]> xenbits.xensource.com Git - pvdrivers/win/xenhid.git/commitdiff
projects / pvdrivers / win / xenhid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1f5cb0)
Add check for empty List in FdoCsqPeekNextIrp.
authorTroy Crosley <troycrosley@gmail.com>
Mon, 19 Oct 2020 18:57:17 +0000 (14:57 -0400)
committerPaul Durrant <pdurrant@amazon.com>
Tue, 20 Oct 2020 11:29:18 +0000 (12:29 +0100)
Under certain situations, such as when input is being sent during driver
install or sleep transition, FdoCsqPeekNextIrp can be called with an
empty Fdo->List. In that case, FdoCsqPeekNextIrp dereferences the list
head and returns an invalid IRP; it should check for this error
condition.

Signed-off-by: Troy Crosley <troycrosley@gmail.com>
src/xenhid/fdo.c patch | blob | blame | history

diff --git a/src/xenhid/fdo.c b/src/xenhid/fdo.c
index c2ef7c8751ab4b61c9b8d04de902fe848cc45784..04d3d7f36664566f95066042c61145a0dd8a7990 100644 (file)
--- a/src/xenhid/fdo.c
+++ b/src/xenhid/fdo.c
@@ -123,8 +123,12 @@ FdoCsqPeekNextIrp(
     else
         ListEntry = Irp->Tail.Overlay.ListEntry.Flink;
 
-    NextIrp = CONTAINING_RECORD(ListEntry, IRP, Tail.Overlay.ListEntry);
     // should walk through the list until a match against Context is found
+    if (ListEntry != &Fdo->List)
+        NextIrp = CONTAINING_RECORD(ListEntry, IRP, Tail.Overlay.ListEntry);
+    else
+        NextIrp = NULL;
+
     return NextIrp;
 }
 
Windows PV HID Device Driver