[tkreuzer] 39927: Call ExFreePoolWithTag with 0 tag from ExFreePool instead of vice versa, bugcheck system, when Block is not inside any pool.
10 Mar
2009
10 Mar
'09
2:16 a.m.
Author: tkreuzer
Date: Tue Mar 10 05:16:38 2009
New Revision: 39927
URL: http://svn.reactos.org/svn/reactos?rev=39927&view=rev
Log:
Call ExFreePoolWithTag with 0 tag from ExFreePool instead of vice versa, bugcheck system,
when Block is not inside any pool.
Modified:
trunk/reactos/ntoskrnl/mm/pool.c
Modified: trunk/reactos/ntoskrnl/mm/pool.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/pool.c?rev=399…
==============================================================================
--- trunk/reactos/ntoskrnl/mm/pool.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/mm/pool.c [iso-8859-1] Tue Mar 10 05:16:38 2009
@@ -14,6 +14,7 @@
#define NDEBUG
#include <debug.h>
+extern PVOID MiNonPagedPoolStart;
extern ULONG MiNonPagedPoolLength;
extern ULONG MmTotalPagedPoolQuota;
extern ULONG MmTotalNonPagedPoolQuota;
@@ -234,42 +235,70 @@
VOID NTAPI
ExFreePool(IN PVOID Block)
{
- if (Block >= MmPagedPoolBase && (char*)Block < ((char*)MmPagedPoolBase
+ MmPagedPoolSize))
- {
+ ExFreePoolWithTag(Block, 0);
+}
+
+/*
+ * @implemented
+ */
+VOID
+NTAPI
+ExFreePoolWithTag(
+ IN PVOID Block,
+ IN ULONG Tag)
+{
+ /* Check for paged pool */
+ if (Block >= MmPagedPoolBase &&
+ (char*)Block < ((char*)MmPagedPoolBase + MmPagedPoolSize))
+ {
+ /* Validate tag */
+ if (Tag != 0 && Tag != EiGetPagedPoolTag(Block))
+ KeBugCheckEx(BAD_POOL_CALLER,
+ 0x0a,
+ (ULONG_PTR)Block,
+ EiGetPagedPoolTag(Block),
+ Tag);
+
+ /* Validate IRQL */
if (KeGetCurrentIrql() > APC_LEVEL)
- KeBugCheckEx(BAD_POOL_CALLER, 0x09, KeGetCurrentIrql(), PagedPool,
(ULONG_PTR)Block);
+ KeBugCheckEx(BAD_POOL_CALLER,
+ 0x09,
+ KeGetCurrentIrql(),
+ PagedPool,
+ (ULONG_PTR)Block);
+
+ /* Free from paged pool */
ExFreePagedPool(Block);
}
+
+ /* Check for non-paged pool */
+ else if (Block >= MiNonPagedPoolStart &&
+ (char*)Block < ((char*)MiNonPagedPoolStart + MiNonPagedPoolLength))
+ {
+ /* Validate tag */
+ if (Tag != 0 && Tag != EiGetNonPagedPoolTag(Block))
+ KeBugCheckEx(BAD_POOL_CALLER,
+ 0x0a,
+ (ULONG_PTR)Block,
+ EiGetNonPagedPoolTag(Block),
+ Tag);
+
+ /* Validate IRQL */
+ if (KeGetCurrentIrql() > DISPATCH_LEVEL)
+ KeBugCheckEx(BAD_POOL_CALLER,
+ 0x09,
+ KeGetCurrentIrql(),
+ NonPagedPool,
+ (ULONG_PTR)Block);
+
+ /* Free from non-paged pool */
+ ExFreeNonPagedPool(Block);
+ }
else
{
- if (KeGetCurrentIrql() > DISPATCH_LEVEL)
- KeBugCheckEx(BAD_POOL_CALLER, 0x09, KeGetCurrentIrql(), NonPagedPool,
(ULONG_PTR)Block);
- ExFreeNonPagedPool(Block);
- }
-}
-
-/*
- * @implemented
- */
-VOID
-NTAPI
-ExFreePoolWithTag(IN PVOID Block,
- IN ULONG Tag)
-{
- ULONG BlockTag;
-
- if (Tag != 0)
- {
- if (Block >= MmPagedPoolBase && (char*)Block <
((char*)MmPagedPoolBase + MmPagedPoolSize))
- BlockTag = EiGetPagedPoolTag(Block);
- else
- BlockTag = EiGetNonPagedPoolTag(Block);
-
- if (BlockTag != Tag)
- KeBugCheckEx(BAD_POOL_CALLER, 0x0a, (ULONG_PTR)Block, BlockTag, Tag);
- }
-
- ExFreePool(Block);
+ /* Block was not inside any pool! */
+ KeBugCheckEx(BAD_POOL_CALLER, 0x42, (ULONG_PTR)Block, 0, 0);
+ }
}
/*
5782
days inactive
5782
days old
0 comments
1 participants
participants (1)
-
tkreuzer@svn.reactos.org