[ros-diffs] [tfaber] 56735: [NTOSKRNL] - Fix callback pool tags - Fix a reference leak in PsSetCreateProcessNotifyRoutine See issue #7120 for more details.

tfaber Thu, 14 Jun 2012 15:07:26 -0700

Author: tfaber
Date: Thu Jun 14 22:06:24 2012
New Revision: 56735

URL: http://svn.reactos.org/svn/reactos?rev=56735&view=rev
Log:
[NTOSKRNL]
- Fix callback pool tags
- Fix a reference leak in PsSetCreateProcessNotifyRoutine
See issue #7120 for more details.


Modified:
    trunk/reactos/ntoskrnl/CMakeLists.txt
    trunk/reactos/ntoskrnl/ex/callback.c
    trunk/reactos/ntoskrnl/include/internal/tag.h
    trunk/reactos/ntoskrnl/ps/psnotify.c

Modified: trunk/reactos/ntoskrnl/CMakeLists.txt
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/CMakeLists.txt?rev=56735&r1=56734&r2=56735&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/CMakeLists.txt [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/CMakeLists.txt [iso-8859-1] Thu Jun 14 22:06:24 2012
@@ -132,7 +132,7 @@
     fstub/disksup.c
     fstub/fstubex.c
     fstub/halstub.c
-       fstub/translate.c
+    fstub/translate.c
     inbv/inbv.c
     inbv/inbvport.c
     io/iomgr/adapter.c

Modified: trunk/reactos/ntoskrnl/ex/callback.c
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ex/callback.c?rev=56735&r1=56734&r2=56735&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ex/callback.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ex/callback.c [iso-8859-1] Thu Jun 14 22:06:24 2012
@@ -59,7 +59,7 @@
     /* Allocate a callback */
     CallbackBlock = ExAllocatePoolWithTag(PagedPool,
                                           sizeof(EX_CALLBACK_ROUTINE_BLOCK),
-                                          'CbRb');
+                                          TAG_CALLBACK_ROUTINE_BLOCK);
     if (CallbackBlock)
     {
         /* Initialize it */
@@ -77,7 +77,7 @@
 ExFreeCallBack(IN PEX_CALLBACK_ROUTINE_BLOCK CallbackBlock)
 {
     /* Just free it from memory */
-    ExFreePoolWithTag(CallbackBlock, CALLBACK_TAG);
+    ExFreePoolWithTag(CallbackBlock, TAG_CALLBACK_ROUTINE_BLOCK);
 }
 
 VOID
@@ -124,7 +124,7 @@
     EX_FAST_REF OldValue;
     ULONG_PTR Count;
     PEX_CALLBACK_ROUTINE_BLOCK CallbackBlock;
-    
+
     /* Acquire a reference */
     OldValue = ExAcquireFastReference(&CallBack->RoutineBlock);
     Count = ExGetCountFastReference(OldValue);
@@ -140,10 +140,10 @@
         ASSERT(FALSE);
         return NULL;
     }
-    
+
     /* Get the callback block */
     CallbackBlock = ExGetObjectFastReference(OldValue);
-    
+
     /* Check if this is the last reference */
     if (Count == 1)
     {
@@ -425,7 +425,7 @@
                                            0,
                                            ExCallbackObjectType,
                                            KernelMode,
-                                           (PVOID)&Callback,
+                                           &Callback,
                                            NULL);
 
         /* Close the Handle, since we now have the pointer */
@@ -567,7 +567,7 @@
     /* Allocate memory for the structure */
     CallbackRegistration = ExAllocatePoolWithTag(NonPagedPool,
                                                  sizeof(CALLBACK_REGISTRATION),
-                                                 CALLBACK_TAG);
+                                                 TAG_CALLBACK_REGISTRATION);
     if (!CallbackRegistration)
     {
         /* Dereference and fail */
@@ -602,7 +602,7 @@
         KeReleaseSpinLock(&CallbackObject->Lock, OldIrql);
 
