mirror of
https://github.com/reactos/reactos.git
synced 2024-09-28 21:44:31 +00:00
- SeAccessCheck should assume failure if no SD was passed. Also fixes bugcheck on startup since processes don't currently have SDs.
svn path=/trunk/; revision=23235
This commit is contained in:
parent
a818a86bf9
commit
a92eec4397
|
@ -263,6 +263,7 @@ PspSetPrimaryToken(IN PEPROCESS Process,
|
|||
SubjectContext.ClientToken = NULL;
|
||||
|
||||
/* Do the access check */
|
||||
if (!SecurityDescriptor) DPRINT1("FIX PS SDs!!\n");
|
||||
Result = SeAccessCheck(SecurityDescriptor,
|
||||
&SubjectContext,
|
||||
FALSE,
|
||||
|
|
|
@ -871,6 +871,14 @@ SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
|
||||
PAGED_CODE();
|
||||
|
||||
/* Check if we didn't get an SD */
|
||||
if (!SecurityDescriptor)
|
||||
{
|
||||
/* Automatic failure */
|
||||
*AccessStatus = STATUS_ACCESS_DENIED;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
CurrentAccess = PreviouslyGrantedAccess;
|
||||
|
||||
if (SubjectContextLocked == FALSE)
|
||||
|
|
Loading…
Reference in a new issue