system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-10-14 17:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

wineusb.sys: Avoid touching the IRP structure after queueing it.

Browse source 
Spotted by Thomas Faber.

Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Zebediah Figura 2020-04-25 10:37:19 -05:00 committed by Alexandre Julliard
parent c44e0cf60a
commit c2854d8be2
1 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
dlls/wineusb.sys/wineusb.c
View file

@ -498,8 +498,9 @@ static void transfer_cb(struct libusb_transfer *transfer)
static void queue_irp(struct usb_device *device, IRP *irp, struct libusb_transfer *transfer)
{
EnterCriticalSection(&wineusb_cs);
IoMarkIrpPending(irp);
irp->Tail.Overlay.DriverContext[0] = transfer;
EnterCriticalSection(&wineusb_cs);
InsertTailList(&device->irp_list, &irp->Tail.Overlay.ListEntry);
LeaveCriticalSection(&wineusb_cs);
}
@ -729,11 +730,7 @@ static NTSTATUS WINAPI driver_internal_ioctl(DEVICE_OBJECT *device_obj, IRP *irp
code, code >> 16, (code >> 14) & 3, (code >> 2) & 0xfff, code & 3);
}
if (status == STATUS_PENDING)
{
IoMarkIrpPending(irp);
}
else
if (status != STATUS_PENDING)
{
irp->IoStatus.Status = status;
IoCompleteRequest(irp, IO_NO_INCREMENT);