system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-07-20 10:23:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ntdll: Avoid accessing the TEB after the memory view has been released.

Browse source 
When using reserved areas the memory could potentially be reused right
after the release.
This commit is contained in:
Alexandre Julliard 2006-07-25 12:03:56 +02:00
parent 7b767fb71c
commit b91a6298a7
1 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
dlls/ntdll/server.c
View file

@ -141,6 +141,7 @@ void server_exit_thread( int status )
{
struct wine_pthread_thread_info info;
SIZE_T size;
int fds[4];
RtlAcquirePebLock();
RemoveEntryList( &NtCurrentTeb()->TlsLinks );
@ -151,6 +152,11 @@ void server_exit_thread( int status )
info.teb_sel = wine_get_fs();
info.exit_status = status;
fds[0] = ntdll_get_thread_data()->wait_fd[0];
fds[1] = ntdll_get_thread_data()->wait_fd[1];
fds[2] = ntdll_get_thread_data()->reply_fd;
fds[3] = ntdll_get_thread_data()->request_fd;
size = 0;
NtFreeVirtualMemory( GetCurrentProcess(), &info.stack_base, &size, MEM_RELEASE | MEM_SYSTEM );
info.stack_size = size;
@ -160,10 +166,10 @@ void server_exit_thread( int status )
info.teb_size = size;
pthread_functions.sigprocmask( SIG_BLOCK, &block_set, NULL );
close( ntdll_get_thread_data()->wait_fd[0] );
close( ntdll_get_thread_data()->wait_fd[1] );
close( ntdll_get_thread_data()->reply_fd );
close( ntdll_get_thread_data()->request_fd );
close( fds[0] );
close( fds[1] );
close( fds[2] );
close( fds[3] );
pthread_functions.exit_thread( &info );
}