From c2b2763cba5b905a5398a6845c58aa649809af19 Mon Sep 17 00:00:00 2001
From: Eric Kohl <eric.kohl@reactos.org>
Date: Fri, 24 May 2013 09:07:46 +0000
Subject: [PATCH] [NTOSKRNL] SeValidSecurityDescriptor does not correctly check
 for invalid DACL revision numbers. Patch by Samuel Serapion.

CORE-7209 #resolve #comment Committed in r59075.

svn path=/trunk/; revision=59075
---
 reactos/ntoskrnl/se/sd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/reactos/ntoskrnl/se/sd.c b/reactos/ntoskrnl/se/sd.c
index c5b57773497..6660338c5dd 100644
--- a/reactos/ntoskrnl/se/sd.c
+++ b/reactos/ntoskrnl/se/sd.c
@@ -1088,7 +1088,7 @@ SeValidSecurityDescriptor(IN ULONG Length,
         }
 
         Acl = (PACL)((ULONG_PTR)SecurityDescriptor + SecurityDescriptor->Dacl);
-        if ((Acl->AclRevision < MIN_ACL_REVISION) &&
+        if ((Acl->AclRevision < MIN_ACL_REVISION) ||
             (Acl->AclRevision > MAX_ACL_REVISION))
         {
             DPRINT1("Invalid DACL revision\n");