From 9fa31e0f9b137df0d13777ba153e5e9ff8dd4ab4 Mon Sep 17 00:00:00 2001
From: Eric Kohl <eric.kohl@reactos.org>
Date: Sun, 2 May 2021 15:28:26 +0200
Subject: [PATCH] [NTOS:PS] Add the missing privilege check to
 NtSetInformationThread:ThreadPriority

This fixes the remaining failure in the NtSetInformationThread test.
---
 ntoskrnl/ps/query.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/ntoskrnl/ps/query.c b/ntoskrnl/ps/query.c
index ea343c51eab..0d2d1cd6e41 100644
--- a/ntoskrnl/ps/query.c
+++ b/ntoskrnl/ps/query.c
@@ -2033,6 +2033,7 @@ NtSetInformationThread(IN HANDLE ThreadHandle,
     PVOID *ExpansionSlots;
     PETHREAD ProcThread;
     ULONG Alignment;
+    BOOLEAN HasPrivilege;
     PAGED_CODE();
 
     /* Check if we were called from user mode */
@@ -2110,6 +2111,20 @@ NtSetInformationThread(IN HANDLE ThreadHandle,
                 break;
             }
 
+            /* Check for the required privilege */
+            if (Priority >= LOW_REALTIME_PRIORITY)
+            {
+                HasPrivilege = SeCheckPrivilegedObject(SeIncreaseBasePriorityPrivilege,
+                                                       ThreadHandle,
+                                                       THREAD_SET_INFORMATION,
+                                                       PreviousMode);
+                if (!HasPrivilege)
+                {
+                    DPRINT1("Privilege to change priority to %lx lacking\n", Priority);
+                    return STATUS_PRIVILEGE_NOT_HELD;
+                }
+            }
+
             /* Reference the thread */
             Status = ObReferenceObjectByHandle(ThreadHandle,
                                                THREAD_SET_INFORMATION,