[ros-diffs] [cmihail] 52388: [MSAFD] - merge r52193 and rr52198 [IP] - fix memory leak when closing a connection endpoint

cmihail at svn.reactos.org cmihail at svn.reactos.org
Mon Jun 20 17:19:38 UTC 2011 

Author: cmihail
Date: Mon Jun 20 17:19:37 2011
New Revision: 52388

URL: http://svn.reactos.org/svn/reactos?rev=52388&view=rev
Log:
[MSAFD]
- merge r52193 and rr52198
[IP]
- fix memory leak when closing a connection endpoint

Modified:
    branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/dllmain.c
    branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/sndrcv.c
    branches/GSoC_2011/TcpIpDriver/lib/drivers/ip/transport/tcp/event.c

Modified: branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/dllmain.c
URL: http://svn.reactos.org/svn/reactos/branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/dllmain.c?rev=52388&r1=52387&r2=52388&view=diff
==============================================================================
--- branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/dllmain.c [iso-8859-1] (original)
+++ branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/dllmain.c [iso-8859-1] Mon Jun 20 17:19:37 2011
@@ -401,6 +401,7 @@
     HANDLE SockEvent;
     AFD_DISCONNECT_INFO DisconnectInfo;
     SOCKET_STATE OldState;
+    LONG LingerWait = -1;
 
     /* Create the Wait Event */
     Status = NtCreateEvent(&SockEvent,
@@ -453,7 +454,6 @@
     /* FIXME: Should we do this on Datagram Sockets too? */
     if ((OldState == SocketConnected) && (Socket->SharedData.LingerData.l_onoff))
     {
-        ULONG LingerWait;
         ULONG SendsInProgress;
         ULONG SleepWait;
 
@@ -477,7 +477,11 @@
 
             /* Bail out if no more sends are pending */
             if (!SendsInProgress)
+            {
+                LingerWait = -1;
                 break;
+            }
+
             /* 
              * We have to execute a sleep, so it's kind of like
              * a block. If the socket is Nonblock, we cannot
@@ -502,15 +506,14 @@
             Sleep(SleepWait);
             LingerWait -= SleepWait;
         }
-
-        /*
-        * We have reached the timeout or sends are over.
-        * Disconnect if the timeout has been reached. 
-        */
+    }
+
+    if (OldState == SocketConnected)
+    {
         if (LingerWait <= 0)
         {
             DisconnectInfo.Timeout = RtlConvertLongToLargeInteger(0);
-            DisconnectInfo.DisconnectType = AFD_DISCONNECT_ABORT;
+            DisconnectInfo.DisconnectType = LingerWait < 0 ? AFD_DISCONNECT_SEND : AFD_DISCONNECT_ABORT;
 
             /* Send IOCTL */
             Status = NtDeviceIoControlFile((HANDLE)Handle,
@@ -1564,6 +1567,7 @@
     if (Status != STATUS_SUCCESS)
         goto notify;
 
+    Socket->SharedData.State = SocketConnected;
     Socket->TdiConnectionHandle = (HANDLE)IOSB.Information;
 
     /* Get any pending connect data */
@@ -1742,6 +1746,13 @@
        return SOCKET_ERROR;
     }
 
+    if (!Name || !NameLength)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAEFAULT;
+        return SOCKET_ERROR;
+    }
+
     /* Allocate a buffer for the address */
     TdiAddressSize = 
 		sizeof(TRANSPORT_ADDRESS) + Socket->SharedData.SizeOfLocalAddress;
@@ -1834,6 +1845,20 @@
        NtClose(SockEvent);
        *lpErrno = WSAENOTSOCK;
        return SOCKET_ERROR;
+    }
+
+    if (Socket->SharedData.State != SocketConnected)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAENOTCONN;
+        return SOCKET_ERROR;
+    }
+
+    if (!Name || !NameLength)
+    {
+        NtClose(SockEvent);
+        *lpErrno = WSAEFAULT;
+        return SOCKET_ERROR;
     }
 
     /* Allocate a buffer for the address */

Modified: branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/sndrcv.c
URL: http://svn.reactos.org/svn/reactos/branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/sndrcv.c?rev=52388&r1=52387&r2=52388&view=diff
==============================================================================
--- branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/sndrcv.c [iso-8859-1] (original)
+++ branches/GSoC_2011/TcpIpDriver/dll/win32/msafd/misc/sndrcv.c [iso-8859-1] Mon Jun 20 17:19:37 2011
@@ -388,7 +388,14 @@
     }
 
     /* Re-enable Async Event */
-    SockReenableAsyncSelectEvent(Socket, FD_READ);
+    if (*ReceiveFlags & MSG_OOB)
+    {
+        SockReenableAsyncSelectEvent(Socket, FD_OOB);
+    }
+    else
+    {
+        SockReenableAsyncSelectEvent(Socket, FD_READ);
+    }
 
     return MsafdReturnWithErrno ( Status, lpErrno, IOSB->Information, lpNumberOfBytesRead );
 }
@@ -667,8 +674,7 @@
         HeapFree(GlobalHeap, 0, BindAddress);
     }
 
-    if (Status != STATUS_PENDING)
-       SockReenableAsyncSelectEvent(Socket, FD_WRITE);
+    SockReenableAsyncSelectEvent(Socket, FD_WRITE);
 
     return MsafdReturnWithErrno(Status, lpErrno, IOSB->Information, lpNumberOfBytesSent);
 }

Modified: branches/GSoC_2011/TcpIpDriver/lib/drivers/ip/transport/tcp/event.c
URL: http://svn.reactos.org/svn/reactos/branches/GSoC_2011/TcpIpDriver/lib/drivers/ip/transport/tcp/event.c?rev=52388&r1=52387&r2=52388&view=diff
==============================================================================
--- branches/GSoC_2011/TcpIpDriver/lib/drivers/ip/transport/tcp/event.c [iso-8859-1] (original)
+++ branches/GSoC_2011/TcpIpDriver/lib/drivers/ip/transport/tcp/event.c [iso-8859-1] Mon Jun 20 17:19:37 2011
@@ -204,6 +204,8 @@
             UnlockObject(Bucket->AssociatedEndpoint, OldIrql);
         }
         
+        DereferenceObject(Bucket->AssociatedEndpoint);
+
         DbgPrint("[IP, TCPAcceptEventHandler] Done!\n");
         
         CompleteBucket(Connection, Bucket, FALSE);

More information about the Ros-diffs mailing list