100644 --- a/dlls/ntoskrnl.exe/ntoskrnl.c +++ b/dlls/ntoskrnl.exe/ntoskrnl.c @@ -2464,15 +2464,29 @@ NTSTATUS WINAPI FsRtlRegisterUncProvider(PHANDLE MupHandle, PUNICODE_STRING Redi }
+static void *create_process_object( HANDLE handle ); +
If you move implementation here, you may avoid forward declaration here (file object has it as well, that was needed before the patch for NULL type arguments).
static const WCHAR process_type_name[] = {'P','r','o','c','e','s','s',0};
static struct _OBJECT_TYPE process_type = { - process_type_name + process_type_name, + create_process_object };
POBJECT_TYPE PsProcessType = &process_type;
+static void *create_process_object( HANDLE handle ) +{ + PEPROCESS process; + + if (!(process = alloc_kernel_object( PsProcessType, handle, sizeof(*process), 0 ))) return NULL; + + process->header.Type = 3; + process->header.WaitListHead.Blink = INVALID_HANDLE_VALUE; /* mark as kernel object */
It would be nice to have a simple test for those. The test may be in later patch (probably together with IoGetCurrentProcess). You could check the Type field and make sure that KeWaitForSingleObject returns timeout. Jacek