Added two missing dereferencing calls in ObReferenceObjectByHandle.  
Checked also for NtCurrentThread in NtDuplicateObject.  
Used the return value from InterlockedIncrement to check for a correct handle count.
Modified: trunk/reactos/ntoskrnl/ob/handle.c

Modified: trunk/reactos/ntoskrnl/ob/handle.c
--- trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:14:21 UTC (rev 14187)
+++ trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:18:58 UTC (rev 14188)
@@ -166,6 +166,7 @@
   POBJECT_HEADER ObjectHeader;
   LONG ExTargetHandle;
   LONG ExSourceHandle = HANDLE_TO_EX_HANDLE(SourceHandle);
+  ULONG NewHandleCount;
   
   PAGED_CODE();
   
@@ -200,8 +201,8 @@
      1 here, we're in big trouble... it would've been safe to increment and
      check the handle count without using interlocked functions because the
      entry is locked, which means the handle count can't change. */
-  InterlockedIncrement(&ObjectHeader->HandleCount);
-  ASSERT(ObjectHeader->HandleCount >= 2);
+  NewHandleCount = InterlockedIncrement(&ObjectHeader->HandleCount);
+  ASSERT(NewHandleCount >= 2);
   
   ExUnlockHandleTableEntry(SourceProcess->ObjectTable,
                            SourceHandleEntry);
@@ -329,7 +330,8 @@
      }
 
    /* Check for magic handle first */
-   if (SourceHandle == NtCurrentThread())
+   if (SourceHandle == NtCurrentThread() ||
+       SourceHandle == NtCurrentProcess())
      {
        PVOID ObjectBody;
        
@@ -746,6 +748,7 @@
                                  HandleEntry);
 
         KeLeaveCriticalRegion();
+        ObDereferenceObject(ObjectBody);
         
         return(STATUS_OBJECT_TYPE_MISMATCH);
      }
@@ -762,6 +765,7 @@
 	if (!(GrantedAccess & DesiredAccess) &&
 	    !((~GrantedAccess) & DesiredAccess))
 	  {
+             ObDereferenceObject(ObjectBody);
 	     CHECKPOINT;
 	     return(STATUS_ACCESS_DENIED);
 	  }