Signed-off-by: Derek Lesho dereklesho52@Gmail.com --- dlls/ntoskrnl.exe/ntoskrnl.c | 15 ++++++++++++--- include/ddk/ntifs.h | 1 + 2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/dlls/ntoskrnl.exe/ntoskrnl.c b/dlls/ntoskrnl.exe/ntoskrnl.c index b68de7b250..80a6fa89f7 100644 --- a/dlls/ntoskrnl.exe/ntoskrnl.c +++ b/dlls/ntoskrnl.exe/ntoskrnl.c @@ -3255,9 +3255,18 @@ NTSTATUS WINAPI PsSetLoadImageNotifyRoutine(PLOAD_IMAGE_NOTIFY_ROUTINE routine) */ NTSTATUS WINAPI PsLookupProcessByProcessId(HANDLE processid, PEPROCESS *process) { - static int once; - if (!once++) FIXME("(%p %p) stub\n", processid, process); - return STATUS_NOT_IMPLEMENTED; + NTSTATUS status; + HANDLE hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, HandleToUlong(processid) ); + + if (!hProcess) + return STATUS_INVALID_PARAMETER; + + status = kernel_object_from_handle( hProcess, PsProcessType, (void**)process ); + + ObReferenceObject( *process ); + + NtClose( hProcess ); + return status; }
diff --git a/include/ddk/ntifs.h b/include/ddk/ntifs.h index 9b57ae7ad7..ec4d1d5aa7 100644 --- a/include/ddk/ntifs.h +++ b/include/ddk/ntifs.h @@ -131,6 +131,7 @@ typedef struct _FS_FILTER_CALLBACKS
BOOLEAN WINAPI FsRtlIsNameInExpression(PUNICODE_STRING, PUNICODE_STRING, BOOLEAN, PWCH); NTSTATUS WINAPI ObQueryNameString(PVOID,POBJECT_NAME_INFORMATION,ULONG,PULONG); +NTSTATUS WINAPI PsLookupProcessByProcessId(HANDLE,PEPROCESS*); NTSTATUS WINAPI PsLookupThreadByThreadId(HANDLE,PETHREAD*); void WINAPI PsRevertToSelf(void);