Major Description
Hello,
I've been hunting zombie processes in ReactOS and I noticed that we do not protect at all a process when enumerating in QsiSystemProcessInformation(...):
do
|
{
|
SpiCurrent = (PSYSTEM_PROCESS_INFORMATION) Current;
|
|
|
if ((Process->ProcessExiting) && |
(Process->Pcb.Header.SignalState) &&
|
!(Process->ActiveThreads) &&
|
(IsListEmpty(&Process->Pcb.ThreadListHead)))
|
{
|
DPRINT1("Process %p (%s:%p) is a zombie\n", |
Process, Process->ImageFileName, Process->UniqueProcessId);
|
CurrentSize = 0;
|
ImageNameMaximumLength = 0;
|
goto Skip; |
}
|
and also when checking condition for initialized ThreadListEntry in PspDeleteThread(...):
/* Check if the thread list is valid */
|
if (Thread->ThreadListEntry.Flink) |
{
|
/* Lock the thread's process */ |
KeEnterCriticalRegion();
|
ExAcquirePushLockExclusive(&Process->ProcessLock);
|
|
|
/* Remove us from the list */ |
RemoveEntryList(&Thread->ThreadListEntry);
|
|
|
/* Release the lock */ |
ExReleasePushLockExclusive(&Process->ProcessLock);
|
KeLeaveCriticalRegion();
|
}
|
The attached patch fixes both problems.