Extensions can no longer be started by osquery on Windows

[sroache]

Bug report

What operating system and version are you using?

+------------+-------+----------+
| version    | build | platform |
+------------+-------+----------+
| 10.0.17763 | 17763 | windows  |
+------------+-------+----------+

but this is not limited to specific windows versions

What version of osquery are you using?

+---------+
| version |
+---------+
| 5.0.1   |
+---------+

What steps did you take to reproduce the issue?

Run osquery.exe --allow_unsafe --extension=testExtension.exe

What did you expect to see?

The extension should have been launched and registered with osquery so that the tables were available to query.

What did you see instead?

The extension was not launched.
This appears to be because of a recent change - 9266838#diff-976be69b93d9364552ca301a07c92b98a8a9486767f3f546812772a1e81aadbd.
On Windows the checkStatus call that is used to determine if the process has ever run or is currently running calls GetExitCodeProcess which when called with invalid handle (the default of the id_ for the process not launched yet) returns STILL_ALIVE (https://github.com/osquery/osquery/blob/master/osquery/process/windows/process.cpp#L100) This causes ext_valid to be true and the extension never launched.

This can be shown with:

int main()
{
	DWORD exit;
	auto res = GetExitCodeProcess(INVALID_HANDLE_VALUE, &exit);
	if (res == 0)
	{
		std::cout << "FAIL " << GetLastError();
	}
	else
	{
		std::cout << "EXIT - " << exit;
	}
}

which prints 'EXIT - 259' which is STILL_ALIVE (https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getexitcodeprocess)