[reactos] 01/01: [IP] Don't reference uninitialized PCB to avoid BSOD. CORE-18982 - Ros-diffs

30 Jul 2023

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=f8a6542b15efa996d6726…

commit f8a6542b15efa996d672609e651485f50310a6c0
Author:     David L Bean &lt;d_bean(a)hotmail.com&gt;
AuthorDate: Mon Jul 24 13:18:16 2023 -0400
Commit:     Thomas Faber &lt;thomas.faber(a)reactos.org&gt;
CommitDate: Sun Jul 30 16:52:55 2023 -0400

    [IP] Don't reference uninitialized PCB to avoid BSOD. CORE-18982
    
    transport calls to LibTCPConnect that suffer certain early failures
    like parameter errors or early route lookup failures return without
    initializing the pcb.
    In order to avoid later BSOD's this change clears the
    ConnectionRequest bucket in those cases.
---
 drivers/network/tcpip/ip/transport/tcp/tcp.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/drivers/network/tcpip/ip/transport/tcp/tcp.c
b/drivers/network/tcpip/ip/transport/tcp/tcp.c
index 3d65e9a46b9..89b9184fdca 100644
--- a/drivers/network/tcpip/ip/transport/tcp/tcp.c
+++ b/drivers/network/tcpip/ip/transport/tcp/tcp.c
@@ -411,7 +411,13 @@ NTSTATUS TCPConnect
     Status = TCPTranslateError(LibTCPConnect(Connection,
                                                 &connaddr,
                                                 RemotePort));
-
+    if (!NT_SUCCESS(Status))
+    {
+        LockObject(Connection);
+        RemoveEntryList(&Bucket->Entry);
+        UnlockObject(Connection);
+        ExFreeToNPagedLookasideList(&TdiBucketLookasideList, Bucket);
+    }
     TI_DbgPrint(DEBUG_TCP,("[IP, TCPConnect] Leaving. Status = 0x%x\n",
Status));
 
     return Status;

    