Author: fireball Date: Fri Jul 24 23:19:50 2009 New Revision: 42183 URL: http://svn.reactos.org/svn/reactos?rev=42183&view=rev Log: - PsLookupProcess/Thread already references the object, so don't reference it yet again! Thaaaaank you Stefan Ginsberg. Fixes a rather big reference leak. See arwinss issue Nr 2. Modified: branches/arwinss/reactos/subsystems/win32/win32k/wine/hook.c branches/arwinss/reactos/subsystems/win32/win32k/wine/queue.c branches/arwinss/reactos/subsystems/win32/win32k/wine/winstation.c Modified: branches/arwinss/reactos/subsystems/win32/win32k/wine/hook.c URL: http://svn.reactos.org/svn/reactos/branches/arwinss/reactos/subsystems/win3… ============================================================================== --- branches/arwinss/reactos/subsystems/win32/win32k/wine/hook.c [iso-8859-1] (original) +++ branches/arwinss/reactos/subsystems/win32/win32k/wine/hook.c [iso-8859-1] Fri Jul 24 23:19:50 2009 @@ -390,21 +390,17 @@ if (!(desktop = get_thread_desktop( current, DESKTOP_HOOKCONTROL ))) return; - //if (req->pid && !(process = get_process_from_id( req->pid ))) goto done; if (req->pid) { status = PsLookupProcessByProcessId((HANDLE)req->pid, &eprocess); if (!NT_SUCCESS(status)) goto done; - ObReferenceObjectByPointer(eprocess, 0, NULL, KernelMode); process = (PPROCESSINFO)PsGetProcessWin32Process(eprocess); } if (req->tid) { - //if (!(thread = get_thread_from_id( req->tid ))) goto done; status = PsLookupThreadByThreadId((HANDLE)req->tid, &ethread); if (!NT_SUCCESS(status)) goto done; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); thread = (PTHREADINFO)PsGetThreadWin32Thread(ethread); if (process && process != thread->process) Modified: branches/arwinss/reactos/subsystems/win32/win32k/wine/queue.c URL: http://svn.reactos.org/svn/reactos/branches/arwinss/reactos/subsystems/win3… ============================================================================== --- branches/arwinss/reactos/subsystems/win32/win32k/wine/queue.c [iso-8859-1] (original) +++ branches/arwinss/reactos/subsystems/win32/win32k/wine/queue.c [iso-8859-1] Fri Jul 24 23:19:50 2009 @@ -1722,9 +1722,11 @@ status = PsLookupThreadByThreadId((HANDLE)req->id, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } if (!(recv_queue = thread->queue)) { @@ -1804,8 +1806,11 @@ status = PsLookupThreadByThreadId((HANDLE)req->id, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } } if (thread && !(recv_queue = thread->queue)) @@ -2113,10 +2118,11 @@ if (!NT_SUCCESS(status)) return; status = PsLookupThreadByThreadId((HANDLE)req->tid_to, &ethread_to); - if (!NT_SUCCESS(status)) return; - - ObReferenceObjectByPointer(ethread_from, 0, NULL, KernelMode); - ObReferenceObjectByPointer(ethread_to, 0, NULL, KernelMode); + if (!NT_SUCCESS(status)) + { + ObDereferenceObject(ethread_from); + return; + } thread_from = (PTHREADINFO)ethread_from->Tcb.Win32Thread; thread_to = (PTHREADINFO)ethread_to->Tcb.Win32Thread; @@ -2157,9 +2163,11 @@ { status = PsLookupThreadByThreadId((HANDLE)req->tid, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); - + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } input = thread->queue ? thread->queue->input : NULL; } else input = foreground_input; /* get the foreground thread info */ @@ -2200,8 +2208,11 @@ status = PsLookupThreadByThreadId((HANDLE)req->tid, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } input = thread->queue ? thread->queue->input : NULL; if (input) @@ -2223,8 +2234,11 @@ status = PsLookupThreadByThreadId((HANDLE)req->tid, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } input = thread->queue ? thread->queue->input : NULL; if (input) Modified: branches/arwinss/reactos/subsystems/win32/win32k/wine/winstation.c URL: http://svn.reactos.org/svn/reactos/branches/arwinss/reactos/subsystems/win3… ============================================================================== --- branches/arwinss/reactos/subsystems/win32/win32k/wine/winstation.c [iso-8859-1] (original) +++ branches/arwinss/reactos/subsystems/win32/win32k/wine/winstation.c [iso-8859-1] Fri Jul 24 23:19:50 2009 @@ -615,8 +615,11 @@ status = PsLookupThreadByThreadId((HANDLE)req->tid, &ethread); if (!NT_SUCCESS(status)) return; - if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) return; - ObReferenceObjectByPointer(ethread, 0, NULL, KernelMode); + if (!(thread = (PTHREADINFO)ethread->Tcb.Win32Thread)) + { + ObDereferenceObject(ethread); + return; + } reply->handle = thread->desktop;