[NTOSKRNL]

 - Fix a memory leak of the allocated IO_STATUS_BLOCK
 - Don't free unallocated memory
 - Send the IRP with the correct MajorFunction
 - Use IoBuildAsynchronousFsdRequest instead of IoBuildSynchronousFsdRequest (fixes potiential null pointer access when attempting to set the wait event which is NULL)
 - Set the correct stack parameters for the IRPs

svn path=/trunk/; revision=46285

diff --git a/reactos/ntoskrnl/po/power.c b/reactos/ntoskrnl/po/power.c
index 96a211b..3d05dbe 100644 (file)
--- a/reactos/ntoskrnl/po/power.c
+++ b/reactos/ntoskrnl/po/power.c
@@ -47,10 +47,11 @@ PopRequestPowerIrpCompletion(IN PDEVICE_OBJECT DeviceObject,
                                         RequestPowerItem->PowerState,
                                         RequestPowerItem->Context,
                                         &Irp->IoStatus);
                                         RequestPowerItem->PowerState,
                                         RequestPowerItem->Context,
                                         &Irp->IoStatus);

-  
-    ExFreePool(&Irp->IoStatus);
+

     ExFreePool(Context);
 
     ExFreePool(Context);
 

+    IoFreeIrp(Irp);
+

     return STATUS_SUCCESS;
 }
 
     return STATUS_SUCCESS;
 }
 


@@ -358,7 +359,6 @@ PoRequestPowerIrp(IN PDEVICE_OBJECT DeviceObject,
     PDEVICE_OBJECT TopDeviceObject;
     PIO_STACK_LOCATION Stack;
     PIRP Irp;
     PDEVICE_OBJECT TopDeviceObject;
     PIO_STACK_LOCATION Stack;
     PIRP Irp;

-    PIO_STATUS_BLOCK IoStatusBlock;

     PREQUEST_POWER_ITEM RequestPowerItem;
     NTSTATUS Status;
   
     PREQUEST_POWER_ITEM RequestPowerItem;
     NTSTATUS Status;
   


@@ -370,27 +370,19 @@ PoRequestPowerIrp(IN PDEVICE_OBJECT DeviceObject,
     RequestPowerItem = ExAllocatePool(NonPagedPool, sizeof(REQUEST_POWER_ITEM));
     if (!RequestPowerItem)
         return STATUS_INSUFFICIENT_RESOURCES;
     RequestPowerItem = ExAllocatePool(NonPagedPool, sizeof(REQUEST_POWER_ITEM));
     if (!RequestPowerItem)
         return STATUS_INSUFFICIENT_RESOURCES;

-    IoStatusBlock = ExAllocatePool(NonPagedPool, sizeof(IO_STATUS_BLOCK));
-    if (!IoStatusBlock)
-    {
-        ExFreePool(RequestPowerItem);
-        return STATUS_INSUFFICIENT_RESOURCES;
-    }

   
     /* Always call the top of the device stack */
     TopDeviceObject = IoGetAttachedDeviceReference(DeviceObject);
   
   
     /* Always call the top of the device stack */
     TopDeviceObject = IoGetAttachedDeviceReference(DeviceObject);
   

-    Irp = IoBuildSynchronousFsdRequest(IRP_MJ_PNP,
-                                       TopDeviceObject,
-                                       NULL,
-                                       0,
-                                       NULL,
-                                       NULL,
-                                       IoStatusBlock);
+    Irp = IoBuildAsynchronousFsdRequest(IRP_MJ_POWER,
+                                        TopDeviceObject,
+                                        NULL,
+                                        0,
+                                        NULL,
+                                        NULL);

     if (!Irp)
     {
         ExFreePool(RequestPowerItem);
     if (!Irp)
     {
         ExFreePool(RequestPowerItem);

-        ExFreePool(IoStatusBlock);

         return STATUS_INSUFFICIENT_RESOURCES;
     }
   
         return STATUS_INSUFFICIENT_RESOURCES;
     }
   


@@ -404,7 +396,10 @@ PoRequestPowerIrp(IN PDEVICE_OBJECT DeviceObject,
     if (MinorFunction == IRP_MN_WAIT_WAKE)
         Stack->Parameters.WaitWake.PowerState = PowerState.SystemState;
     else
     if (MinorFunction == IRP_MN_WAIT_WAKE)
         Stack->Parameters.WaitWake.PowerState = PowerState.SystemState;
     else

-        Stack->Parameters.WaitWake.PowerState = PowerState.DeviceState;
+    {
+        Stack->Parameters.Power.Type = DevicePowerState;
+        Stack->Parameters.Power.State = PowerState.DeviceState;
+    }

   
     RequestPowerItem->CompletionRoutine = CompletionFunction;
     RequestPowerItem->PowerState = PowerState;
   
     RequestPowerItem->CompletionRoutine = CompletionFunction;
     RequestPowerItem->PowerState = PowerState;