From 348ddf61c04bf17aaf1bcecbc74d13ecae8a7018 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 22 Aug 2024 13:13:21 +0200
Subject: [PATCH] [channels,serial] delay IRP thread start

wait until irp_thread_func has completed before starting the thread.
This prevents a race condition when accessing the IRP structure which is
freed up once the thread terminates.
---
 channels/serial/client/serial_main.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/channels/serial/client/serial_main.c b/channels/serial/client/serial_main.c
index 7b5cf95ef..4f2b222f1 100644
--- a/channels/serial/client/serial_main.c
+++ b/channels/serial/client/serial_main.c
@@ -671,7 +671,7 @@ static void create_irp_thread(SERIAL_DEVICE* serial, IRP* irp)
 	data->serial = serial;
 	data->irp = irp;
 	/* data freed by irp_thread_func */
-	irpThread = CreateThread(NULL, 0, irp_thread_func, (void*)data, 0, NULL);
+	irpThread = CreateThread(NULL, 0, irp_thread_func, (void*)data, CREATE_SUSPENDED, NULL);
 
 	if (irpThread == INVALID_HANDLE_VALUE)
 	{
@@ -687,8 +687,12 @@ static void create_irp_thread(SERIAL_DEVICE* serial, IRP* irp)
 		goto error_handle;
 	}
 
+	ResumeThread(irpThread);
+
 	return;
 error_handle:
+	if (irpThread)
+		CloseHandle(irpThread);
 	irp->IoStatus = STATUS_NO_MEMORY;
 	irp->Complete(irp);
 	free(data);