[TCPIP] Fix bugcheck when using fragmented datagrams
authorHervé Poussineau <hpoussin@reactos.org>
Sun, 27 Jun 2021 12:44:54 +0000 (14:44 +0200)
committerHervé Poussineau <hpoussin@reactos.org>
Sun, 27 Jun 2021 15:45:53 +0000 (17:45 +0200)
commit979b7d4d8e6ca8e80ea5b30c70f17a7c868b060f
tree4d99952839dd2db0519f76da82cd179efce469a2
parentcb408102cc3e3ed853a009962482251e45861699
[TCPIP] Fix bugcheck when using fragmented datagrams

Memory was allocated from paged pool, and freed at DISPATCH_LEVEL,
leading to the following bugcheck:

*** Fatal System Error: 0x000000c2
                       (0x00000009,0x00000002,0x00000001,0xB7C8A268)

Entered debugger on embedded INT3 at 0x0008:0x8058324B.
kdb:> bt
Eip:
<ntoskrnl.exe:18324c (sdk/lib/rtl/i386/debug_asm.S:56 (RtlpBreakWithStatusInstruction))>
<ntoskrnl.exe:89b21 (ntoskrnl/ke/bug.c:1066 (KeBugCheckWithTf))>
<ntoskrnl.exe:8a08b (ntoskrnl/ke/bug.c:1413 (KeBugCheckEx))>
<ntoskrnl.exe:abb1d (ntoskrnl/mm/ARM3/expool.c:431 (ExFreePoolWithTag))>
<tcpip.sys:13e42 (sdk/lib/drivers/ip/network/receive.c:114 (FreeIPDR))>
<tcpip.sys:14e09 (sdk/include/ddk/wdm.h:11462 (IPDatagramReassemblyTimeout))>
<tcpip.sys:11604 (sdk/lib/drivers/ip/network/ip.c:135 (IPTimeoutDpcFn))>
<ntoskrnl.exe:8b7d0 (ntoskrnl/ke/dpc.c:282 (KiTimerExpiration))>
<ntoskrnl.exe:8c2c8 (ntoskrnl/ke/dpc.c:592 (KiRetireDpcList))>
<ntoskrnl.exe:1420b2 (ntoskrnl/ke/i386/thrdini.c:294 (KiIdleLoop))>
<ntoskrnl.exe:23a54a (ntoskrnl/ke/i386/kiinit.c:687 (KiSystemStartupBootStack))>
sdk/lib/drivers/ip/network/receive.c