[arty] 28415: Fix part two of the bug: The actual problem was that we'd overrun the end of the handle count array when decrementing. This also led to a handle leak (observed). Stop correctly when we find the handle we want.
Author: arty Date: Sun Aug 19 09:02:31 2007 New Revision: 28415
URL: http://svn.reactos.org/svn/reactos?rev=28415&view=rev Log: Fix part two of the bug:
The actual problem was that we'd overrun the end of the handle count array when decrementing. This also led to a handle leak (observed). Stop correctly when we find the handle we want.
Modified: trunk/reactos/ntoskrnl/ob/obhandle.c
Modified: trunk/reactos/ntoskrnl/ob/obhandle.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ob/obhandle.c?rev=... ============================================================================== --- trunk/reactos/ntoskrnl/ob/obhandle.c (original) +++ trunk/reactos/ntoskrnl/ob/obhandle.c Sun Aug 19 09:02:31 2007 @@ -331,6 +331,8 @@ /* Insert a new entry */ FreeEntry = ObpInsertHandleCount(ObjectHeader); if (!FreeEntry) return STATUS_INSUFFICIENT_RESOURCES; + ASSERT(!FreeEntry->Process); + ASSERT(!FreeEntry->HandleCount);
/* Fill it out */ FreeEntry->Process = Process; @@ -375,6 +377,8 @@ /* Allocate one */ FreeEntry = ObpInsertHandleCount(ObjectHeader); if (!FreeEntry) return STATUS_INSUFFICIENT_RESOURCES; + ASSERT(!FreeEntry->Process); + ASSERT(!FreeEntry->HandleCount); }
/* Fill out the entry */ @@ -533,6 +537,7 @@ { /* Found it, get the process handle count */ ProcessHandleCount = HandleEntry->HandleCount--; + break; }
/* Keep looping */
-
arty@svn.reactos.org