fix: prevent reallocation loops when buffer larger than returnLength

Author: BinToss

deadlock-dotnet-sdk/Domain/ProcessInfo.cs

@@ -252,7 +252,7 @@ ref returnLength
 #endif
                     // !WARNING may throw OutOfMemoryException; ReAllocHGlobal received a null pointer, but didn't check the error code
                     // the native call to LocalReAlloc (via Marshal.ReAllocHGlobal) sometimes returns a null pointer. This is a Legacy function. Why does .NET not use malloc/realloc?
-                    if (returnLength < bufferCmdLine.ByteLength)
+                    if (returnLength is 0)
                         bufferCmdLine.Reallocate(numBytes: (nuint)(bufferCmdLine.ByteLength * 2));
                     else bufferCmdLine.Reallocate(numBytes: returnLength);
                     // none of these helped debug that internal error...
@@ -282,7 +282,7 @@ ref returnLength
             {
                 while ((status = NtWow64QueryInformationProcess64(ProcessHandle.v, PROCESSINFOCLASS.ProcessBasicInformation, (void*)bufferPBI.DangerousGetHandle(), (uint)bufferPBI.ByteLength, &returnLength)).Code is Code.STATUS_INFO_LENGTH_MISMATCH or Code.STATUS_BUFFER_TOO_SMALL or Code.STATUS_BUFFER_OVERFLOW)
                 {
-                    if (returnLength < bufferPBI.ByteLength)
+                    if (returnLength is 0)
                         bufferPBI.Reallocate(numBytes: (nuint)(bufferPBI.ByteLength * 2));
                     else bufferPBI.Reallocate(numBytes: returnLength);
                 }
@@ -294,11 +294,10 @@ ref returnLength
             }
             else
             {
-                while ((status = NtQueryInformationProcess(ProcessHandle.v, PROCESSINFOCLASS.ProcessBasicInformation, (void*)bufferPBI.DangerousGetHandle(), (uint)bufferPBI.ByteLength, ref returnLength)).Code is Code.STATUS_INFO_LENGTH_MISMATCH or Code.STATUS_BUFFER_TOO_SMALL or Code.STATUS_BUFFER_OVERFLOW)
+                while ((status = NtQueryInformationProcess(ProcessHandle.v, PROCESSINFOCLASS.ProcessBasicInformation, (void*)bufferPBI.DangerousGetHandle(), (uint)bufferPBI.ByteLength, ref returnLength)).Code
+                    is Code.STATUS_INFO_LENGTH_MISMATCH or Code.STATUS_BUFFER_TOO_SMALL or Code.STATUS_BUFFER_OVERFLOW)
                 {
-                    if (returnLength < bufferPBI.ByteLength)
-                        bufferPBI.Reallocate((nuint)(bufferPBI.ByteLength * 2));
-                    else bufferPBI.Reallocate((returnLength is 0 ? returnLength = (uint)(Marshal.SizeOf<PROCESS_BASIC_INFORMATION64>() * 2) : returnLength) + (uint)IntPtr.Size);
+                    bufferPBI.Reallocate(returnLength is 0 ? returnLength = (uint)(bufferPBI.ByteLength * 2) : returnLength);
                 }
 
                 if (status.Code is not Code.STATUS_SUCCESS)

deadlock-dotnet-sdk/Domain/SafeHandleEx.cs

@@ -151,25 +151,25 @@ public unsafe (string? v, Exception? ex) ObjectName
                 else if (v.Value.Type is PS_PROTECTION.PS_PROTECTED_TYPE.PsProtectedTypeProtected)
                     return objectName = (null, new UnauthorizedAccessException(errUnableMsg + "The process's protection type prohibits access."));
 
-                uint bufferLength = 1024u;
-                using SafeBuffer<OBJECT_NAME_INFORMATION> buffer = new(numBytes: bufferLength);
+                uint returnLength = 1024u;
+                using SafeBuffer<OBJECT_NAME_INFORMATION> buffer = new(numBytes: returnLength);
                 NTSTATUS status = default;
 
                 while ((status = NtQueryObject(this,
                                                OBJECT_INFORMATION_CLASS.ObjectNameInformation,
                                                (OBJECT_NAME_INFORMATION*)buffer.DangerousGetHandle(),
-                                               bufferLength,
-                                               &bufferLength)).Code
+                                               returnLength,
+                                               &returnLength)).Code
                     is Code.STATUS_BUFFER_OVERFLOW or Code.STATUS_INFO_LENGTH_MISMATCH or Code.STATUS_BUFFER_TOO_SMALL)
                 {
-                    if (bufferLength < buffer.ByteLength)
+                    if (returnLength is 0)
                         buffer.Reallocate((uint)(buffer.ByteLength * 2));
-                    else buffer.Reallocate(bufferLength);
+                    else buffer.Reallocate(returnLength);
                 }
 
                 OBJECT_NAME_INFORMATION oni = buffer.Read<OBJECT_NAME_INFORMATION>(0);
                 if (oni.Name.Buffer.Value is null)
-                    return objectName = (null, new NullReferenceException(errFailedMsg + "Bad data was copied to the buffer. The string pointer is null."));
+                    return objectName = (null, new NullReferenceException(errFailedMsg + "The object is unnamed -OR- bad data was copied to the buffer. The string pointer is null."));
 
                 return status.IsSuccessful
                     ? objectName = (oni.NameAsString, null)

deadlock-dotnet-sdk/Windows.Win32/SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX.cs

@@ -71,7 +71,7 @@ public unsafe string GetHandleObjectType()
         while ((status = NtQueryObject(h, OBJECT_INFORMATION_CLASS.ObjectTypeInformation, (void*)buffer.DangerousGetHandle(), (uint)buffer.ByteLength, &returnLength))
             .Code is STATUS_BUFFER_OVERFLOW or STATUS_INFO_LENGTH_MISMATCH or STATUS_BUFFER_TOO_SMALL)
         {
-            if (returnLength < buffer.ByteLength)
+            if (returnLength is 0)
                 buffer.Reallocate((nuint)(2 * buffer.ByteLength));
             else buffer.Reallocate(returnLength);
         }