From: "Erich E. Hoover" <ehoover@mines.edu>
Subject: [PATCH 2/2] ntdll: Fix section header heap deadlock.
Message-Id: <CAEU2+vreXJRL+dwr_avbjP5w1PzWfro3=tjOtT-k5Sz0b5T6zw@mail.gmail.com>
Date: Wed, 4 Apr 2012 10:59:32 -0600

Real Name:
    Erich Hoover

Description:
    Using the process heap for the section headers can cause a
deadlock (Bug #30356), this patch uses the virtual heap instead.

Changelog:
    ntdll: Fix section header heap deadlock.

From d094d9cc98a0cc4f7a5416f2cf5965afc44e65cf Mon Sep 17 00:00:00 2001
From: Erich Hoover <ehoover@mines.edu>
Date: Wed, 4 Apr 2012 10:54:47 -0600
Subject: ntdll: Fix section header heap deadlock.

---
 dlls/ntdll/virtual.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dlls/ntdll/virtual.c b/dlls/ntdll/virtual.c
index fd52934..5a26faf 100644
--- a/dlls/ntdll/virtual.c
+++ b/dlls/ntdll/virtual.c
@@ -1171,7 +1171,7 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
     if (header_start + sizeof(*sec) * nt->FileHeader.NumberOfSections > header_end) goto error;
     /* Some applications (e.g. the Steam version of Borderlands) map over the top of the section headers,
      * copying the headers into local memory is necessary to properly load such applications. */
-    sections = RtlAllocateHeap( GetProcessHeap(), 0, sizeof(*sec) * nt->FileHeader.NumberOfSections);
+    sections = RtlAllocateHeap( virtual_heap, 0, sizeof(*sec) * nt->FileHeader.NumberOfSections);
     if (!sections)
     {
         status = STATUS_NO_MEMORY;
@@ -1374,7 +1374,7 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
     }
 
  done:
-    RtlFreeHeap( GetProcessHeap(), 0, sections );
+    RtlFreeHeap( virtual_heap, 0, sections );
     view->mapping = dup_mapping;
     view->map_protect = map_vprot;
     server_leave_uninterrupted_section( &csVirtual, &sigset );
@@ -1387,7 +1387,7 @@ static NTSTATUS map_image( HANDLE hmapping, int fd, char *base, SIZE_T total_siz
     return STATUS_SUCCESS;
 
  error:
-    RtlFreeHeap( GetProcessHeap(), 0, sections );
+    RtlFreeHeap( virtual_heap, 0, sections );
     if (view) delete_view( view );
     server_leave_uninterrupted_section( &csVirtual, &sigset );
     if (dup_mapping) NtClose( dup_mapping );
-- 
1.7.5.4