git://git.jankratochvil.net / captive.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
MajorFunction_Irp_finish(): Fixed deallocated memory access.
[captive.git] / src / libcaptive / storage / cdrom.c
diff --git a/src/libcaptive/storage/cdrom.c b/src/libcaptive/storage/cdrom.c
index 823df93..59f0d5f 100644 (file)
--- a/src/libcaptive/storage/cdrom.c
+++ b/src/libcaptive/storage/cdrom.c
@@ -64,6 +64,8 @@ DISK_GEOMETRY *DiskGeometry;
 
 static NTSTATUS MajorFunction_Irp_finish(DEVICE_OBJECT *DeviceObject,IRP *Irp)
 {
+NTSTATUS r;
+
        g_return_val_if_fail(TRUE==validate_DeviceObject(DeviceObject),STATUS_INVALID_PARAMETER);
        g_return_val_if_fail(Irp!=NULL,STATUS_INVALID_PARAMETER);
 
@@ -74,8 +76,12 @@ static NTSTATUS MajorFunction_Irp_finish(DEVICE_OBJECT *DeviceObject,IRP *Irp)
                Irp->IoStatus.Information=0;    /* may got set during some processing before error occured */
                }
 
-       IoCompleteRequest(Irp,IO_NO_INCREMENT); /* I hope it won't corrupt our Irp->IoStatus.Status */
-       return Irp->IoStatus.Status;
+       /* IoCompleteRequest() will do 'IoFreeIrp(Irp);'!
+        * 'IoStatus.Status' must be saved before its invocation!
+        */
+       r=Irp->IoStatus.Status;
+       IoCompleteRequest(Irp,IO_NO_INCREMENT);
+       return r;
 }
 
 
Unnamed repository; edit this file 'description' to name the repository.