From e99451561dc431d3b22125ec235c6fafaba191c9 Mon Sep 17 00:00:00 2001
From: Alexander Morozov <amorozov@etersoft.ru>
Date: Thu, 16 Oct 2008 12:06:23 +0400
Subject: [PATCH] ntoskrnl.exe: Initialize some IRP fields to prevent using bad
 pointers by IofCompleteRequest.

---
 dlls/ntoskrnl.exe/ntoskrnl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/dlls/ntoskrnl.exe/ntoskrnl.c b/dlls/ntoskrnl.exe/ntoskrnl.c
index 1ed30402e94..4a20d5e6be4 100644
--- a/dlls/ntoskrnl.exe/ntoskrnl.c
+++ b/dlls/ntoskrnl.exe/ntoskrnl.c
@@ -153,6 +153,7 @@ static NTSTATUS process_ioctl( DEVICE_OBJECT *device, ULONG code, void *in_buff,
     irp.UserBuffer = out_buff;
     irp.MdlAddress = &mdl;
     irp.Tail.Overlay.s.u.CurrentStackLocation = &irpsp;
+    irp.UserIosb = NULL;
 
     irpsp.MajorFunction = IRP_MJ_DEVICE_CONTROL;
     irpsp.Parameters.DeviceIoControl.OutputBufferLength = *out_size;
@@ -160,6 +161,7 @@ static NTSTATUS process_ioctl( DEVICE_OBJECT *device, ULONG code, void *in_buff,
     irpsp.Parameters.DeviceIoControl.IoControlCode = code;
     irpsp.Parameters.DeviceIoControl.Type3InputBuffer = in_buff;
     irpsp.DeviceObject = device;
+    irpsp.CompletionRoutine = NULL;
 
     mdl.Next = NULL;
     mdl.Size = 0;
-- 
2.11.4.GIT