Support extended variant of ProcessBasicInformation

2026-01-11 16:46:16 +00:00 · 2025-12-24 12:57:14 +03:00
parent e3efcb9186
commit 8438a1f456
2 changed files with 45 additions and 6 deletions
--- a/src/common/platform/kernel_mapped.hpp
+++ b/src/common/platform/kernel_mapped.hpp
@@ -1640,6 +1640,29 @@ typedef struct _PROCESS_BASIC_INFORMATION64
    EMULATOR_CAST(std::uint64_t, HANDLE) InheritedFromUniqueProcessId;
 } PROCESS_BASIC_INFORMATION64, *PPROCESS_BASIC_INFORMATION64;

+typedef struct _PROCESS_EXTENDED_BASIC_INFORMATION
+{
+    EMULATOR_CAST(std::uint64_t, SIZE_T) Size; // Ignored as input, written with structure size on output
+    PROCESS_BASIC_INFORMATION64 BasicInfo;
+    union
+    {
+        ULONG Flags;
+        struct
+        {
+            ULONG IsProtectedProcess : 1;
+            ULONG IsWow64Process : 1;
+            ULONG IsProcessDeleting : 1;
+            ULONG IsCrossSessionCreate : 1;
+            ULONG IsFrozen : 1;
+            ULONG IsBackground : 1;
+            ULONG IsStronglyNamed : 1;
+            ULONG IsSecureProcess : 1;
+            ULONG IsSubsystemProcess : 1;
+            ULONG SpareBits : 23;
+        };
+    };
+} PROCESS_EXTENDED_BASIC_INFORMATION, *PPROCESS_EXTENDED_BASIC_INFORMATION;
+
 typedef struct _KERNEL_USER_TIMES
 {
    LARGE_INTEGER CreateTime;
--- a/src/windows-emulator/syscalls/process.cpp
+++ b/src/windows-emulator/syscalls/process.cpp
@@ -93,12 +93,28 @@ namespace syscalls
                                                            c.PriorityClass = 32; // Normal
                                                        });

-        case ProcessBasicInformation:
-            return handle_query<PROCESS_BASIC_INFORMATION64>(c.emu, process_information, process_information_length, return_length,
-                                                             [&](PROCESS_BASIC_INFORMATION64& basic_info) {
-                                                                 basic_info.PebBaseAddress = c.proc.peb64.value();
-                                                                 basic_info.UniqueProcessId = 1;
-                                                             });
+        case ProcessBasicInformation: {
+            const auto init_basic_info = [&](PROCESS_BASIC_INFORMATION64& basic_info) {
+                basic_info.PebBaseAddress = c.proc.peb64.value();
+                basic_info.UniqueProcessId = 1;
+            };
+
+            switch (process_information_length)
+            {
+            case sizeof(PROCESS_BASIC_INFORMATION64):
+                return handle_query<PROCESS_BASIC_INFORMATION64>(c.emu, process_information, process_information_length, return_length,
+                                                                 init_basic_info);
+            case sizeof(PROCESS_EXTENDED_BASIC_INFORMATION):
+                return handle_query<PROCESS_EXTENDED_BASIC_INFORMATION>(
+                    c.emu, process_information, process_information_length, return_length,
+                    [&](PROCESS_EXTENDED_BASIC_INFORMATION& ext_basic_info) {
+                        ext_basic_info.Size = sizeof(PROCESS_EXTENDED_BASIC_INFORMATION);
+                        init_basic_info(ext_basic_info.BasicInfo);
+                    });
+            default:
+                return STATUS_INFO_LENGTH_MISMATCH;
+            }
+        }

        case ProcessImageInformation:
            return handle_query<SECTION_IMAGE_INFORMATION<EmulatorTraits<Emu64>>>(