http://bugs.winehq.org/show_bug.cgi?id=31772
Bug #: 31772 Summary: NtQuerySystemInformation doesn't fill ReturnLength properly with SystemProcessInformation Product: Wine Version: 1.5.13 Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: ntdll AssignedTo: wine-bugs@winehq.org ReportedBy: nospam.kotarou.dono@gmail.com Classification: Unclassified
Created attachment 41804 --> http://bugs.winehq.org/attachment.cgi?id=41804 Test program for calling NtTerminateProcess with it's handle as 0
While I was writing a test program for calling NtTerminateProcess with 0 as it's handle, I found out NtQuerySystemInformation doesn't correctly fill ReturnLength when called with SystemProcessInformation.
Code --- SIZE_T spiSize; NtQuerySystemInformation(SystemProcessInformation, NULL, 0, (ULONG*)&spiSize);
Expected result --- spiSize contains the size of the needed buffer to completely contain all the SYSTEM_PROCESS_INFORMATION and SYSTEM_THREAD_INFORMATION structures of the processes and threads of the system.
Actual result --- spiSize contains 0
On a side note, after hacking my code by pre-setting spiSize to an amount and commenting out the first NtQuerySystemInformation call, the behaviour of NtTerminateProcess is not what I expected: It should return STATUS_SUCCESS and kill all threads except for the calling one, but it returns STATUS_INVALID_HANDLE instead.