From 978af7263fd64701213db85769ecf6509391a1b0 Mon Sep 17 00:00:00 2001
From: Daniel Lehman <dlehman@esri.com>
Date: Fri, 19 May 2017 12:55:13 -0700
Subject: [PATCH 7/7] msvcrt: Always cleanup registered C++ objects.

...if new exception is non-consolidate (SEH)

currently, the registered C++ object is cleaned up in
case of a C++ new throw or rethrow because the
exception record in cxx_catch_cleanup is a consolidation

but if an SEH is thrown inside the catch block and
caught by an __except, the exception record during the
unwind is not a consolidation, and the registered
object is not freed.  this can cause a crash later
because the registered object points to stale stack
space

since the new exception is not C++, we can always
unregister it (vs consolidation case where we need
to check if it's still in use)

fixes test: test_cxx_throw_segv_in_catch_try_finally

Signed-off-by: Daniel Lehman <dlehman@esri.com>
---
 dlls/msvcrt/except_x86_64.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/dlls/msvcrt/except_x86_64.c b/dlls/msvcrt/except_x86_64.c
index 8fbeb85..2d06cfd 100644
--- a/dlls/msvcrt/except_x86_64.c
+++ b/dlls/msvcrt/except_x86_64.c
@@ -366,6 +366,15 @@ static DWORD cxx_catch_cleanup(EXCEPTION_RECORD *rec, EXCEPTION_REGISTRATION_REC
                 }
             }
         }
+        else
+        {
+            for (cur = data->frame_info_head; cur; cur = cur->next)
+            {
+                if ((ULONG64)cur <= (ULONG64)frame)
+                    __CxxUnregisterExceptionObject((cxx_frame_info*)cur, FALSE);
+            }
+
+        }
     }
     return ExceptionContinueSearch;
 }
-- 
1.9.5