https://git.reactos.org/?p=reactos.git;a=commitdiff;h=62384951c8367e2511d94… commit 62384951c8367e2511d94e16571d7999f225cb40 Author: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> AuthorDate: Sun Jun 24 03:25:21 2018 +0200 Commit: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> CommitDate: Wed Jun 27 23:40:12 2018 +0200 [LSASRV] If TokenInfo1->Privileges is NULL, which can be expected, pass a valid pointer to a valid but empty privilege structure to NtCreateToken(), as it always want a non-NULL pointer. --- dll/win32/lsasrv/authpackage.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/dll/win32/lsasrv/authpackage.c b/dll/win32/lsasrv/authpackage.c index 3cc43f7487..0e9ab0b701 100644 --- a/dll/win32/lsasrv/authpackage.c +++ b/dll/win32/lsasrv/authpackage.c @@ -1550,6 +1550,7 @@ LsapLogonUser(PLSA_API_MSG RequestMsg, if (TokenInformationType == LsaTokenInformationV1) { + TOKEN_PRIVILEGES NoPrivilege = {0}; TokenInfo1 = (PLSA_TOKEN_INFORMATION_V1)TokenInformation; Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE); @@ -1573,7 +1574,8 @@ LsapLogonUser(PLSA_API_MSG RequestMsg, &TokenInfo1->ExpirationTime, &TokenInfo1->User, TokenInfo1->Groups, - TokenInfo1->Privileges, + TokenInfo1->Privileges ? TokenInfo1->Privileges + : &NoPrivilege, &TokenInfo1->Owner, &TokenInfo1->PrimaryGroup, &TokenInfo1->DefaultDacl,