Author: tfaber Date: Fri May 19 18:22:46 2017 New Revision: 74599 URL: http://svn.reactos.org/svn/reactos?rev=74599&view=rev Log: [RTL] - Do not change RTL_HANDLE_TABLE::CommittedHandles when committing a new page of handle entries. This value must always point to the beginning of the allocation, to correctly track the entire committed range. Fixes LibreOffice Writer (and ntdll_apitest) crash. CORE-13271 #resolve Modified: trunk/reactos/sdk/lib/rtl/handle.c Modified: trunk/reactos/sdk/lib/rtl/handle.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/sdk/lib/rtl/handle.c?rev=7… ============================================================================== --- trunk/reactos/sdk/lib/rtl/handle.c [iso-8859-1] (original) +++ trunk/reactos/sdk/lib/rtl/handle.c [iso-8859-1] Fri May 19 18:22:46 2017 @@ -89,6 +89,7 @@ return NULL; /* Update handle array pointers */ + HandleTable->CommittedHandles = (PRTL_HANDLE_TABLE_ENTRY)ArrayPointer; HandleTable->UnCommittedHandles = (PRTL_HANDLE_TABLE_ENTRY)ArrayPointer; HandleTable->MaxReservedHandles = (PRTL_HANDLE_TABLE_ENTRY)((ULONG_PTR)ArrayPointer + ArraySize); } @@ -107,7 +108,6 @@ /* Update handle array pointers */ HandleTable->FreeHandles = (PRTL_HANDLE_TABLE_ENTRY)ArrayPointer; - HandleTable->CommittedHandles = (PRTL_HANDLE_TABLE_ENTRY)ArrayPointer; HandleTable->UnCommittedHandles = (PRTL_HANDLE_TABLE_ENTRY)((ULONG_PTR)ArrayPointer + ArraySize); /* Calculate the number of entries we can store in the array */