On 4/11/19 8:26 PM, Derek Lesho wrote:
Signed-off-by: Derek Lesho dereklesho52@Gmail.com
dlls/ntoskrnl.exe/ntoskrnl.c | 16 +++++++++++++++- dlls/ntoskrnl.exe/ntoskrnl_private.h | 4 ++++ 2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/dlls/ntoskrnl.exe/ntoskrnl.c b/dlls/ntoskrnl.exe/ntoskrnl.c index 49592c6dc1..b68de7b250 100644 --- a/dlls/ntoskrnl.exe/ntoskrnl.c +++ b/dlls/ntoskrnl.exe/ntoskrnl.c @@ -2464,15 +2464,29 @@ NTSTATUS WINAPI FsRtlRegisterUncProvider(PHANDLE MupHandle, PUNICODE_STRING Redi }
+static void *create_process_object( HANDLE handle );
If you move implementation here, you may avoid forward declaration here (file object has it as well, that was needed before the patch for NULL type arguments).
static const WCHAR process_type_name[] = {'P','r','o','c','e','s','s',0};
static struct _OBJECT_TYPE process_type = {
- process_type_name
process_type_name,
create_process_object };
POBJECT_TYPE PsProcessType = &process_type;
+static void *create_process_object( HANDLE handle ) +{
- PEPROCESS process;
- if (!(process = alloc_kernel_object( PsProcessType, handle, sizeof(*process), 0 ))) return NULL;
- process->header.Type = 3;
- process->header.WaitListHead.Blink = INVALID_HANDLE_VALUE; /* mark as kernel object */
It would be nice to have a simple test for those. The test may be in later patch (probably together with IoGetCurrentProcess). You could check the Type field and make sure that KeWaitForSingleObject returns timeout.
Jacek