From 83c1489b92fc9cbc2d0d4778ad821268874746b2 Mon Sep 17 00:00:00 2001 From: Bill Zissimopoulos Date: Wed, 2 Nov 2016 13:00:17 -0700 Subject: [PATCH] sys: FspVolumeMountNoLock: dereference FsvrtDeviceObject on success resolves a VPB/FsvrtDeviceObject leak --- src/sys/volume.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/sys/volume.c b/src/sys/volume.c index bbed0538..be2b220e 100644 --- a/src/sys/volume.c +++ b/src/sys/volume.c @@ -473,6 +473,13 @@ static NTSTATUS FspVolumeMountNoLock( Vpb->SerialNumber = FsvolDeviceExtension->VolumeParams.VolumeSerialNumber; IoReleaseVpbSpinLock(Irql); + /* + * Argh! Turns out that the IrpSp->Parameters.MountVolume.DeviceObject is + * passed to us with an extra reference, which is not removed on SUCCESS. + * So go ahead and dereference it now! + */ + ObDereferenceObject(FsvrtDeviceObject); + Irp->IoStatus.Information = 0; return STATUS_SUCCESS; }