01/01: [ADVAPI32] Add parameter checks to LogonUserExW and initialize the token handle. - Ros-diffs

5 Aug 2018

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=5ebcc6cdc1dff92055398b...
commit 5ebcc6cdc1dff92055398b10af7ab74e8ae4eb31
Author:     Eric Kohl eric.kohl@reactos.org
AuthorDate: Sun Aug 5 16:16:53 2018 +0200
Commit:     Eric Kohl eric.kohl@reactos.org
CommitDate: Sun Aug 5 16:16:53 2018 +0200
[ADVAPI32] Add parameter checks to LogonUserExW and initialize the token handle.
---
 dll/win32/advapi32/misc/logon.c | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/dll/win32/advapi32/misc/logon.c b/dll/win32/advapi32/misc/logon.c
index 88be6e5f39..f4e3f851df 100644
--- a/dll/win32/advapi32/misc/logon.c
+++ b/dll/win32/advapi32/misc/logon.c
@@ -469,7 +469,21 @@ LogonUserExW(
     NTSTATUS SubStatus = STATUS_SUCCESS;
     NTSTATUS Status;
-    *phToken = NULL;
+    if ((ppProfileBuffer != NULL && pdwProfileLength == NULL) ||
+        (ppProfileBuffer == NULL && pdwProfileLength != NULL))
+    {
+        SetLastError(ERROR_INVALID_PARAMETER);
+        return FALSE;
+    }
+
+    if (ppProfileBuffer != NULL && pdwProfileLength != NULL)
+    {
+        *ppProfileBuffer = NULL;
+        *pdwProfileLength = 0;
+    }
+
+    if (phToken != NULL)
+        *phToken = NULL;
switch (dwLogonType)
     {
@@ -654,9 +668,10 @@ LogonUserExW(
         TRACE("TokenHandle: %p\n", TokenHandle);
     }
-    *phToken = TokenHandle;
+    if (phToken != NULL)
+        *phToken = TokenHandle;
-    /* FIXME: return ppLogonSid, ppProfileBuffer, pdwProfileLength and pQuotaLimits */
+    /* FIXME: return ppLogonSid and pQuotaLimits */
done:
     if (ProfileBuffer != NULL)

    