don't dereference lpTokenAttributes if the caller passed NULL to DuplicateTokenEx
Modified: trunk/reactos/lib/advapi32/token/token.c
Modified: trunk/reactos/lib/advapi32/token/token.c
--- trunk/reactos/lib/advapi32/token/token.c	2005-05-05 12:03:43 UTC (rev 14994)
+++ trunk/reactos/lib/advapi32/token/token.c	2005-05-05 12:21:43 UTC (rev 14995)
@@ -224,15 +224,13 @@

  * @implemented
  */
 BOOL STDCALL

-SetThreadToken (PHANDLE ThreadHandle,
-                HANDLE TokenHandle)

+SetThreadToken (IN PHANDLE ThreadHandle  OPTIONAL,
+                IN HANDLE TokenHandle)

 {
   NTSTATUS Status;
   HANDLE hThread;
 

-  hThread = NtCurrentThread();
-  if (ThreadHandle != NULL)
-    hThread = ThreadHandle;

+  hThread = ((ThreadHandle != NULL) ? *ThreadHandle : NtCurrentThread());

 
   Status = NtSetInformationThread (hThread,
 				   ThreadImpersonationToken,
@@ -252,12 +250,12 @@

  * @implemented
  */
 BOOL STDCALL

-DuplicateTokenEx (HANDLE ExistingTokenHandle,
-                  DWORD  dwDesiredAccess,
-                  LPSECURITY_ATTRIBUTES lpTokenAttributes,
-                  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
-                  TOKEN_TYPE TokenType,
-                  PHANDLE DuplicateTokenHandle)

+DuplicateTokenEx (IN HANDLE ExistingTokenHandle,
+                  IN DWORD dwDesiredAccess,
+                  IN LPSECURITY_ATTRIBUTES lpTokenAttributes  OPTIONAL,
+                  IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
+                  IN TOKEN_TYPE TokenType,
+                  OUT PHANDLE DuplicateTokenHandle)

 {
   OBJECT_ATTRIBUTES ObjectAttributes;
   HANDLE NewToken;
@@ -269,20 +267,29 @@

   Sqos.ContextTrackingMode = 0;
   Sqos.EffectiveOnly = FALSE;
 

-  InitializeObjectAttributes(
-      &ObjectAttributes,
-      NULL,
-      lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
-      NULL,
-      lpTokenAttributes->lpSecurityDescriptor
-      );
- 

+  if (lpTokenAttributes != NULL)
+    {
+      InitializeObjectAttributes(&ObjectAttributes,
+                                 NULL,
+                                 lpTokenAttributes->bInheritHandle ? OBJ_INHERIT : 0,
+                                 NULL,
+                                 lpTokenAttributes->lpSecurityDescriptor);
+    }
+  else
+    {
+      InitializeObjectAttributes(&ObjectAttributes,
+                                 NULL,
+                                 0,
+                                 NULL,
+                                 NULL);
+    }
+

   ObjectAttributes.SecurityQualityOfService = &Sqos;

-

+  

   Status = NtDuplicateToken (ExistingTokenHandle,
 			     dwDesiredAccess,
 			     &ObjectAttributes,

-              Sqos.EffectiveOnly, /* why both here _and_ in Sqos? */

+			     FALSE,

 			     TokenType,
 			     &NewToken);
   if (!NT_SUCCESS(Status))
@@ -299,12 +306,12 @@

  * @implemented
  */
 BOOL STDCALL

-DuplicateToken (HANDLE ExistingTokenHandle,
-                SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
-                PHANDLE DuplicateTokenHandle)

+DuplicateToken (IN HANDLE ExistingTokenHandle,
+                IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
+                OUT PHANDLE DuplicateTokenHandle)

 {
   return DuplicateTokenEx (ExistingTokenHandle,

-                           TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY,

+                           TOKEN_IMPERSONATE | TOKEN_QUERY,

                            NULL,
                            ImpersonationLevel,
                            TokenImpersonation,