From 813879f02f55bed94a9a4e0fef6c6c2a4f324aa0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?=
 <hermes.belusca-maito@reactos.org>
Date: Mon, 25 Jun 2018 15:21:33 +0200
Subject: [PATCH] [NTOS:PS] Adjust the PsReferenceEffectiveToken() prototype in
 the header; add a comment about the fact that the ImpersonationLevel
 parameter can be left untouched on purpose in one special case.

---
 ntoskrnl/include/internal/ps.h | 6 +++---
 ntoskrnl/ps/security.c         | 7 +++++--
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/ntoskrnl/include/internal/ps.h b/ntoskrnl/include/internal/ps.h
index f39239ffd73..b6eb06d2504 100644
--- a/ntoskrnl/include/internal/ps.h
+++ b/ntoskrnl/include/internal/ps.h
@@ -170,9 +170,9 @@ PACCESS_TOKEN
 NTAPI
 PsReferenceEffectiveToken(
     IN PETHREAD Thread,
-    OUT PTOKEN_TYPE TokenType,
-    OUT PUCHAR b,
-    OUT PSECURITY_IMPERSONATION_LEVEL Level
+    OUT IN PTOKEN_TYPE TokenType,
+    OUT PBOOLEAN EffectiveOnly,
+    OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
 );
 
 NTSTATUS
diff --git a/ntoskrnl/ps/security.c b/ntoskrnl/ps/security.c
index e49e23be08e..f696d0f3e51 100644
--- a/ntoskrnl/ps/security.c
+++ b/ntoskrnl/ps/security.c
@@ -691,11 +691,13 @@ NTAPI
 PsReferenceEffectiveToken(IN PETHREAD Thread,
                           OUT IN PTOKEN_TYPE TokenType,
                           OUT PBOOLEAN EffectiveOnly,
-                          OUT PSECURITY_IMPERSONATION_LEVEL Level)
+                          OUT PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
 {
     PEPROCESS Process;
     PACCESS_TOKEN Token = NULL;
+
     PAGED_CODE();
+
     PSTRACE(PS_SECURITY_DEBUG,
             "Thread: %p, TokenType: %p\n", Thread, TokenType);
 
@@ -716,7 +718,7 @@ PsReferenceEffectiveToken(IN PETHREAD Thread,
             /* Return data to caller */
             *TokenType = TokenImpersonation;
             *EffectiveOnly = Thread->ImpersonationInfo->EffectiveOnly;
-            *Level = Thread->ImpersonationInfo->ImpersonationLevel;
+            *ImpersonationLevel = Thread->ImpersonationInfo->ImpersonationLevel;
 
             /* Unlock the Process */
             PspUnlockProcessSecurityShared(Process);
@@ -746,6 +748,7 @@ PsReferenceEffectiveToken(IN PETHREAD Thread,
     /* Return the token */
     *TokenType = TokenPrimary;
     *EffectiveOnly = FALSE;
+    // NOTE: ImpersonationLevel is left untouched on purpose!
     return Token;
 }