From: Troy Crosley <troycrosley@gmail.com>
Date: Mon, 19 Oct 2020 18:57:17 +0000 (-0400)
Subject: Add check for empty List in FdoCsqPeekNextIrp.
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=ed18fd8cb439cf18536e569185db19616276b89b;p=pvdrivers%2Fwin%2Fxenhid.git

Add check for empty List in FdoCsqPeekNextIrp.

Under certain situations, such as when input is being sent during driver
install or sleep transition, FdoCsqPeekNextIrp can be called with an
empty Fdo->List. In that case, FdoCsqPeekNextIrp dereferences the list
head and returns an invalid IRP; it should check for this error
condition.

Signed-off-by: Troy Crosley <troycrosley@gmail.com>
---

diff --git a/src/xenhid/fdo.c b/src/xenhid/fdo.c
index c2ef7c8..04d3d7f 100644
--- a/src/xenhid/fdo.c
+++ b/src/xenhid/fdo.c
@@ -123,8 +123,12 @@ FdoCsqPeekNextIrp(
     else
         ListEntry = Irp->Tail.Overlay.ListEntry.Flink;
 
-    NextIrp = CONTAINING_RECORD(ListEntry, IRP, Tail.Overlay.ListEntry);
     // should walk through the list until a match against Context is found
+    if (ListEntry != &Fdo->List)
+        NextIrp = CONTAINING_RECORD(ListEntry, IRP, Tail.Overlay.ListEntry);
+    else
+        NextIrp = NULL;
+
     return NextIrp;
 }