mirror of
https://github.com/reactos/reactos.git
synced 2025-02-23 00:45:24 +00:00
[NTOSKRNL]
- Fix callback pool tags - Fix a reference leak in PsSetCreateProcessNotifyRoutine See issue #7120 for more details. svn path=/trunk/; revision=56735
This commit is contained in:
Thomas Faber
parent
4cef479813
commit
afdd96eaae
4 changed files with 32 additions and 34 deletions
|
|
@ -132,7 +132,7 @@ list(APPEND SOURCE
|
|||
fstub/disksup.c
|
||||
fstub/fstubex.c
|
||||
fstub/halstub.c
|
||||
fstub/translate.c
|
||||
fstub/translate.c
|
||||
inbv/inbv.c
|
||||
inbv/inbvport.c
|
||||
io/iomgr/adapter.c
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ ExAllocateCallBack(IN PEX_CALLBACK_FUNCTION Function,
|
|||
/* Allocate a callback */
|
||||
CallbackBlock = ExAllocatePoolWithTag(PagedPool,
|
||||
sizeof(EX_CALLBACK_ROUTINE_BLOCK),
|
||||
'CbRb');
|
||||
TAG_CALLBACK_ROUTINE_BLOCK);
|
||||
if (CallbackBlock)
|
||||
{
|
||||
/* Initialize it */
|
||||
|
|
@ -77,7 +77,7 @@ NTAPI
|
|||
ExFreeCallBack(IN PEX_CALLBACK_ROUTINE_BLOCK CallbackBlock)
|
||||
{
|
||||
/* Just free it from memory */
|
||||
ExFreePoolWithTag(CallbackBlock, CALLBACK_TAG);
|
||||
ExFreePoolWithTag(CallbackBlock, TAG_CALLBACK_ROUTINE_BLOCK);
|
||||
}
|
||||
|
||||
VOID
|
||||
|
|
@ -124,7 +124,7 @@ ExReferenceCallBackBlock(IN OUT PEX_CALLBACK CallBack)
|
|||
EX_FAST_REF OldValue;
|
||||
ULONG_PTR Count;
|
||||
PEX_CALLBACK_ROUTINE_BLOCK CallbackBlock;
|
||||
|
||||
|
||||
/* Acquire a reference */
|
||||
OldValue = ExAcquireFastReference(&CallBack->RoutineBlock);
|
||||
Count = ExGetCountFastReference(OldValue);
|
||||
|
|
@ -140,10 +140,10 @@ ExReferenceCallBackBlock(IN OUT PEX_CALLBACK CallBack)
|
|||
ASSERT(FALSE);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
/* Get the callback block */
|
||||
CallbackBlock = ExGetObjectFastReference(OldValue);
|
||||
|
||||
|
||||
/* Check if this is the last reference */
|
||||
if (Count == 1)
|
||||
{
|
||||
|
|
@ -425,7 +425,7 @@ ExCreateCallback(OUT PCALLBACK_OBJECT *CallbackObject,
|
|||
0,
|
||||
ExCallbackObjectType,
|
||||
KernelMode,
|
||||
(PVOID)&Callback,
|
||||
&Callback,
|
||||
NULL);
|
||||
|
||||
/* Close the Handle, since we now have the pointer */
|
||||
|
|
@ -567,7 +567,7 @@ ExRegisterCallback(IN PCALLBACK_OBJECT CallbackObject,
|
|||
/* Allocate memory for the structure */
|
||||
CallbackRegistration = ExAllocatePoolWithTag(NonPagedPool,
|
||||
sizeof(CALLBACK_REGISTRATION),
|
||||
CALLBACK_TAG);
|
||||
TAG_CALLBACK_REGISTRATION);
|
||||
if (!CallbackRegistration)
|
||||
{
|
||||
/* Dereference and fail */
|
||||
|
|
@ -602,7 +602,7 @@ ExRegisterCallback(IN PCALLBACK_OBJECT CallbackObject,
|
|||
KeReleaseSpinLock(&CallbackObject->Lock, OldIrql);
|
||||
|
||||
/* Free the registration */
|
||||
ExFreePoolWithTag(CallbackRegistration, CALLBACK_TAG);
