[ros-diffs] [jimtabor] 56531: [Win32k] - Fix crash when pcti is null. See bug 6759.
jimtabor at svn.reactos.org
jimtabor at svn.reactos.org
Mon May 7 06:00:11 UTC 2012
Author: jimtabor
Date: Mon May 7 06:00:08 2012
New Revision: 56531
URL: http://svn.reactos.org/svn/reactos?rev=56531&view=rev
Log:
[Win32k]
- Fix crash when pcti is null. See bug 6759.
Modified:
trunk/reactos/win32ss/user/ntuser/desktop.c
Modified: trunk/reactos/win32ss/user/ntuser/desktop.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/win32ss/user/ntuser/desktop.c?rev=56531&r1=56530&r2=56531&view=diff
==============================================================================
--- trunk/reactos/win32ss/user/ntuser/desktop.c [iso-8859-1] (original)
+++ trunk/reactos/win32ss/user/ntuser/desktop.c [iso-8859-1] Mon May 7 06:00:08 2012
@@ -1821,7 +1821,10 @@
pdeskOld = pti->rpdesk;
hdeskOld = pti->hdesk;
- pctiOld = pti->pcti;
+ if (pti->pcti != &pti->cti)
+ pctiOld = pti->pcti;
+ else
+ pctiOld = NULL;
/* do the switch */
if(pdesk != NULL)
@@ -1850,7 +1853,7 @@
pti->rpdesk = NULL;
pti->hdesk = NULL;
pti->pDeskInfo = NULL;
- pti->pcti = NULL;
+ pti->pcti = &pti->cti; // Always point inside so there will be no crash when posting or sending msg's!
pci->ulClientDelta = 0;
pci->pDeskInfo = NULL;
pci->pClientThreadInfo = NULL;
@@ -1860,7 +1863,7 @@
if(pdeskOld != NULL)
{
RemoveEntryList(&pti->PtiLink);
- DesktopHeapFree(pdeskOld, pctiOld);
+ if (pctiOld) DesktopHeapFree(pdeskOld, pctiOld);
IntUnmapDesktopView(pdeskOld);
ObDereferenceObject(pdeskOld);
ZwClose(hdeskOld);
More information about the Ros-diffs
mailing list