From 2380a6ec545018e5919798b4069eb0d89b0365cc Mon Sep 17 00:00:00 2001
From: Johannes Anderwald <johannes.anderwald@reactos.org>
Date: Fri, 23 Sep 2016 18:35:15 +0000
Subject: [PATCH] [KS] - make a copy of KSFILTER_DESCRIPTOR as it might have
 been allocated from the stack - always initialize object bag in filter
 factory

svn path=/trunk/; revision=72779
---
 reactos/drivers/ksfilter/ks/filterfactory.c | 28 +++++++++++++--------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/reactos/drivers/ksfilter/ks/filterfactory.c b/reactos/drivers/ksfilter/ks/filterfactory.c
index d5bc6fd3361..bf8a8eca617 100644
--- a/reactos/drivers/ksfilter/ks/filterfactory.c
+++ b/reactos/drivers/ksfilter/ks/filterfactory.c
@@ -238,12 +238,20 @@ IKsFilterFactory_fnInitialize(
     /* initialize filterfactory */
     This->SleepCallback = SleepCallback;
     This->WakeCallback = WakeCallback;
-    This->FilterFactory.FilterDescriptor = Descriptor;
     This->Header.KsDevice = &DeviceExtension->DeviceHeader->KsDevice;
     This->Header.Type = KsObjectTypeFilterFactory;
     This->Header.Parent.KsDevice = &DeviceExtension->DeviceHeader->KsDevice;
     This->DeviceHeader = DeviceExtension->DeviceHeader;
 
+    /* copy descriptor */
+    This->FilterFactory.FilterDescriptor = AllocateItem(NonPagedPool, sizeof(KSFILTER_DESCRIPTOR));
+    if (!This->FilterFactory.FilterDescriptor)
+    {
+        DPRINT("out of memory");
+        return STATUS_INSUFFICIENT_RESOURCES;
+    }
+    RtlMoveMemory(This->FilterFactory.FilterDescriptor, Descriptor, sizeof(KSFILTER_DESCRIPTOR));
+
     /* initialize filter factory control mutex */
     This->Header.ControlMutex = &This->ControlMutex;
     KeInitializeMutex(This->Header.ControlMutex, 0);
@@ -313,19 +321,19 @@ IKsFilterFactory_fnInitialize(
         RtlFreeUnicodeString(&ReferenceString);
     }
 
+    /* create a object bag for the filter factory */
+    This->FilterFactory.Bag = AllocateItem(NonPagedPool, sizeof(KSIOBJECT_BAG));
+    if (This->FilterFactory.Bag)
+    {
+        /* initialize object bag */
+        KsDevice = (IKsDevice*)&DeviceExtension->DeviceHeader->BasicHeader.OuterUnknown;
+        KsDevice->lpVtbl->InitializeObjectBag(KsDevice, (PKSIOBJECT_BAG)This->FilterFactory.Bag, NULL);
+    }
+
     if (FilterFactory)
     {
         /* return filterfactory */
         *FilterFactory = &This->FilterFactory;
-
-        /* create a object bag for the filter factory */
-        This->FilterFactory.Bag = AllocateItem(NonPagedPool, sizeof(KSIOBJECT_BAG));
-        if (This->FilterFactory.Bag)
-        {
-            /* initialize object bag */
-            KsDevice = (IKsDevice*)&DeviceExtension->DeviceHeader->BasicHeader.OuterUnknown;
-            KsDevice->lpVtbl->InitializeObjectBag(KsDevice, (PKSIOBJECT_BAG)This->FilterFactory.Bag, NULL);
-        }
     }
 
     /* attach filterfactory to device header */
-- 
2.17.1