|
||||
ExFreePoolWithTag(CallbackRegistration, TAG_CALLBACK_REGISTRATION);
|
||||
CallbackRegistration = NULL;
|
||||
|
||||
/* Dereference the object */
|
||||
|
|
@ -676,7 +676,7 @@ ExUnregisterCallback(IN PVOID CallbackRegistrationHandle)
|
|||
KeReleaseSpinLock(&CallbackObject->Lock, OldIrql);
|
||||
|
||||
/* Delete this registration */
|
||||
ExFreePoolWithTag(CallbackRegistration, CALLBACK_TAG);
|
||||
ExFreePoolWithTag(CallbackRegistration, TAG_CALLBACK_REGISTRATION);
|
||||
|
||||
/* Remove the reference */
|
||||
ObDereferenceObject(CallbackObject);
|
||||
|
|
|
|||
|
|
@ -5,8 +5,9 @@
|
|||
#define TAG_BCB ' BCB'
|
||||
#define TAG_IBCB 'BCBi'
|
||||
|
||||
/* formely located in include/callback.h */
|
||||
#define CALLBACK_TAG 'KBLC'
|
||||
/* Executive Callbacks */
|
||||
#define TAG_CALLBACK_ROUTINE_BLOCK 'brbC'
|
||||
#define TAG_CALLBACK_REGISTRATION 'eRBC'
|
||||
|
||||
/* formely located in dbg/dbgkobj.c */
|
||||
#define TAG_DEBUG_EVENT 'EgbD'
|
||||
|
|
|
|||
|
|
@ -48,35 +48,32 @@ PsSetCreateProcessNotifyRoutine(IN PCREATE_PROCESS_NOTIFY_ROUTINE NotifyRoutine,
|
|||
if (!CallBack) continue;
|
||||
|
||||
/* Check it this is a matching block */
|
||||
if (ExGetCallBackBlockRoutine(CallBack) != (PVOID)NotifyRoutine)
|
||||
if (ExGetCallBackBlockRoutine(CallBack) == (PVOID)NotifyRoutine)
|
||||
{
|
||||
/* It's not, try the next one */
|
||||
continue;
|
||||
}
|
||||
/* Try removing it if it matches */
|
||||
if (ExCompareExchangeCallBack(&PspProcessNotifyRoutine[i],
|
||||
NULL,
|
||||
CallBack))
|
||||
{
|
||||
/* Decrement the number of routines */
|
||||
InterlockedDecrement((PLONG)&PspProcessNotifyRoutineCount);
|
||||
|
||||
/* It is, clear the current routine */
|
||||
if (ExCompareExchangeCallBack(&PspProcessNotifyRoutine[i],
|
||||
NULL,
|
||||
CallBack))
|
||||
{
|
||||
/* Decrement the number of routines */
|
||||
InterlockedDecrement((PLONG)&PspProcessNotifyRoutineCount);
|
||||
/* Dereference the block */
|
||||
ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
|
||||
CallBack);
|
||||
|
||||
/* Wait for active callbacks */
|
||||
ExWaitForCallBacks(CallBack);
|
||||
|
||||
/* Free the callback and exit */
|
||||
ExFreeCallBack(CallBack);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/* Dereference the block */
|
||||
ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
|
||||
CallBack);
|
||||
|
||||
/* Wait for actice callbacks */
|
||||
ExWaitForCallBacks(CallBack);
|
||||
|
||||
/* Free the callback and exit */
|
||||
ExFreeCallBack (CallBack);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
/* Dereference the block */
|
||||
ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
|
||||
CallBack);
|
||||
}
|
||||
|
||||
/* We didn't find any matching block */
|
||||
|
|
|
|||
Loading…
Reference in a new issue