mirror of
https://github.com/reactos/reactos.git
synced 2024-07-02 18:54:25 +00:00
Improvements to NtAdjustPrivilegesToken part 3:
- Simplify the privilege modification code. svn path=/trunk/; revision=48717
This commit is contained in:
Eric Kohl
parent
b96cb710f4
commit
6153f47739
|
|
@ -1962,8 +1962,6 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
|
||||||
PTOKEN Token;
|
PTOKEN Token;
|
||||||
ULONG i;
|
ULONG i;
|
||||||
ULONG j;
|
ULONG j;
|
||||||
ULONG k;
|
|
||||||
ULONG Count;
|
|
||||||
NTSTATUS Status;
|
NTSTATUS Status;
|
||||||
|
|
||||||
PAGED_CODE();
|
PAGED_CODE();
|
||||||
|
|
@ -2074,7 +2072,7 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
|
||||||
{
|
{
|
||||||
if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
|
if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
|
||||||
{
|
{
|
||||||
DPRINT("Attribute enabled\n");
|
DPRINT("Privilege enabled\n");
|
||||||
|
|
||||||
ChangeCount++;
|
ChangeCount++;
|
||||||
}
|
}
|
||||||
|
|
@ -2137,40 +2135,30 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Change the privilege attributes */
|
||||||
if (PreviousState != NULL)
|
ChangeCount = 0;
|
||||||
PreviousState->PrivilegeCount = 0;
|
for (i = 0; i < Token->PrivilegeCount; i++)
|
||||||
|
|
||||||
k = 0;
|
|
||||||
if (DisableAllPrivileges == TRUE)
|
|
||||||
{
|
{
|
||||||
for (i = 0; i < Token->PrivilegeCount; i++)
|
if (DisableAllPrivileges == TRUE)
|
||||||
{
|
{
|
||||||
if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
|
if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
|
||||||
{
|
{
|
||||||
DPRINT ("Attributes enabled\n");
|
DPRINT ("Privilege enabled\n");
|
||||||
|
|
||||||
/* Save current privilege */
|
/* Save the current privilege */
|
||||||
if (PreviousState != NULL)
|
if (PreviousState != NULL)
|
||||||
{
|
{
|
||||||
PreviousState->PrivilegeCount++;
|
PreviousState->Privileges[ChangeCount].Luid = Token->Privileges[i].Luid;
|
||||||
PreviousState->Privileges[k].Luid = Token->Privileges[i].Luid;
|
PreviousState->Privileges[ChangeCount].Attributes = Token->Privileges[i].Attributes;
|
||||||
PreviousState->Privileges[k].Attributes = Token->Privileges[i].Attributes;
|
|
||||||
|
|
||||||
k++;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Update current privlege */
|
/* Disable the current privlege */
|
||||||
Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
|
Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
|
||||||
|
|
||||||
|
ChangeCount++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
Status = STATUS_SUCCESS;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
Count = 0;
|
|
||||||
for (i = 0; i < Token->PrivilegeCount; i++)
|
|
||||||
{
|
{
|
||||||
for (j = 0; j < CapturedCount; j++)
|
for (j = 0; j < CapturedCount; j++)
|
||||||
{
|
{
|
||||||
|
|
@ -2179,6 +2167,7 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
|
||||||
{
|
{
|
||||||
DPRINT ("Found privilege\n");
|
DPRINT ("Found privilege\n");
|
||||||
|
|
||||||
|
/* Check whether the attributes differ */
|
||||||
if ((Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED) !=
|
if ((Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED) !=
|
||||||
(CapturedPrivileges[j].Attributes & SE_PRIVILEGE_ENABLED))
|
(CapturedPrivileges[j].Attributes & SE_PRIVILEGE_ENABLED))
|
||||||
{
|
{
|
||||||
|
|
@ -2187,32 +2176,33 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
|
||||||
Token->Privileges[i].Attributes,
|
Token->Privileges[i].Attributes,
|
||||||
CapturedPrivileges[j].Attributes);
|
CapturedPrivileges[j].Attributes);
|
||||||
|
|
||||||
/* Save current privilege */
|
/* Save the current privilege */
|
||||||
if (PreviousState != NULL)
|
if (PreviousState != NULL)
|
||||||
{
|
{
|
||||||
PreviousState->PrivilegeCount++;
|
PreviousState->Privileges[ChangeCount].Luid = Token->Privileges[i].Luid;
|
||||||
PreviousState->Privileges[k].Luid = Token->Privileges[i].Luid;
|
PreviousState->Privileges[ChangeCount].Attributes = Token->Privileges[i].Attributes;
|
||||||
PreviousState->Privileges[k].Attributes = Token->Privileges[i].Attributes;
|
|
||||||
|
|
||||||
k++;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Update current privlege */
|
/* Update the current privlege */
|
||||||
Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
|
Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
|
||||||
Token->Privileges[i].Attributes |=
|
Token->Privileges[i].Attributes |=
|
||||||
(CapturedPrivileges[j].Attributes & SE_PRIVILEGE_ENABLED);
|
(CapturedPrivileges[j].Attributes & SE_PRIVILEGE_ENABLED);
|
||||||
DPRINT ("New attributes %lx\n",
|
DPRINT ("New attributes %lx\n",
|
||||||
Token->Privileges[i].Attributes);
|
Token->Privileges[i].Attributes);
|
||||||
}
|
|
||||||
|
|
||||||
Count++;
|
ChangeCount++;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Status = (Count < CapturedCount) ? STATUS_NOT_ALL_ASSIGNED : STATUS_SUCCESS;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Set the number of saved privileges */
|
||||||
|
if (PreviousState != NULL)
|
||||||
|
PreviousState->PrivilegeCount = ChangeCount;
|
||||||
|
|
||||||
|
/* Set the status */
|
||||||
|
Status = (ChangeCount < CapturedCount) ? STATUS_NOT_ALL_ASSIGNED : STATUS_SUCCESS;
|
||||||
|
|
||||||
/* Dereference the token */
|
/* Dereference the token */
|
||||||
ObDereferenceObject (Token);
|
ObDereferenceObject (Token);
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue