Module: wine Branch: master Commit: c2854d8be29b701515acd5990515b96692af03aa URL: https://source.winehq.org/git/wine.git/?a=commit;h=c2854d8be29b701515acd5990... Author: Zebediah Figura <z.figura12(a)gmail.com> Date: Sat Apr 25 10:37:19 2020 -0500 wineusb.sys: Avoid touching the IRP structure after queueing it. Spotted by Thomas Faber. Signed-off-by: Zebediah Figura <z.figura12(a)gmail.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> --- dlls/wineusb.sys/wineusb.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/dlls/wineusb.sys/wineusb.c b/dlls/wineusb.sys/wineusb.c index d79112b479..3e6a959a78 100644 --- a/dlls/wineusb.sys/wineusb.c +++ b/dlls/wineusb.sys/wineusb.c @@ -498,8 +498,9 @@ static void transfer_cb(struct libusb_transfer *transfer) static void queue_irp(struct usb_device *device, IRP *irp, struct libusb_transfer *transfer) { - EnterCriticalSection(&wineusb_cs); + IoMarkIrpPending(irp); irp->Tail.Overlay.DriverContext[0] = transfer; + EnterCriticalSection(&wineusb_cs); InsertTailList(&device->irp_list, &irp->Tail.Overlay.ListEntry); LeaveCriticalSection(&wineusb_cs); } @@ -729,11 +730,7 @@ static NTSTATUS WINAPI driver_internal_ioctl(DEVICE_OBJECT *device_obj, IRP *irp code, code >> 16, (code >> 14) & 3, (code >> 2) & 0xfff, code & 3); } - if (status == STATUS_PENDING) - { - IoMarkIrpPending(irp); - } - else + if (status != STATUS_PENDING) { irp->IoStatus.Status = status; IoCompleteRequest(irp, IO_NO_INCREMENT);