Avoid potential crash when freeing a message queue.
Properly initialize newly allocated messages.
diff --git a/server/queue.c b/server/queue.c
index 093c94c..da2fe87 100644
--- a/server/queue.c
+++ b/server/queue.c
@@ -255,6 +255,7 @@
void free_msg_queue( struct thread *thread )
{
struct process *process = thread->process;
+ struct thread_input *input;
remove_thread_hooks( thread );
if (!thread->queue) return;
@@ -269,7 +270,13 @@
process->idle_event = NULL;
}
}
- release_thread_input( thread );
+ input = thread->queue->input;
+ if (input->msg_thread == thread)
+ {
+ release_object( input->msg_thread );
+ input->msg_thread = NULL;
+ input->msg = NULL;
+ }
release_object( thread->queue );
thread->queue = NULL;
}
@@ -486,6 +493,8 @@
callback_msg->x = 0;
callback_msg->y = 0;
callback_msg->info = callback_data;
+ callback_msg->hook = 0;
+ callback_msg->hook_proc = NULL;
callback_msg->result = NULL;
callback_msg->data = NULL;
callback_msg->data_size = 0;
@@ -1274,6 +1283,8 @@
msg->x = 0;
msg->y = 0;
msg->info = 0;
+ msg->hook = 0;
+ msg->hook_proc = NULL;
msg->result = NULL;
msg->data = NULL;
msg->data_size = 0;
@@ -1412,6 +1423,8 @@
msg->x = req->x;
msg->y = req->y;
msg->info = req->info;
+ msg->hook = 0;
+ msg->hook_proc = NULL;
msg->result = NULL;
msg->data = NULL;
msg->data_size = 0;
