10 Feb
2022
10 Feb
'22
8:56 a.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=1b06522638431f2df25d6…
commit 1b06522638431f2df25d688596f2f2aa42bc3266
Author: George Bișoc <fraizeraust99(a)gmail.com>
AuthorDate: Thu Feb 10 09:51:58 2022 +0100
Commit: George Bișoc <fraizeraust99(a)gmail.com>
CommitDate: Thu Feb 10 09:51:58 2022 +0100
[NTOS:SE] Assign the captured SID and/or privileges to NULL manually on token
filtering
This reverts 8479509 commit which pretty much does nothing at all (the captured
pointer is NULL within the stack of the function has no effect outside of the function).
My mistake, sorry.
---
ntoskrnl/se/priv.c | 1 -
ntoskrnl/se/sid.c | 1 -
ntoskrnl/se/token.c | 3 +++
3 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/ntoskrnl/se/priv.c b/ntoskrnl/se/priv.c
index ffab568d492..a1013b1844b 100644
--- a/ntoskrnl/se/priv.c
+++ b/ntoskrnl/se/priv.c
@@ -562,7 +562,6 @@ SeReleaseLuidAndAttributesArray(
(PreviousMode != KernelMode || CaptureIfKernel))
{
ExFreePoolWithTag(Privilege, TAG_LUID);
- Privilege = NULL;
}
}
diff --git a/ntoskrnl/se/sid.c b/ntoskrnl/se/sid.c
index d6c0f4ad912..509b3777488 100644
--- a/ntoskrnl/se/sid.c
+++ b/ntoskrnl/se/sid.c
@@ -776,7 +776,6 @@ SeReleaseSidAndAttributesArray(
((AccessMode != KernelMode) || CaptureIfKernel))
{
ExFreePoolWithTag(CapturedSidAndAttributes, TAG_SID_AND_ATTRIBUTES);
- CapturedSidAndAttributes = NULL;
}
}
diff --git a/ntoskrnl/se/token.c b/ntoskrnl/se/token.c
index a2a232343a7..c0f3e08585a 100644
--- a/ntoskrnl/se/token.c
+++ b/ntoskrnl/se/token.c
@@ -6819,6 +6819,7 @@ Quit:
SeReleaseSidAndAttributesArray(CapturedSids,
PreviousMode,
TRUE);
+ CapturedSids = NULL;
}
if (CapturedPrivileges != NULL)
@@ -6826,6 +6827,7 @@ Quit:
SeReleaseLuidAndAttributesArray(CapturedPrivileges,
PreviousMode,
TRUE);
+ CapturedPrivileges = NULL;
}
if (CapturedRestrictedSids != NULL)
@@ -6833,6 +6835,7 @@ Quit:
SeReleaseSidAndAttributesArray(CapturedRestrictedSids,
PreviousMode,
TRUE);
+ CapturedRestrictedSids = NULL;
}
return Status;