https://git.reactos.org/?p=reactos.git;a=commitdiff;h=1b06522638431f2df25d68...
commit 1b06522638431f2df25d688596f2f2aa42bc3266 Author: George Bișoc fraizeraust99@gmail.com AuthorDate: Thu Feb 10 09:51:58 2022 +0100 Commit: George Bișoc fraizeraust99@gmail.com CommitDate: Thu Feb 10 09:51:58 2022 +0100
[NTOS:SE] Assign the captured SID and/or privileges to NULL manually on token filtering
This reverts 8479509 commit which pretty much does nothing at all (the captured pointer is NULL within the stack of the function has no effect outside of the function). My mistake, sorry. --- ntoskrnl/se/priv.c | 1 - ntoskrnl/se/sid.c | 1 - ntoskrnl/se/token.c | 3 +++ 3 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/ntoskrnl/se/priv.c b/ntoskrnl/se/priv.c index ffab568d492..a1013b1844b 100644 --- a/ntoskrnl/se/priv.c +++ b/ntoskrnl/se/priv.c @@ -562,7 +562,6 @@ SeReleaseLuidAndAttributesArray( (PreviousMode != KernelMode || CaptureIfKernel)) { ExFreePoolWithTag(Privilege, TAG_LUID); - Privilege = NULL; } }
diff --git a/ntoskrnl/se/sid.c b/ntoskrnl/se/sid.c index d6c0f4ad912..509b3777488 100644 --- a/ntoskrnl/se/sid.c +++ b/ntoskrnl/se/sid.c @@ -776,7 +776,6 @@ SeReleaseSidAndAttributesArray( ((AccessMode != KernelMode) || CaptureIfKernel)) { ExFreePoolWithTag(CapturedSidAndAttributes, TAG_SID_AND_ATTRIBUTES); - CapturedSidAndAttributes = NULL; } }
diff --git a/ntoskrnl/se/token.c b/ntoskrnl/se/token.c index a2a232343a7..c0f3e08585a 100644 --- a/ntoskrnl/se/token.c +++ b/ntoskrnl/se/token.c @@ -6819,6 +6819,7 @@ Quit: SeReleaseSidAndAttributesArray(CapturedSids, PreviousMode, TRUE); + CapturedSids = NULL; }
if (CapturedPrivileges != NULL) @@ -6826,6 +6827,7 @@ Quit: SeReleaseLuidAndAttributesArray(CapturedPrivileges, PreviousMode, TRUE); + CapturedPrivileges = NULL; }
if (CapturedRestrictedSids != NULL) @@ -6833,6 +6835,7 @@ Quit: SeReleaseSidAndAttributesArray(CapturedRestrictedSids, PreviousMode, TRUE); + CapturedRestrictedSids = NULL; }
return Status;