Module: wine Branch: master Commit: af557f0cbc644e5a46af0b13acef8eae59e1cbea URL: https://gitlab.winehq.org/wine/wine/-/commit/af557f0cbc644e5a46af0b13acef8ea... Author: Jinoh Kang <jinoh.kang.kr(a)gmail.com> Date: Sat Dec 31 22:57:17 2022 +0900 ntdll: Validate blocks in the heap pending free request list. --- dlls/ntdll/heap.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/dlls/ntdll/heap.c b/dlls/ntdll/heap.c index c8eec050b1a..2097a557789 100644 --- a/dlls/ntdll/heap.c +++ b/dlls/ntdll/heap.c @@ -1174,6 +1174,36 @@ static BOOL heap_validate( const struct heap *heap ) } } + if (heap->pending_free) + { + unsigned int i; + + for (i = 0; i < MAX_FREE_PENDING; i++) + { + if (!(block = heap->pending_free[i])) break; + + subheap = find_subheap( heap, block, FALSE ); + if (!subheap) + { + ERR( "heap %p: cannot find valid subheap for delayed freed block %p\n", heap, block ); + if (TRACE_ON(heap)) heap_dump( heap ); + return FALSE; + } + + if (!validate_used_block( heap, subheap, block, BLOCK_TYPE_DEAD )) return FALSE; + } + + for (; i < MAX_FREE_PENDING; i++) + { + if ((block = heap->pending_free[i])) + { + ERR( "heap %p: unexpected delayed freed block %p at slot %u\n", heap, block, i ); + if (TRACE_ON(heap)) heap_dump( heap ); + return FALSE; + } + } + } + LIST_FOR_EACH_ENTRY( large_arena, &heap->large_list, ARENA_LARGE, entry ) if (!validate_large_block( heap, &large_arena->block )) return FALSE;