diff --git a/dll/ntdll/csr/connect.c b/dll/ntdll/csr/connect.c index 82c91c8c3a1..ffe2a426ca9 100644 --- a/dll/ntdll/csr/connect.c +++ b/dll/ntdll/csr/connect.c @@ -221,7 +221,7 @@ CsrpConnectToServer(IN PWSTR ObjectDirectory) NULL, &CsrSectionViewSize, PAGE_READWRITE, - SEC_COMMIT, + SEC_RESERVE, NULL); if (!NT_SUCCESS(Status)) { @@ -250,16 +250,16 @@ CsrpConnectToServer(IN PWSTR ObjectDirectory) /* Create a SID for us */ Status = RtlAllocateAndInitializeSid(&NtSidAuthority, - 1, - SECURITY_LOCAL_SYSTEM_RID, - 0, - 0, - 0, - 0, - 0, - 0, - 0, - &SystemSid); + 1, + SECURITY_LOCAL_SYSTEM_RID, + 0, + 0, + 0, + 0, + 0, + 0, + 0, + &SystemSid); if (!NT_SUCCESS(Status)) { /* Failure */ @@ -278,6 +278,7 @@ CsrpConnectToServer(IN PWSTR ObjectDirectory) NULL, &ConnectionInfo, &ConnectionInfoLength); + RtlFreeSid(SystemSid); NtClose(CsrSectionHandle); if (!NT_SUCCESS(Status)) { diff --git a/subsystems/win/basesrv/dosdev.c b/subsystems/win/basesrv/dosdev.c index dd4a8019f9c..8766ebf033a 100644 --- a/subsystems/win/basesrv/dosdev.c +++ b/subsystems/win/basesrv/dosdev.c @@ -420,8 +420,8 @@ CSR_API(BaseSrvDefineDosDevice) &AdminSid); SidLength = RtlLengthSid(SystemSid) + - RtlLengthSid(AdminSid) + - RtlLengthSid(WorldSid); + RtlLengthSid(AdminSid) + + RtlLengthSid(WorldSid); Length = sizeof(ACL) + SidLength + 3 * sizeof(ACCESS_ALLOWED_ACE); SecurityDescriptor = RtlAllocateHeap(BaseSrvHeap, diff --git a/subsystems/win/basesrv/init.c b/subsystems/win/basesrv/init.c index 569988db5a2..edda67efdd2 100644 --- a/subsystems/win/basesrv/init.c +++ b/subsystems/win/basesrv/init.c @@ -202,9 +202,9 @@ CreateBaseAcls(OUT PACL* Dacl, /* Allocate one ACL with 3 ACEs each for one SID */ AclLength = sizeof(ACL) + 3 * sizeof(ACCESS_ALLOWED_ACE) + - RtlLengthSid(SystemSid) + - RtlLengthSid(RestrictedSid) + - RtlLengthSid(WorldSid); + RtlLengthSid(SystemSid) + + RtlLengthSid(WorldSid) + + RtlLengthSid(RestrictedSid); *Dacl = RtlAllocateHeap(BaseSrvHeap, 0, AclLength); ASSERT(*Dacl != NULL); @@ -239,9 +239,9 @@ CreateBaseAcls(OUT PACL* Dacl, ASSERT(NT_SUCCESS(Status)); /* The SIDs are captured, can free them now */ - RtlFreeHeap(BaseSrvHeap, 0, SystemSid); - RtlFreeHeap(BaseSrvHeap, 0, WorldSid); - RtlFreeHeap(BaseSrvHeap, 0, RestrictedSid); + RtlFreeSid(RestrictedSid); + RtlFreeSid(WorldSid); + RtlFreeSid(SystemSid); return Status; } diff --git a/subsystems/win32/csrsrv/init.c b/subsystems/win32/csrsrv/init.c index 9fd459055c0..3795185d3ed 100644 --- a/subsystems/win32/csrsrv/init.c +++ b/subsystems/win32/csrsrv/init.c @@ -350,10 +350,10 @@ GetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR DosDevicesSd) /* FIXME: semi-failure cases! Quickie: */ Quickie: /* Free the SIDs */ - RtlFreeSid(SystemSid); - RtlFreeSid(WorldSid); - RtlFreeSid(AdminSid); RtlFreeSid(CreatorSid); + RtlFreeSid(AdminSid); + RtlFreeSid(WorldSid); + RtlFreeSid(SystemSid); /* Return */ return Status; @@ -820,32 +820,24 @@ CsrCreateLocalSystemSD(OUT PSECURITY_DESCRIPTOR *LocalSystemSd) /* Now create the SD itself */ Status = RtlCreateSecurityDescriptor(SystemSd, SECURITY_DESCRIPTOR_REVISION); - if (!NT_SUCCESS(Status)) - { - /* Fail */ - RtlFreeHeap(CsrHeap, 0, SystemSd); - return Status; - } + if (!NT_SUCCESS(Status)) goto Quit; /* Create the DACL for it */ RtlCreateAcl(Dacl, Length, ACL_REVISION2); /* Create the ACE */ Status = RtlAddAccessAllowedAce(Dacl, ACL_REVISION, PORT_ALL_ACCESS, SystemSid); - if (!NT_SUCCESS(Status)) - { - /* Fail */ - RtlFreeHeap(CsrHeap, 0, SystemSd); - return Status; - } + if (!NT_SUCCESS(Status)) goto Quit; /* Clear the DACL in the SD */ Status = RtlSetDaclSecurityDescriptor(SystemSd, TRUE, Dacl, FALSE); + if (!NT_SUCCESS(Status)) goto Quit; + +Quit: if (!NT_SUCCESS(Status)) { - /* Fail */ RtlFreeHeap(CsrHeap, 0, SystemSd); - return Status; + SystemSd = NULL; } /* Free the SID and return*/