[ros-diffs] [tfaber] 72101: [NTOS:SE] - Remove unnecessary null checks & fix up cleanup in SepCreateToken and SepDuplicateToken. Based on a patch by Víctor Martínez Calvo CORE-11768 #resolve

Author: tfaber Date: Wed Aug 3 17:10:59 2016 New Revision: 72101 URL: http://svn.reactos.org/svn/reactos?rev=72101&view=rev Log: [NTOS:SE] - Remove unnecessary null checks & fix up cleanup in SepCreateToken and SepDuplicateToken. Based on a patch by Víctor Martínez Calvo CORE-11768 #resolve Modified: trunk/reactos/ntoskrnl/se/token.c Modified: trunk/reactos/ntoskrnl/se/token.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/token.c?rev=72… ============================================================================== --- trunk/reactos/ntoskrnl/se/token.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/se/token.c [iso-8859-1] Wed Aug 3 17:10:59 2016 @@ -373,7 +373,7 @@ ULONG uLength; ULONG i; PVOID EndMem; - PTOKEN AccessToken = NULL; + PTOKEN AccessToken; NTSTATUS Status; PAGED_CODE(); @@ -400,9 +400,12 @@ AccessToken->TokenLock = &SepTokenLock; + /* Copy and reference the logon session */ + RtlCopyLuid(&AccessToken->AuthenticationId, &Token->AuthenticationId); + SepRmReferenceLogonSession(&AccessToken->AuthenticationId); + AccessToken->TokenType = TokenType; AccessToken->ImpersonationLevel = Level; - RtlCopyLuid(&AccessToken->AuthenticationId, &Token->AuthenticationId); RtlCopyLuid(&AccessToken->ModifiedId, &Token->ModifiedId); AccessToken->TokenSource.SourceIdentifier.LowPart = Token->TokenSource.SourceIdentifier.LowPart; @@ -483,25 +486,11 @@ *NewAccessToken = AccessToken; - /* Reference the logon session */ - SepRmReferenceLogonSession(&AccessToken->AuthenticationId); - done: if (!NT_SUCCESS(Status)) { - if (AccessToken) - { - if (AccessToken->UserAndGroups) - ExFreePoolWithTag(AccessToken->UserAndGroups, TAG_TOKEN_USERS); - - if (AccessToken->Privileges) - ExFreePoolWithTag(AccessToken->Privileges, TAG_TOKEN_PRIVILAGES); - - if (AccessToken->DefaultDacl) - ExFreePoolWithTag(AccessToken->DefaultDacl, TAG_TOKEN_ACL); - - ObDereferenceObject(AccessToken); - } + /* Dereference the token, the delete procedure will clean up */ + ObDereferenceObject(AccessToken); } return Status; @@ -759,8 +748,11 @@ TokenSource->SourceName, sizeof(TokenSource->SourceName)); + /* Copy and reference the logon session */ + RtlCopyLuid(&AccessToken->AuthenticationId, AuthenticationId); + SepRmReferenceLogonSession(&AccessToken->AuthenticationId); + RtlCopyLuid(&AccessToken->TokenId, &TokenId); - RtlCopyLuid(&AccessToken->AuthenticationId, AuthenticationId); AccessToken->ExpirationTime = *ExpirationTime; RtlCopyLuid(&AccessToken->ModifiedId, &ModifiedId); @@ -899,17 +891,11 @@ *TokenHandle = (HANDLE)AccessToken; } - /* Reference the logon session */ - SepRmReferenceLogonSession(AuthenticationId); - done: if (!NT_SUCCESS(Status)) { - if (AccessToken) - { - /* Dereference the token, the delete procedure will clean up */ - ObDereferenceObject(AccessToken); - } + /* Dereference the token, the delete procedure will clean up */ + ObDereferenceObject(AccessToken); } return Status; @@ -1091,7 +1077,7 @@ DPRINT1("SeQueryInformationToken(%d) invalid information class\n", TokenInformationClass); return STATUS_INVALID_INFO_CLASS; } - + switch (TokenInformationClass) { case TokenImpersonationLevel: