https://git.reactos.org/?p=reactos.git;a=commitdiff;h=813879f02f55bed94a9a4…
commit 813879f02f55bed94a9a4e0fef6c6c2a4f324aa0
Author: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org>
AuthorDate: Mon Jun 25 15:21:33 2018 +0200
Commit: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org>
CommitDate: Wed Jun 27 23:40:13 2018 +0200
[NTOS:PS] Adjust the PsReferenceEffectiveToken() prototype in the header; add a
comment about the fact that the ImpersonationLevel parameter can be left untouched on
purpose in one special case.
---
ntoskrnl/include/internal/ps.h | 6 +++---
ntoskrnl/ps/security.c | 7 +++++--
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/ntoskrnl/include/internal/ps.h b/ntoskrnl/include/internal/ps.h
index f39239ffd7..b6eb06d250 100644
--- a/ntoskrnl/include/internal/ps.h
+++ b/ntoskrnl/include/internal/ps.h
@@ -170,9 +170,9 @@ PACCESS_TOKEN
NTAPI
PsReferenceEffectiveToken(
IN PETHREAD Thread,
- OUT PTOKEN_TYPE TokenType,
- OUT PUCHAR b,
- OUT PSECURITY_IMPERSONATION_LEVEL Level
+ OUT IN PTOKEN_TYPE TokenType,
+ OUT PBOOLEAN EffectiveOnly,
+ OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
NTSTATUS
diff --git a/ntoskrnl/ps/security.c b/ntoskrnl/ps/security.c
index e49e23be08..f696d0f3e5 100644
--- a/ntoskrnl/ps/security.c
+++ b/ntoskrnl/ps/security.c
@@ -691,11 +691,13 @@ NTAPI
PsReferenceEffectiveToken(IN PETHREAD Thread,
OUT IN PTOKEN_TYPE TokenType,
OUT PBOOLEAN EffectiveOnly,
- OUT PSECURITY_IMPERSONATION_LEVEL Level)
+ OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
{
PEPROCESS Process;
PACCESS_TOKEN Token = NULL;
+
PAGED_CODE();
+
PSTRACE(PS_SECURITY_DEBUG,
"Thread: %p, TokenType: %p\n", Thread, TokenType);
@@ -716,7 +718,7 @@ PsReferenceEffectiveToken(IN PETHREAD Thread,
/* Return data to caller */
*TokenType = TokenImpersonation;
*EffectiveOnly = Thread->ImpersonationInfo->EffectiveOnly;
- *Level = Thread->ImpersonationInfo->ImpersonationLevel;
+ *ImpersonationLevel = Thread->ImpersonationInfo->ImpersonationLevel;
/* Unlock the Process */
PspUnlockProcessSecurityShared(Process);
@@ -746,6 +748,7 @@ PsReferenceEffectiveToken(IN PETHREAD Thread,
/* Return the token */
*TokenType = TokenPrimary;
*EffectiveOnly = FALSE;
+ // NOTE: ImpersonationLevel is left untouched on purpose!
return Token;
}