OpenPhysicalMemoryDevice fails to close handle to the system process, resulting in a handle leak.

Question

OpenPhysicalMemoryDevice fails to close handle to the system process, resulting in a handle leak.

JohnLaTwC opened this issue a year ago · comments

OpenPhysicalMemoryDevice fails to close handle to the system process, resulting in a handle leak.

This is a low sev bug in what seems to be test code, but noting it for completeness. e.g. it may be called only via wmain where all handles will be closed at process exit anyway. It is also possible that in testing with this code path, the programmer wants the system process handle in a local variable for assisting with debugging.

    
    // Open the System process (PID 4) for full access (PROCESS_ALL_ACCESS)
    {
!        hSystemProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, 4);   <<< hSystemProcess handle acquired
        if (NULL == hSystemProcess)
        {
            Log(Error, "Failed to open PROCESS_ALL_ACCESS to System process with GLE 0x%08x", GetLastError());
            goto Cleanup;
        }
        Log(Info, "Opened System process as PROCESS_ALL_ACCESS.  Handle is 0x%x", HandleToULong(hSystemProcess));
    }

    //__debugbreak();
    Log(Info, "Press any key to continue...");
    _getch();

Cleanup:
+      if (NULL != hSystemProcess)
+        {
+                CloseHandle( hSystemProcess );
+        }
    return hSection;
}

https://github.com/gabriellandau/PPLFault/blob/ba4798aa86ecfe81d1c763445712db72eb43984a/GodFault/GodFault.cpp#LL371C1-L381C6

Gabriel Landau · Answer 1 · Sat Jun 03 2023 04:53:33 GMT+0800 (China Standard Time)

Thanks for the bug report. This one's intentional, for demo purposes. You can find the handles ProcessHacker. The section handles returned from this function are leaked too.