Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-23 08:55:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

[IP] Avoid use-after-free of IPDATAGRAM_REASSEMBLY structures. By Roel Messiant. CORE-11889

Browse source 
svn path=/trunk/; revision=72672
This commit is contained in:
Amine Khaldi 2016-09-14 10:09:02 +00:00
parent d87e3543c1
commit 7d478eb667
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
reactos/sdk/lib/drivers/ip/network/receive.c
View file

@ -489,21 +489,23 @@ VOID IPFreeReassemblyList(
*/
{
KIRQL OldIrql;
PLIST_ENTRY CurrentEntry;
PLIST_ENTRY CurrentEntry, NextEntry;
PIPDATAGRAM_REASSEMBLY Current;
TcpipAcquireSpinLock(&ReassemblyListLock, &OldIrql);
CurrentEntry = ReassemblyListHead.Flink;
while (CurrentEntry != &ReassemblyListHead) {
Current = CONTAINING_RECORD(CurrentEntry, IPDATAGRAM_REASSEMBLY, ListEntry);
NextEntry = CurrentEntry->Flink;
Current = CONTAINING_RECORD(CurrentEntry, IPDATAGRAM_REASSEMBLY, ListEntry);
/* Unlink it from the list */
RemoveEntryList(CurrentEntry);
/* And free the descriptor */
FreeIPDR(Current);
CurrentEntry = CurrentEntry->Flink;
CurrentEntry = NextEntry;
}
TcpipReleaseSpinLock(&ReassemblyListLock, OldIrql);