Added two missing dereferencing calls in ObReferenceObjectByHandle.  
Checked also for NtCurrentThread in NtDuplicateObject.  
Used the return value from InterlockedIncrement to check for a correct handle count.

Modified: trunk/reactos/ntoskrnl/ob/handle.c

--- trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:14:21 UTC (rev 14187)
+++ trunk/reactos/ntoskrnl/ob/handle.c	2005-03-19 09:18:58 UTC (rev 14188)
@@ -166,6 +166,7 @@

   POBJECT_HEADER ObjectHeader;
   LONG ExTargetHandle;
   LONG ExSourceHandle = HANDLE_TO_EX_HANDLE(SourceHandle);

+  ULONG NewHandleCount;

   
   PAGED_CODE();
   
@@ -200,8 +201,8 @@

      1 here, we're in big trouble... it would've been safe to increment and
      check the handle count without using interlocked functions because the
      entry is locked, which means the handle count can't change. */

-  InterlockedIncrement(&ObjectHeader->HandleCount);
-  ASSERT(ObjectHeader->HandleCount >= 2);

+  NewHandleCount = InterlockedIncrement(&ObjectHeader->HandleCount);
+  ASSERT(NewHandleCount >= 2);

   
   ExUnlockHandleTableEntry(SourceProcess->ObjectTable,
                            SourceHandleEntry);
@@ -329,7 +330,8 @@

      }
 
    /* Check for magic handle first */

-   if (SourceHandle == NtCurrentThread())

+   if (SourceHandle == NtCurrentThread() ||
+       SourceHandle == NtCurrentProcess())

      {
        PVOID ObjectBody;
        
@@ -746,6 +748,7 @@

                                  HandleEntry);
 
         KeLeaveCriticalRegion();

+        ObDereferenceObject(ObjectBody);

         
         return(STATUS_OBJECT_TYPE_MISMATCH);
      }
@@ -762,6 +765,7 @@

 	if (!(GrantedAccess & DesiredAccess) &&
 	    !((~GrantedAccess) & DesiredAccess))
 	  {

+             ObDereferenceObject(ObjectBody);

 	     CHECKPOINT;
 	     return(STATUS_ACCESS_DENIED);
 	  }