From 80b14d016383f80782da22ab56fb68b9f09ebae6 Mon Sep 17 00:00:00 2001
From: Bryan Roe <git.bryan.roe@techsavvydude.com>
Date: Tue, 9 Aug 2022 20:33:20 -0700
Subject: [PATCH] Fixed MessagePump shutdown to wait in an alertable state,
 fixing a scenario where memory was leaked because an APC was never called,
 because the event thread was not alertable while it was waiting for the apc
 thread to shutdown. Also fixed an edge case crash that could occur when a
 dispatcher was shut down.

---
 meshcore/KVM/Windows/input.c             | 9 +++++++--
 microscript/ILibDuktape_GenericMarshal.c | 3 ++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/meshcore/KVM/Windows/input.c b/meshcore/KVM/Windows/input.c
index c4d1fa1..ea4a74f 100644
--- a/meshcore/KVM/Windows/input.c
+++ b/meshcore/KVM/Windows/input.c
@@ -24,6 +24,11 @@ limitations under the License.
 #include "microstack/ILibCrypto.h"
 #include "meshcore/meshdefines.h"
 
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(_MINCORE)
+#define _CRTDBG_MAP_ALLOC
+#include <crtdbg.h>
+#endif
+
 extern ILibQueue gPendingPackets;
 extern int gRemoteMouseRenderDefault;
 extern int gRemoteMouseMoved;
@@ -199,7 +204,7 @@ void CALLBACK KVMWinEventProc(
 	char *buffer;
 	CURSORINFO info = { 0 };
 
-	if (hwnd == NULL && idObject == OBJID_CURSOR)
+	if (hwnd == NULL && idObject == OBJID_CURSOR && CUR_APCTHREAD != NULL)
 	{
 		switch (event)
 		{
@@ -244,7 +249,7 @@ void KVM_StopMessagePump()
 	if (CUR_HWND != NULL) 
 	{
 		PostMessageA(CUR_HWND, WM_QUIT, 0, 0);
-		if (WaitForSingleObject(CUR_WORKTHREAD, 5000) == 0) { CloseHandle(CUR_WORKTHREAD); CUR_WORKTHREAD = NULL; }
+		if (WaitForSingleObjectEx(CUR_WORKTHREAD, 5000, TRUE) == 0) { CloseHandle(CUR_WORKTHREAD); CUR_WORKTHREAD = NULL; }
 		if (CUR_APCTHREAD != NULL) { CloseHandle(CUR_APCTHREAD); CUR_APCTHREAD = NULL; }
 	}
 }
diff --git a/microscript/ILibDuktape_GenericMarshal.c b/microscript/ILibDuktape_GenericMarshal.c
index f37eee1..5470469 100644
--- a/microscript/ILibDuktape_GenericMarshal.c
+++ b/microscript/ILibDuktape_GenericMarshal.c
@@ -2324,6 +2324,7 @@ duk_ret_t ILibDuktape_GenericMarshal_GlobalCallback_StartDispatcher(duk_context
 }
 void __stdcall ILibDuktape_GenericMarshal_GlobalCallback_EndDispatcher_APC(ULONG_PTR u)
 {
+	if (!ILibMemory_CanaryOK((void*)u)) { return; }
 	((Duktape_GlobalGeneric_Data*)u)->dispatch->finished = 1;
 	CloseHandle(((Duktape_GlobalGeneric_Data*)u)->dispatch->WorkerThreadHandle);
 }
@@ -2339,7 +2340,7 @@ duk_ret_t ILibDuktape_GenericMarshal_GlobalCallback_EndDispatcher(duk_context *c
 	data = (Duktape_GlobalGeneric_Data*)duk_get_pointer(ctx, -1);
 
 	if (data == NULL) { return(ILibDuktape_Error(ctx, "Internal Error")); }
-	if (data->dispatch == NULL || data->dispatch->WorkerThreadHandle == NULL) { return(ILibDuktape_Error(ctx, "No Dispatcher")); }
+	if (data->dispatch == NULL || !ILibMemory_CanaryOK(data->dispatch) || data->dispatch->WorkerThreadHandle == NULL) { return(ILibDuktape_Error(ctx, "No Dispatcher")); }
 	data->dispatch->retValue = Duktape_GetPointerProperty(ctx, 0, "_ptr");
 	QueueUserAPC((PAPCFUNC)ILibDuktape_GenericMarshal_GlobalCallback_EndDispatcher_APC, data->dispatch->WorkerThreadHandle, (ULONG_PTR)data);