From 00d0406c0d5752dd9713f34eeae2ae8d39a3281b Mon Sep 17 00:00:00 2001
From: Ove Kaaven <ovek@transgaming.com>
Date: Fri, 9 Jan 2004 00:35:04 +0000
Subject: [PATCH] Avoid freeing request packet too early if an exception
 occurs.

---
 dlls/rpcrt4/rpc_server.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/dlls/rpcrt4/rpc_server.c b/dlls/rpcrt4/rpc_server.c
index d18d0914fc..b8db7b95d6 100644
--- a/dlls/rpcrt4/rpc_server.c
+++ b/dlls/rpcrt4/rpc_server.c
@@ -178,11 +178,18 @@ static RpcPacket* RPCRT4_pop_packet(void)
   return packet;
 }
 
+typedef struct {
+  PRPC_MESSAGE msg;
+  void* buf;
+} packet_state;
+
 static WINE_EXCEPTION_FILTER(rpc_filter)
 {
+  packet_state* state;
   PRPC_MESSAGE msg;
-  msg = TlsGetValue(worker_tls);
-  I_RpcFreeBuffer(msg);
+  state = TlsGetValue(worker_tls);
+  msg = state->msg;
+  if (msg->Buffer != state->buf) I_RpcFreeBuffer(msg);
   msg->RpcFlags |= WINE_RPCFLAG_EXCEPTION;
   msg->BufferLength = sizeof(DWORD);
   I_RpcGetBuffer(msg);
@@ -196,8 +203,11 @@ static void RPCRT4_process_packet(RpcConnection* conn, RpcPktHdr* hdr, void* buf
   RPC_MESSAGE msg;
   RpcServerInterface* sif;
   RPC_DISPATCH_FUNCTION func;
+  packet_state state;
 
-  TlsSetValue(worker_tls, &msg);
+  state.msg = &msg;
+  state.buf = buf;
+  TlsSetValue(worker_tls, &state);
   memset(&msg, 0, sizeof(msg));
   msg.BufferLength = hdr->len;
   msg.Buffer = buf;