[WIN23K]

Make sure to attach to the specified process before dereferencing ClientInfo, which is a user mode structure.
CORE-l0017 #resolve

svn path=/trunk/; revision=68702

reactos/win32ss/user/ntuser/message.c

@@ -2870,6 +2870,7 @@ NtUserWaitForInputIdle( IN HANDLE hProcess,
     NTSTATUS Status;
     HANDLE Handles[3];
     LARGE_INTEGER Timeout;
+    KAPC_STATE ApcState;
 
     UserEnterExclusive();
 
@@ -2915,6 +2916,8 @@ NtUserWaitForInputIdle( IN HANDLE hProcess,
     if (dwMilliseconds != INFINITE)
        Timeout.QuadPart = (LONGLONG) dwMilliseconds * (LONGLONG) -10000;
 
+    KeStackAttachProcess(&Process->Pcb, &ApcState);
+
     W32Process->W32PF_flags |= W32PF_WAITFORINPUTIDLE;
     for (pti = W32Process->ptiList; pti; pti = pti->ptiSibling)
     {
@@ -2922,6 +2925,8 @@ NtUserWaitForInputIdle( IN HANDLE hProcess,
        pti->pClientInfo->dwTIFlags = pti->TIF_flags;
     }
 
+    KeUnstackDetachProcess(&ApcState);
+
     TRACE("WFII: ppi %p\n", W32Process);
     TRACE("WFII: waiting for %p\n", Handles[1] );