Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 20:25:39 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTOS:SE] Don't assert on levels that don't allow impersonation.

Browse source
This commit is contained in:
Thomas Faber 2021-11-21 17:18:25 -05:00
parent 3e5dcf7937
commit 88e3ef5fa0
No known key found for this signature in database
GPG key ID: 076E7C3D44720826
1 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ntoskrnl/se/token.c
View file

@ -3582,11 +3582,13 @@ SeTokenCanImpersonate(
/* /*
* SecurityAnonymous and SecurityIdentification levels do not * SecurityAnonymous and SecurityIdentification levels do not
* allow impersonation. If we get such levels from the call * allow impersonation.
* then something's seriously wrong.
*/ */
ASSERT(ImpersonationLevel != SecurityAnonymous && if (ImpersonationLevel == SecurityAnonymous ||
ImpersonationLevel != SecurityIdentification); ImpersonationLevel == SecurityIdentification)
{
return FALSE;
}
/* Time to lock our tokens */ /* Time to lock our tokens */
SepAcquireTokenLockShared(ProcessToken); SepAcquireTokenLockShared(ProcessToken);