From 49246541debf0362d027e6a5d7bfc6b0eac862d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= <hpoussin@reactos.org>
Date: Sun, 16 Apr 2023 18:48:15 +0200
Subject: [PATCH] [WIN32SS:ENG] Do not free LDEV if unloading a driver failed

Currently, LDEVOBJ_bUnloadImage always returns FALSE due to missing functionality in ntoskrnl.
LDEVOBJ_vFreeLDEV contains an assert that driver is correctly unloaded before freeing it.
Prevent this assert by calling LDEVOBJ_vFreeLDEV only if LDEVOBJ_bUnloadImage succeed.

This can be easily triggered if DrvEnableDriver function (called in LDEVOBJ_bEnableDriver) fails.
---
 win32ss/gdi/eng/ldevobj.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/win32ss/gdi/eng/ldevobj.c b/win32ss/gdi/eng/ldevobj.c
index 803cbd37fe1..9582c8e943a 100644
--- a/win32ss/gdi/eng/ldevobj.c
+++ b/win32ss/gdi/eng/ldevobj.c
@@ -442,8 +442,10 @@ LDEVOBJ_pLoadDriver(
             ERR("LDEVOBJ_bEnableDriver failed\n");
 
             /* Unload the image. */
-            LDEVOBJ_bUnloadImage(pldev);
-            LDEVOBJ_vFreeLDEV(pldev);
+            if (LDEVOBJ_bUnloadImage(pldev))
+                LDEVOBJ_vFreeLDEV(pldev);
+            else
+                ERR("Could not unload driver. Leaking memory\n");
             pldev = NULL;
             goto leave;
         }