[Git][wine/wine][master] iphlpapi: Fix use-after-free of apc context. - wine-commits

9 Jun 2025


      Alexandre Julliard pushed to branch master at wine / wine
Commits:
6a0cea6b by Yuxuan Shui at 2025-06-09T23:03:02+02:00
iphlpapi: Fix use-after-free of apc context.
In IcmpSendEcho2Ex, if STATUS_PENDING is returned from NtDeviceIoControlFile,
there are two cases. If no event handle or apc rountine were given, we wait for
the request to completion before returning, thus freeing the apc context is fine
in this case. But if an event handle _is_ given, we will return STATUS_PENDING,
and the request will still be in flight at this point, and we cannot free the
apc context.
However, the condition for freeing the context only checks for apc_routine, and
not event, resulting in use-after-free if an apc_routine is not given but an
event is.
- - - - -
1 changed file:
- dlls/iphlpapi/iphlpapi_main.c
View it on GitLab: https://gitlab.winehq.org/wine/wine/-/commit/6a0cea6bd2cf5d92160b9766aadf1e0...
-- 
View it on GitLab: https://gitlab.winehq.org/wine/wine/-/commit/6a0cea6bd2cf5d92160b9766aadf1e0...
You're receiving this email because of your account on gitlab.winehq.org.