[1/2] server: Initialize irp->thread immediately after creation of irp_call object.
Sebastian Lackner
sebastian at fds-team.de
Sun Aug 16 00:59:48 CDT 2015
When the memdup() afterwards fails (in the same function) the object is immediately
destroyed again, but without having irp->thread ever initialized. This would cause
an access violation in the destructor.
---
server/device.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/server/device.c b/server/device.c
index e6dc15e..812bce3 100644
--- a/server/device.c
+++ b/server/device.c
@@ -259,6 +259,7 @@ static struct irp_call *create_irp( struct device_file *file, const irp_params_t
if ((irp = alloc_object( &irp_call_ops )))
{
irp->file = (struct device_file *)grab_object( file );
+ irp->thread = NULL;
irp->async = NULL;
irp->params = *params;
irp->status = STATUS_PENDING;
--
2.5.0
More information about the wine-patches
mailing list