[reactos] 01/01: [WIN32K:NTUSER] Fix an unintialized user's token variable case - Ros-diffs

11 Jun 2023

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=0f9be539856b392b99dae3...
commit 0f9be539856b392b99dae3d8bdecedb0b9de44fd
Author:     George Bișoc george.bisoc@reactos.org
AuthorDate: Sun Jun 11 00:00:03 2023 +0200
Commit:     George Bișoc george.bisoc@reactos.org
CommitDate: Sun Jun 11 18:14:02 2023 +0200
[WIN32K:NTUSER] Fix an unintialized user's token variable case
And remove the "!NT_SUCCESS(Status)" check which is excessive, the expected
    status will always be STATUS_BUFFER_TOO_SMALL anyway. This should fix
    some compilation warnings spotted by GCC. Courtesy goes to Hermes for letting
    me know of these warnings.
---
 win32ss/user/ntuser/security.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/win32ss/user/ntuser/security.c b/win32ss/user/ntuser/security.c
index 276d01bfe16..2ed4e1b66a0 100644
--- a/win32ss/user/ntuser/security.c
+++ b/win32ss/user/ntuser/security.c
@@ -2,7 +2,7 @@
  * PROJECT:         ReactOS Win32k subsystem
  * LICENSE:         GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
  * PURPOSE:         Security infrastructure of NTUSER component of Win32k
- * COPYRIGHT:       Copyright 2022 George Bișoc george.bisoc@reactos.org
+ * COPYRIGHT:       Copyright 2022-2023 George Bișoc george.bisoc@reactos.org
  */
/* INCLUDES ******************************************************************/
@@ -170,7 +170,7 @@ IntQueryUserSecurityIdentification(
     _Out_ PTOKEN_USER *User)
 {
     NTSTATUS Status;
-    PTOKEN_USER UserToken;
+    PTOKEN_USER UserToken = NULL;
     HANDLE Token;
     ULONG BufferLength;
@@ -196,7 +196,7 @@ IntQueryUserSecurityIdentification(
                                      NULL,
                                      0,
                                      &BufferLength);
-    if (!NT_SUCCESS(Status) && Status == STATUS_BUFFER_TOO_SMALL)
+    if (Status == STATUS_BUFFER_TOO_SMALL)
     {
         /*
          * Allocate some memory for the buffer
@@ -212,6 +212,12 @@ IntQueryUserSecurityIdentification(
             return STATUS_NO_MEMORY;
         }
     }
+    else if (!NT_SUCCESS(Status))
+    {
+        ERR("IntQueryUserSecurityIdentification(): Failed to query the necessary length for the buffer (Status 0x%08lx)!\n", Status);
+        ZwClose(Token);
+        return Status;
+    }
/* Query the user now as we have plenty of space to hold it */
     Status = ZwQueryInformationToken(Token,

    