[ros-diffs] [fireball] 30564: - Reference/dereference the file object when working with it in the context of MPW thread. This prevents massive file operations (like copying) to crash ReactOS with writing to a freed memory exception.

18 Nov 2007

Author: fireball
Date: Mon Nov 19 02:11:20 2007
New Revision: 30564

URL: http://svn.reactos.org/svn/reactos?rev=30564&view=rev
Log:
- Reference/dereference the file object when working with it in the context of MPW thread.
This prevents massive file operations (like copying) to crash ReactOS with writing to a
freed memory exception.

Modified:
    trunk/reactos/ntoskrnl/cc/view.c

Modified: trunk/reactos/ntoskrnl/cc/view.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/cc/view.c?rev=305…
==============================================================================

--- trunk/reactos/ntoskrnl/cc/view.c (original)
+++ trunk/reactos/ntoskrnl/cc/view.c Mon Nov 19 02:11:20 2007
@@ -237,10 +237,16 @@
         current = CONTAINING_RECORD(current_entry, CACHE_SEGMENT,
                                     DirtySegmentListEntry);
         current_entry = current_entry->Flink;
-        
+
+        /* This Ros-specific function needs FileObject to be referenced,
+           ohterwise it may be deleted while this function still works
+           with it */
+        ObReferenceObject(current->Bcb->FileObject);
+
         Locked =
ExTryToAcquireResourceExclusiveLite(((FSRTL_COMMON_FCB_HEADER*)(current->Bcb->FileObject->FsContext))->Resource);
         if (!Locked)
         {
+            ObDereferenceObject(current->Bcb->FileObject);
             continue;
         }
         
@@ -248,6 +254,7 @@
         if (!Locked)
         {
            
ExReleaseResourceLite(((FSRTL_COMMON_FCB_HEADER*)(current->Bcb->FileObject->FsContext))->Resource);
+            ObDereferenceObject(current->Bcb->FileObject);
             continue;
         }
         
@@ -256,6 +263,7 @@
         {
             ExReleasePushLock(&current->Lock);
            
ExReleaseResourceLite(((FSRTL_COMMON_FCB_HEADER*)(current->Bcb->FileObject->FsContext))->Resource);
+            ObDereferenceObject(current->Bcb->FileObject);
             continue;
         }
         
@@ -267,6 +275,7 @@
 
         ExReleasePushLock(&current->Lock);
        
ExReleaseResourceLite(((FSRTL_COMMON_FCB_HEADER*)(current->Bcb->FileObject->FsContext))->Resource);
+        ObDereferenceObject(current->Bcb->FileObject);
 
         if (!NT_SUCCESS(Status) &&  (Status != STATUS_END_OF_FILE))
         {



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [fireball] 30564: - Reference/dereference the file object when working with it in the context of MPW thread. This prevents massive file operations (like copying) to crash ReactOS with writing to a freed memory exception.