[FORMATTING]

No code changes. svn path=/trunk/; revision=47383
2024-06-29 01:12:06 +00:00 · 2010-05-28 16:28:27 +00:00 · 2010-05-28 16:28:27 +00:00 · f0910f33d3
parent 4e25539b71
commit f0910f33d3
9 changed files with 856 additions and 827 deletions
--- a/reactos/ntoskrnl/se/access.c
+++ b/reactos/ntoskrnl/se/access.c
@ -30,6 +30,7 @@ SeCaptureSubjectContextEx(IN PETHREAD Thread,
                          OUT PSECURITY_SUBJECT_CONTEXT SubjectContext)
 {
    BOOLEAN CopyOnOpen, EffectiveOnly;
+
    PAGED_CODE();

    /* Save the unique ID */
@ -127,6 +128,7 @@ SeCreateAccessStateEx(IN PETHREAD Thread,
 {
    ACCESS_MASK AccessMask = Access;
    PTOKEN Token;
+
    PAGED_CODE();

    /* Map the Generic Acess to Specific Access if we have a Mapping */
@ -200,6 +202,7 @@ NTAPI
 SeDeleteAccessState(IN PACCESS_STATE AccessState)
 {
    PAUX_ACCESS_DATA AuxData;
+
    PAGED_CODE();

    /* Get the Auxiliary Data */
@ -213,6 +216,7 @@ SeDeleteAccessState(IN PACCESS_STATE AccessState)
    {
        ExFreePool(AccessState->ObjectName.Buffer);
    }
+
    if (AccessState->ObjectTypeName.Buffer)
    {
        ExFreePool(AccessState->ObjectTypeName.Buffer);
@ -252,6 +256,7 @@ SeCreateClientSecurity(IN PETHREAD Thread,
    PACCESS_TOKEN Token;
    NTSTATUS Status;
    PACCESS_TOKEN NewToken;
+
    PAGED_CODE();

    Token = PsReferenceEffectiveToken(Thread,
@ -279,8 +284,7 @@ SeCreateClientSecurity(IN PETHREAD Thread,
        }

        ClientContext->DirectAccessEffectiveOnly = ((ThreadEffectiveOnly) ||
-                                                    (Qos->EffectiveOnly)) ?
-        TRUE : FALSE;
+                                                    (Qos->EffectiveOnly)) ? TRUE : FALSE;
    }

    if (Qos->ContextTrackingMode == SECURITY_STATIC_TRACKING)
@ -358,10 +362,12 @@ SeImpersonateClient(IN PSECURITY_CLIENT_CONTEXT ClientContext,
    {
        b = ClientContext->DirectAccessEffectiveOnly;
    }
+
    if (ServerThread == NULL)
    {
        ServerThread = PsGetCurrentThread();
    }
+
    PsImpersonateClient(ServerThread,
                        ClientContext->ClientToken,
                        1,
--- a/reactos/ntoskrnl/se/acl.c
+++ b/reactos/ntoskrnl/se/acl.c
@ -60,7 +60,6 @@ SepInitDACLs(VOID)
                           GENERIC_ALL,
                           SeLocalSystemSid);

-    
    /* create PublicDefaultUnrestrictedDacl */
    AclLength = sizeof(ACL) +
                (sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
@ -216,7 +215,7 @@ SepInitDACLs(VOID)
                           GENERIC_READ | GENERIC_EXECUTE,
                           SeRestrictedCodeSid);

-    return(TRUE);
+    return TRUE;
 }

 NTSTATUS NTAPI
@ -299,7 +298,7 @@ SepCaptureAcl(IN PACL InputAcl,

        NewAcl = ExAllocatePool(PoolType,
                                AclSize);
-        if(NewAcl != NULL)
+        if (NewAcl != NULL)
        {
            _SEH2_TRY
            {
@ -322,7 +321,7 @@ SepCaptureAcl(IN PACL InputAcl,
            Status = STATUS_INSUFFICIENT_RESOURCES;
        }
    }
-    else if(!CaptureIfKernel)
+    else if (!CaptureIfKernel)
    {
        *CapturedAcl = InputAcl;
    }
@ -333,7 +332,7 @@ SepCaptureAcl(IN PACL InputAcl,
        NewAcl = ExAllocatePool(PoolType,
                                AclSize);

-        if(NewAcl != NULL)
+        if (NewAcl != NULL)
        {
            RtlCopyMemory(NewAcl,
                          InputAcl,
@ -358,7 +357,7 @@ SepReleaseAcl(IN PACL CapturedAcl,
 {
    PAGED_CODE();

-    if(CapturedAcl != NULL &&
+    if (CapturedAcl != NULL &&
        (AccessMode != KernelMode ||
         (AccessMode == KernelMode && CaptureIfKernel)))
    {
--- a/reactos/ntoskrnl/se/audit.c
+++ b/reactos/ntoskrnl/se/audit.c
@ -4,7 +4,7 @@
 * FILE:            ntoskrnl/se/audit.c
 * PURPOSE:         Audit functions
 *
- * PROGRAMMERS:     Eric Kohl <eric.kohl@t-online.de>
+ * PROGRAMMERS:     Eric Kohl
 */

 /* INCLUDES *******************************************************************/
@ -47,6 +47,7 @@ SeInitializeProcessAuditName(IN PFILE_OBJECT FileObject,
    POBJECT_NAME_INFORMATION ObjectNameInfo = NULL;
    ULONG ReturnLength = 8;
    NTSTATUS Status;
+
    PAGED_CODE();
    ASSERT(AuditInfo);

@ -120,6 +121,7 @@ SeLocateProcessImageName(IN PEPROCESS Process,
    PUNICODE_STRING ImageName;
    PFILE_OBJECT FileObject;
    NTSTATUS Status = STATUS_SUCCESS;
+
    PAGED_CODE();

