From 335e8718f70c04a7dfb74dabdd07755e747ee56b Mon Sep 17 00:00:00 2001
From: Hartmut Birr <osexpert@googlemail.com>
Date: Sat, 30 Aug 2003 14:51:05 +0000
Subject: [PATCH] - Reference/dereference the parent key in CmiObjectDelete.  
 The call to CmiRemoveKeyFromList does dereference the parent and   it is
 possible that the parent key is deleted before the   subkey delete process is
 complete.

svn path=/trunk/; revision=5938
---
 reactos/ntoskrnl/cm/regobj.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/reactos/ntoskrnl/cm/regobj.c b/reactos/ntoskrnl/cm/regobj.c
index aba93f68543..9c6d25cbc74 100644
--- a/reactos/ntoskrnl/cm/regobj.c
+++ b/reactos/ntoskrnl/cm/regobj.c
@@ -271,6 +271,8 @@ CmiObjectDelete(PVOID DeletedObject)
   DPRINT("Delete key object (%p)\n", DeletedObject);
 
   KeyObject = (PKEY_OBJECT) DeletedObject;
+ 
+  ObReferenceObject(KeyObject->ParentKey);
 
   if (!NT_SUCCESS(CmiRemoveKeyFromList(KeyObject)))
     {
@@ -292,6 +294,7 @@ CmiObjectDelete(PVOID DeletedObject)
 	  CmiSyncHives();
 	}
     }
+  ObDereferenceObject(KeyObject->ParentKey);
   if (KeyObject->NumberOfSubKeys)
     {
       KEBUGCHECK(0);