Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-05 11:41:23 +00:00
Code Issues Projects Releases Packages Wiki Activity

[win32k]

Browse source 
- When message are sent without waiting a reply (non-queued messages) the message queues are referenced and dereferenced in the call. 
Message removal and cleanup functions for queues expected a reference on the queue. Add checks to determine if the message is a non-queued message and if so release memory for those that had pointers and more importantly skip dereferencing the queues. Possibly fixes random crashes and memory leaks.

svn path=/trunk/; revision=47142
This commit is contained in:
Michael Martin 2010-05-09 12:27:57 +00:00
parent 330de811a7
commit 786f5a19d7
1 changed files with 39 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

31
reactos/subsystems/win32/win32k/ntuser/msgqueue.c
View file

@ -1086,9 +1086,19 @@ MsqRemoveWindowMessagesFromQueue(PVOID pWindow)
KeSetEvent(SentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE); KeSetEvent(SentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
} }
if (SentMessage->HasPackedLParam == TRUE)
{
if (SentMessage->Msg.lParam)
ExFreePool((PVOID)SentMessage->Msg.lParam);
}
/* Only if it is not a no wait message */
if (!(SentMessage->HookMessage & MSQ_SENTNOWAIT))
{
/* dereference our and the sender's message queue */ /* dereference our and the sender's message queue */
IntDereferenceMessageQueue(MessageQueue); IntDereferenceMessageQueue(MessageQueue);
IntDereferenceMessageQueue(SentMessage->SenderQueue); IntDereferenceMessageQueue(SentMessage->SenderQueue);
}
/* free the message */ /* free the message */
ExFreePool(SentMessage); ExFreePool(SentMessage);
@ -1509,9 +1519,19 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE); KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
} }
if (CurrentSentMessage->HasPackedLParam == TRUE)
{
if (CurrentSentMessage->Msg.lParam)
ExFreePool((PVOID)CurrentSentMessage->Msg.lParam);
}
/* Only if it is not a no wait message */
if (!(CurrentSentMessage->HookMessage & MSQ_SENTNOWAIT))
{
/* dereference our and the sender's message queue */ /* dereference our and the sender's message queue */
IntDereferenceMessageQueue(MessageQueue); IntDereferenceMessageQueue(MessageQueue);
IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue); IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue);
}
/* free the message */ /* free the message */
ExFreePool(CurrentSentMessage); ExFreePool(CurrentSentMessage);
@ -1547,10 +1567,19 @@ MsqCleanupMessageQueue(PUSER_MESSAGE_QUEUE MessageQueue)
KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE); KeSetEvent(CurrentSentMessage->CompletionEvent, IO_NO_INCREMENT, FALSE);
} }
if (CurrentSentMessage->HasPackedLParam == TRUE)
{
if (CurrentSentMessage->Msg.lParam)
ExFreePool((PVOID)CurrentSentMessage->Msg.lParam);
}
/* Only if it is not a no wait message */
if (!(CurrentSentMessage->HookMessage & MSQ_SENTNOWAIT))
{
/* dereference our and the sender's message queue */ /* dereference our and the sender's message queue */
IntDereferenceMessageQueue(MessageQueue); IntDereferenceMessageQueue(MessageQueue);
IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue); IntDereferenceMessageQueue(CurrentSentMessage->SenderQueue);
}
/* free the message */ /* free the message */
ExFreePool(CurrentSentMessage); ExFreePool(CurrentSentMessage);
} }