[ros-diffs] [weiden] 13237: don't copy the entire security descriptor to the stack in SeCaptureSecurityDescriptor() when previous mode is kernel mode and capturing for kernel mode is undesired

24 Jan 2005

don't copy the entire security descriptor to the stack in
SeCaptureSecurityDescriptor() when previous mode is kernel mode and
capturing for kernel mode is undesired
Modified: trunk/reactos/ntoskrnl/se/sd.c
  _____  

Modified: trunk/reactos/ntoskrnl/se/sd.c

--- trunk/reactos/ntoskrnl/se/sd.c	2005-01-23 23:51:40 UTC (rev
13236)
+++ trunk/reactos/ntoskrnl/se/sd.c	2005-01-24 00:09:04 UTC (rev
13237)
@@ -154,18 +154,22 @@

         return Status;
       }
     }
+    else if(!CaptureIfKernel)
+    {
+      if(OriginalSecurityDescriptor->Revision !=
SECURITY_DESCRIPTOR_REVISION1)
+      {
+        return STATUS_UNKNOWN_REVISION;
+      }
+      
+      *CapturedSecurityDescriptor = OriginalSecurityDescriptor;
+      return STATUS_SUCCESS;
+    }
     else
     {
       /* make a copy on the stack */
       DescriptorCopy = *OriginalSecurityDescriptor;
     }
     
-    if(CurrentMode == KernelMode && !CaptureIfKernel)
-    {
-      *CapturedSecurityDescriptor = OriginalSecurityDescriptor;
-      return STATUS_SUCCESS;
-    }
-    
     if(DescriptorCopy.Revision != SECURITY_DESCRIPTOR_REVISION1)
     {
       return STATUS_UNKNOWN_REVISION;



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [weiden] 13237: don't copy the entire security descriptor to the stack in SeCaptureSecurityDescriptor() when previous mode is kernel mode and capturing for kernel mode is undesired