TerminateProcess with GetCurrentProcess() handle and with GetCurrentProcessId() handle

Question

I'm studying Windows Internals. In fact, there's no similar _exit system call like in *nix.

The process should terminate itself with TerminateProcess/NtTerminateProcess.

ExitProcess/RtlExitUserProcess API doing some cleanup before self-terminate.

---

TerminateProcess/NtTerminateProcess work with GetCurrentProcess/NtCurrentProcess/(HANDLE)-1.

But when I try it with GetCurrentProcessId/gs:[0x40] it didn't work.

#include <windows.h>

int main(void)
{
    TerminateProcess(GetCurrentProcess(), 0); // work
    TerminateProcess(GetCurrentProcessId(), 0); // didn't work
}

mov rcx, -1
xor edx, edx
call TerminateProcess
; this one is working
call GetCurrentProcessId
mov ecx, eax
xor edx, edx
call TerminateProcess
; this one didn't work

---

Why Windows processes must self terminate itself with GetCurrentProcess and can't work with GetCurrentProcessId ?

Answer 1

The documentation for TerminateProcess() clearly says that it takes a process handle, whereas GetCurrentProcessID() returns a process ID instead. Why would you expect that ID to work?

One comment of yours seems to suggest that you think a process HANDLE is the same as a process ID. Clearly that is not true, otherwise GetCurrentProcess() and GetCurrentProcessID() would not exist as separate APIs.

In fact, GetCurrentProcess() actually returns 0xffffffff.

The docs say:

The return value is a pseudo handle to the current process.

Answer 2

Okay, like the other said, TerminateProcess accept process handle, and not process id.

I should take the handle from OpenProcess(PROCESS_TERMINATE, false, GetCurrentProcessId()).

Sorry for the misinformation.