From b83eb0a472b29a2cf3c88360e60fbd6c281a2884 Mon Sep 17 00:00:00 2001 From: Michael Martin Date: Fri, 24 Sep 2010 10:07:54 +0000 Subject: [PATCH] [ntoskrnl/ps] - PspCreateThread: If thread creation fails, dereference the Process object also to account for the reference taken at the beginning of the function. svn path=/trunk/; revision=48857 --- reactos/ntoskrnl/ps/thread.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/reactos/ntoskrnl/ps/thread.c b/reactos/ntoskrnl/ps/thread.c index 38459a32794..46ddf1bf8f8 100644 --- a/reactos/ntoskrnl/ps/thread.c +++ b/reactos/ntoskrnl/ps/thread.c @@ -280,6 +280,8 @@ PspCreateThread(OUT PHANDLE ThreadHandle, { /* We couldn't create the CID, dereference the thread and fail */ ObDereferenceObject(Thread); + ObDereferenceObject(Process); + ASSERT(FALSE); return STATUS_INSUFFICIENT_RESOURCES; } @@ -301,6 +303,8 @@ PspCreateThread(OUT PHANDLE ThreadHandle, { /* Fail */ ObDereferenceObject(Thread); + ObDereferenceObject(Process); + ASSERT(FALSE); return STATUS_PROCESS_IS_TERMINATING; } @@ -314,6 +318,8 @@ PspCreateThread(OUT PHANDLE ThreadHandle, /* Failed to create the TEB. Release rundown and dereference */ ExReleaseRundownProtection(&Process->RundownProtect); ObDereferenceObject(Thread); + ObDereferenceObject(Process); + ASSERT(FALSE); return Status; } @@ -357,6 +363,9 @@ PspCreateThread(OUT PHANDLE ThreadHandle, /* Release rundown and dereference */ ExReleaseRundownProtection(&Process->RundownProtect); ObDereferenceObject(Thread); + ObDereferenceObject(Process); + ASSERT(FALSE); + return Status; } @@ -431,6 +440,9 @@ PspCreateThread(OUT PHANDLE ThreadHandle, /* Dereference completely to kill it */ ObDereferenceObjectEx(Thread, 2); + ObDereferenceObject(Process); + ASSERT(FALSE); + return Status; } @@ -513,6 +525,9 @@ PspCreateThread(OUT PHANDLE ThreadHandle, /* Close its handle, killing it */ ObCloseHandle(ThreadHandle, PreviousMode); + ObDereferenceObject(Process); + ASSERT(FALSE); + return Status; }