         /* Free the registration */
-        ExFreePoolWithTag(CallbackRegistration, CALLBACK_TAG);
+        ExFreePoolWithTag(CallbackRegistration, TAG_CALLBACK_REGISTRATION);
         CallbackRegistration = NULL;
 
         /* Dereference the object */
@@ -676,7 +676,7 @@
     KeReleaseSpinLock(&CallbackObject->Lock, OldIrql);
 
     /* Delete this registration */
-    ExFreePoolWithTag(CallbackRegistration, CALLBACK_TAG);
+    ExFreePoolWithTag(CallbackRegistration, TAG_CALLBACK_REGISTRATION);
 
     /* Remove the reference */
     ObDereferenceObject(CallbackObject);

Modified: trunk/reactos/ntoskrnl/include/internal/tag.h
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/tag.h?rev=56735&r1=56734&r2=56735&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/include/internal/tag.h [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/include/internal/tag.h [iso-8859-1] Thu Jun 14 
22:06:24 2012
@@ -5,8 +5,9 @@
 #define TAG_BCB   ' BCB'
 #define TAG_IBCB  'BCBi'
 
-/* formely located in include/callback.h */
-#define CALLBACK_TAG        'KBLC'
+/* Executive Callbacks */
+#define TAG_CALLBACK_ROUTINE_BLOCK 'brbC'
+#define TAG_CALLBACK_REGISTRATION  'eRBC'
 
 /* formely located in dbg/dbgkobj.c */
 #define TAG_DEBUG_EVENT     'EgbD'

Modified: trunk/reactos/ntoskrnl/ps/psnotify.c
URL: 
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ps/psnotify.c?rev=56735&r1=56734&r2=56735&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/ps/psnotify.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/ps/psnotify.c [iso-8859-1] Thu Jun 14 22:06:24 2012
@@ -48,35 +48,32 @@
             if (!CallBack) continue;
 
             /* Check it this is a matching block */
-            if (ExGetCallBackBlockRoutine(CallBack) != (PVOID)NotifyRoutine)
-            {
-                /* It's not, try the next one */
-                continue;
-            }
-
-            /* It is, clear the current routine */
-            if (ExCompareExchangeCallBack(&PspProcessNotifyRoutine[i],
-                                          NULL,
-                                          CallBack))
-            {
-                /* Decrement the number of routines */
-                InterlockedDecrement((PLONG)&PspProcessNotifyRoutineCount);
+            if (ExGetCallBackBlockRoutine(CallBack) == (PVOID)NotifyRoutine)
+            {
+                /* Try removing it if it matches */
+                if (ExCompareExchangeCallBack(&PspProcessNotifyRoutine[i],
+                                              NULL,
+                                              CallBack))
+                {
+                    /* Decrement the number of routines */
+                    InterlockedDecrement((PLONG)&PspProcessNotifyRoutineCount);
+
+                    /* Dereference the block */
+                    ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
+                                               CallBack);
+
+                    /* Wait for active callbacks */
+                    ExWaitForCallBacks(CallBack);
+
+                    /* Free the callback and exit */
+                    ExFreeCallBack(CallBack);
+                    return STATUS_SUCCESS;
+                }
 
                 /* Dereference the block */
                 ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
                                            CallBack);
-
-                /* Wait for actice callbacks */
-                ExWaitForCallBacks(CallBack);
-
-                /* Free the callback and exit */
-                ExFreeCallBack (CallBack);
-                return STATUS_SUCCESS;
-            }
-
-            /* Dereference the block */
-            ExDereferenceCallBackBlock(&PspProcessNotifyRoutine[i],
-                                       CallBack);
+            }
         }
 
         /* We didn't find any matching block */

[ros-diffs] [tfaber] 56735: [NTOSKRNL] - Fix callback pool tags - Fix a reference leak in PsSetCreateProcessNotifyRoutine See issue #7120 for more details.

Reply via email to