[PATCH 0/1] MR7517: ntdll: Do not fail NtCreateUserProcess() if requested access doesn't have PROCESS_CREATE_THREAD. - Wine-gitlab - list.winehq.org

newer
[PATCH v3 0/7] MR7536: d3dx9,...

[PATCH 0/1] MR7517: ntdll: Do not fail NtCreateUserProcess() if requested access doesn't have PROCESS_CREATE_THREAD.

older
[PATCH v2 0/6] MR7536: d3dx9,...

Paul Gofman (＠gofman)

6 Mar 2025 6 Mar '25

10:09 p.m.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/7517

Reply

Sign in to reply online Use email software

Show replies by date

Paul Gofman

6 Mar 6 Mar

10:09 p.m.

New subject: [PATCH 1/1] ntdll: Do not fail NtCreateUserProcess() if requested access doesn't have PROCESS_CREATE_THREAD.

From: Paul Gofman <pgofman(a)codeweavers.com> --- dlls/ntdll/unix/process.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/dlls/ntdll/unix/process.c b/dlls/ntdll/unix/process.c index 533940280e6..f734d515c94 100644 --- a/dlls/ntdll/unix/process.c +++ b/dlls/ntdll/unix/process.c @@ -719,7 +719,7 @@ NTSTATUS WINAPI NtCreateUserProcess( HANDLE *process_handle_ptr, HANDLE *thread_ { unsigned int status; BOOL success = FALSE; - HANDLE file_handle, process_info = 0, process_handle = 0, thread_handle = 0; + HANDLE file_handle, process_info = 0, process_handle = 0, thread_handle = 0, temp_handle; struct object_attributes *objattr; data_size_t attr_len; char *winedebug = NULL; @@ -894,9 +894,17 @@ NTSTATUS WINAPI NtCreateUserProcess( HANDLE *process_handle_ptr, HANDLE *thread_ if ((status = alloc_object_attributes( thread_attr, &objattr, &attr_len ))) goto done; + if (process_access & (MAXIMUM_ALLOWED | PROCESS_CREATE_THREAD)) temp_handle = process_handle; + else + { + if ((status = NtDuplicateObject( GetCurrentProcess(), process_handle, GetCurrentProcess(), &temp_handle, + MAXIMUM_ALLOWED, 0, 0 ))) + goto done; + } + SERVER_START_REQ( new_thread ) { - req->process = wine_server_obj_handle( process_handle ); + req->process = wine_server_obj_handle( temp_handle ); req->access = thread_access; req->flags = thread_flags; req->request_fd = -1; @@ -909,6 +917,7 @@ NTSTATUS WINAPI NtCreateUserProcess( HANDLE *process_handle_ptr, HANDLE *thread_ } SERVER_END_REQ; free( objattr ); + if (temp_handle != process_handle) NtClose( temp_handle ); if (status) goto done; /* create the child process */ -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/7517

Reply

Sign in to reply online Use email software

Paul Gofman (＠gofman)

10:11 p.m.

Otherwise if NtCreateUserProcess() is used directly and requests access rights without PROCESS_CREATE_THREAD that fails process creation with STATUS_ACCESS_DENINED because (new_thread) server call (for creating first thread in the new process) in NtCreateUserProcess() requires PROCESS_CREATE_THREAD permission on process handle. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7517#note_97013

Reply

Sign in to reply online Use email software

Alexandre Julliard (＠julliard)

10 Mar 10 Mar

7:48 p.m.

We could probably special-case the first thread. Also a test case would be nice. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7517#note_97308

Reply

Sign in to reply online Use email software

Paul Gofman (＠gofman)

7:49 p.m.

I thought about that but opening handle in wineserver twice looked clumsy to me. Maybe add an explicit parameter to (new_thread) request? I will add a test. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7517#note_97309

Reply

Sign in to reply online Use email software

278

Age (days ago)

282

Last active (days ago)

Download

4 comments

3 participants

tags

participants (3)

Alexandre Julliard (＠julliard)
Paul Gofman
Paul Gofman (＠gofman)