https://git.reactos.org/?p=reactos.git;a=commitdiff;h=8e8f61989ae86ca0eeb7b7...
commit 8e8f61989ae86ca0eeb7b7a50218f1533ae03bf3 Author: Katayama Hirofumi MZ katayama.hirofumi.mz@gmail.com AuthorDate: Wed Jan 5 08:15:32 2022 +0900 Commit: GitHub noreply@github.com CommitDate: Wed Jan 5 08:15:32 2022 +0900
[NTUSER] Plan A: UserDereferenceObject in UserCreateInputContext (#4247)
- Call UserDereferenceObject function in UserCreateInputContext. - Don't call UserDereferenceObject against input context at the other places. CORE-11700 --- win32ss/user/ntuser/main.c | 6 +----- win32ss/user/ntuser/ntstubs.c | 11 +++++++---- 2 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/win32ss/user/ntuser/main.c b/win32ss/user/ntuser/main.c index fd2eed2aa79..46364a10089 100644 --- a/win32ss/user/ntuser/main.c +++ b/win32ss/user/ntuser/main.c @@ -654,11 +654,7 @@ InitThreadCallback(PETHREAD Thread) /* Create the default input context */ if (IS_IMM_MODE()) { - PIMC pIMC = UserCreateInputContext(0); - if (pIMC) - { - UserDereferenceObject(pIMC); - } + (VOID)UserCreateInputContext(0); }
/* Last things to do only if we are not a SYSTEM or CSRSS thread */ diff --git a/win32ss/user/ntuser/ntstubs.c b/win32ss/user/ntuser/ntstubs.c index 015f8e30650..09b9473756a 100644 --- a/win32ss/user/ntuser/ntstubs.c +++ b/win32ss/user/ntuser/ntstubs.c @@ -482,6 +482,9 @@ PIMC FASTCALL UserCreateInputContext(ULONG_PTR dwClientImcData) if (!pIMC) return NULL;
+ // Release the extra reference (UserCreateObject added 2 references). + UserDereferenceObject(pIMC); + if (dwClientImcData) // Non-first time. { // Insert pIMC to the second position (non-default) of the list. @@ -506,17 +509,17 @@ NtUserCreateInputContext(ULONG_PTR dwClientImcData) PIMC pIMC; HIMC ret = NULL;
+ if (!dwClientImcData) + return NULL; + UserEnterExclusive();
- if (!IS_IMM_MODE() || !dwClientImcData) + if (!IS_IMM_MODE()) goto Quit;
pIMC = UserCreateInputContext(dwClientImcData); if (pIMC) - { ret = UserHMGetHandle(pIMC); - UserDereferenceObject(pIMC); - }
Quit: UserLeave();