Author: hbelusca
Date: Thu May 29 21:34:35 2014
New Revision: 63496
URL: http://svn.reactos.org/svn/reactos?rev=63496&view=rev
Log:
[LSASRV]
- Just run again the loop if LsarOpenAccount call failed (that also avoids a call to LsarClose on a NULL handle, that is trapped by the kdbg if one enabled "set condition * first always").
- Free the memory and the opened handles before returning in case of failure of LsapAddPrivilegeToTokenPrivileges. Maybe this cleaning step can be done more elegantly.
Eric, can you please review that? It should be good I think.
Modified:
trunk/reactos/dll/win32/lsasrv/authpackage.c
Modified: trunk/reactos/dll/win32/lsasrv/authpackage.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/authpacka…
==============================================================================
--- trunk/reactos/dll/win32/lsasrv/authpackage.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/lsasrv/authpackage.c [iso-8859-1] Thu May 29 21:34:35 2014
@@ -1308,23 +1308,30 @@
TokenInfo1->Groups->Groups[i].Sid,
ACCOUNT_VIEW,
&AccountHandle);
+ if (!NT_SUCCESS(Status))
+ continue;
+
+ Status = LsarEnumeratePrivilegesAccount(AccountHandle,
+ &Privileges);
if (NT_SUCCESS(Status))
{
- Status = LsarEnumeratePrivilegesAccount(AccountHandle,
- &Privileges);
- if (NT_SUCCESS(Status))
+ for (j = 0; j < Privileges->PrivilegeCount; j++)
{
- for (j = 0; j < Privileges->PrivilegeCount; j++)
+ Status = LsapAddPrivilegeToTokenPrivileges(&TokenInfo1->Privileges,
+ &(Privileges->Privilege[j]));
+ if (!NT_SUCCESS(Status))
{
- Status = LsapAddPrivilegeToTokenPrivileges(&TokenInfo1->Privileges,
- &(Privileges->Privilege[j]));
- if (!NT_SUCCESS(Status))
- return Status;
+ /* We failed, clean everything and return */
+ LsaIFree_LSAPR_PRIVILEGE_SET(Privileges);
+ LsarClose(&AccountHandle);
+ LsarClose(&PolicyHandle);
+
+ return Status;
}
-
- LsaIFree_LSAPR_PRIVILEGE_SET(Privileges);
- Privileges = NULL;
}
+
+ LsaIFree_LSAPR_PRIVILEGE_SET(Privileges);
+ Privileges = NULL;
}
LsarClose(&AccountHandle);