[ros-diffs] [cgutman] 55887: [NTOSKRNL] - Fix kernel memory corruption when a driver fails to initialize - Fix a handle leak in a failure case

cgutman Mon, 27 Feb 2012 11:31:44 -0800

Author: cgutman
Date: Mon Feb 27 19:31:11 2012
New Revision: 55887

URL: http://svn.reactos.org/svn/reactos?rev=55887&view=rev
Log:
[NTOSKRNL]
- Fix kernel memory corruption when a driver fails to initialize
- Fix a handle leak in a failure case


Modified:
    trunk/reactos/ntoskrnl/io/iomgr/driver.c

Modified: trunk/reactos/ntoskrnl/io/iomgr/driver.c
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/driver.c?rev=55887&r1=55886&r2=55887&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] Mon Feb 27 19:31:11 
2012
@@ -1538,6 +1538,10 @@
                                        KernelMode,
                                        (PVOID*)&DriverObject,
                                        NULL);
+
+    /* Close the extra handle */
+    ZwClose(hDriver);
+
     if (!NT_SUCCESS(Status))
     {
         /* Fail */
@@ -1545,9 +1549,6 @@
         ObDereferenceObject(DriverObject);
         return Status;
     }
-
-    /* Close the extra handle */
-    ZwClose(hDriver);
 
     DriverObject->HardwareDatabase = &IopHardwareDatabaseKey;
     DriverObject->DriverStart = ModuleObject ? ModuleObject->DllBase : 0;
@@ -1564,6 +1565,7 @@
         DriverObject->DriverSection = NULL;
         ObMakeTemporaryObject(DriverObject);
         ObDereferenceObject(DriverObject);
+        return Status;
     }
     else
     {

[ros-diffs] [cgutman] 55887: [NTOSKRNL] - Fix kernel memory corruption when a driver fails to initialize - Fix a handle leak in a failure case

Reply via email to