Author: cgutman Date: Mon Feb 27 19:31:11 2012 New Revision: 55887 URL: http://svn.reactos.org/svn/reactos?rev=55887&view=rev Log: [NTOSKRNL] - Fix kernel memory corruption when a driver fails to initialize - Fix a handle leak in a failure case Modified: trunk/reactos/ntoskrnl/io/iomgr/driver.c Modified: trunk/reactos/ntoskrnl/io/iomgr/driver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/driver.c… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/driver.c [iso-8859-1] Mon Feb 27 19:31:11 2012 @@ -1538,6 +1538,10 @@ KernelMode, (PVOID*)&DriverObject, NULL); + + /* Close the extra handle */ + ZwClose(hDriver); + if (!NT_SUCCESS(Status)) { /* Fail */ @@ -1545,9 +1549,6 @@ ObDereferenceObject(DriverObject); return Status; } - - /* Close the extra handle */ - ZwClose(hDriver); DriverObject->HardwareDatabase = &IopHardwareDatabaseKey; DriverObject->DriverStart = ModuleObject ? ModuleObject->DllBase : 0; @@ -1564,6 +1565,7 @@ DriverObject->DriverSection = NULL; ObMakeTemporaryObject(DriverObject); ObDereferenceObject(DriverObject); + return Status; } else {