    /* Assume failure */
@ -260,11 +262,9 @@ SeAuditingFileOrGlobalEvents(IN BOOLEAN AccessGranted,
 */
 VOID
 NTAPI
-SeCloseObjectAuditAlarm(
-                        IN PVOID Object,
+SeCloseObjectAuditAlarm(IN PVOID Object,
                        IN HANDLE Handle,
-                        IN BOOLEAN PerformAction
-                        )
+                        IN BOOLEAN PerformAction)
 {
    UNIMPLEMENTED;
 }
@ -363,7 +363,7 @@ NtCloseObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
                        IN BOOLEAN GenerateOnClose)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }


@ -373,7 +373,7 @@ NtDeleteObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
                         IN BOOLEAN GenerateOnClose)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }


@ -392,7 +392,7 @@ NtOpenObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
                       OUT PBOOLEAN GenerateOnClose)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }


@ -404,7 +404,7 @@ NtPrivilegedServiceAuditAlarm(IN PUNICODE_STRING SubsystemName,
                              IN BOOLEAN AccessGranted)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }


@ -417,7 +417,7 @@ NtPrivilegeObjectAuditAlarm(IN PUNICODE_STRING SubsystemName,
                            IN BOOLEAN AccessGranted)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }

 /* EOF */
--- a/reactos/ntoskrnl/se/priv.c
+++ b/reactos/ntoskrnl/se/priv.c
@ -51,7 +51,7 @@ LUID SeEnableDelegationPrivilege;
 VOID
 INIT_FUNCTION
 NTAPI
-SepInitPrivileges (VOID)
+SepInitPrivileges(VOID)
 {
    SeCreateTokenPrivilege.LowPart = SE_CREATE_TOKEN_PRIVILEGE;
    SeCreateTokenPrivilege.HighPart = 0;
@ -110,7 +110,7 @@ SepInitPrivileges (VOID)

 BOOLEAN
 NTAPI
-SepPrivilegeCheck (PTOKEN Token,
+SepPrivilegeCheck(PTOKEN Token,
                  PLUID_AND_ATTRIBUTES Privileges,
                  ULONG PrivilegeCount,
                  ULONG PrivilegeControl,
@ -120,7 +120,7 @@ SepPrivilegeCheck (PTOKEN Token,
    ULONG j;
    ULONG k;

-    DPRINT ("SepPrivilegeCheck() called\n");
+    DPRINT("SepPrivilegeCheck() called\n");

    PAGED_CODE();

@ -139,8 +139,8 @@ SepPrivilegeCheck (PTOKEN Token,
                if (Token->Privileges[i].Luid.LowPart == Privileges[j].Luid.LowPart &&
                    Token->Privileges[i].Luid.HighPart == Privileges[j].Luid.HighPart)
                {
-                    DPRINT ("Found privilege\n");
-                    DPRINT ("Privilege attributes %lx\n",
+                    DPRINT("Found privilege\n");
+                    DPRINT("Privilege attributes %lx\n",
                           Token->Privileges[i].Attributes);

                    if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
@ -170,14 +170,14 @@ SepPrivilegeCheck (PTOKEN Token,

 NTSTATUS
 NTAPI
-SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src,
+SeCaptureLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Src,
                                ULONG PrivilegeCount,
                                KPROCESSOR_MODE PreviousMode,
                                PLUID_AND_ATTRIBUTES AllocatedMem,
                                ULONG AllocatedLength,
                                POOL_TYPE PoolType,
                                BOOLEAN CaptureIfKernel,
-                                 PLUID_AND_ATTRIBUTES* Dest,
+                                PLUID_AND_ATTRIBUTES *Dest,
                                PULONG Length)
 {
    ULONG BufferSize;
@ -236,7 +236,6 @@ SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src,
    {
        *Dest = ExAllocatePool(PoolType,
                               BufferSize);
-        
        if (*Dest == NULL)
        {
            return STATUS_INSUFFICIENT_RESOURCES;
@ -266,7 +265,7 @@ SeCaptureLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Src,

 VOID
 NTAPI
-SeReleaseLuidAndAttributesArray (PLUID_AND_ATTRIBUTES Privilege,
+SeReleaseLuidAndAttributesArray(PLUID_AND_ATTRIBUTES Privilege,
                                KPROCESSOR_MODE PreviousMode,
                                BOOLEAN CaptureIfKernel)
 {
@ -307,8 +306,9 @@ SeFreePrivileges(IN PPRIVILEGE_SET Privileges)
 /*
 * @implemented
 */
-BOOLEAN NTAPI
-SePrivilegeCheck (PPRIVILEGE_SET Privileges,
+BOOLEAN
+NTAPI
+SePrivilegeCheck(PPRIVILEGE_SET Privileges,
                 PSECURITY_SUBJECT_CONTEXT SubjectContext,
                 KPROCESSOR_MODE PreviousMode)
 {
@ -329,7 +329,7 @@ SePrivilegeCheck (PPRIVILEGE_SET Privileges,
        }
    }

-    return SepPrivilegeCheck (Token,
+    return SepPrivilegeCheck(Token,
                             Privileges->Privilege,
                             Privileges->PrivilegeCount,
                             Privileges->Control,
@ -339,8 +339,9 @@ SePrivilegeCheck (PPRIVILEGE_SET Privileges,
 /*
 * @implemented
 */
-BOOLEAN NTAPI
-SeSinglePrivilegeCheck (IN LUID PrivilegeValue,
+BOOLEAN
+NTAPI
+SeSinglePrivilegeCheck(IN LUID PrivilegeValue,
                       IN KPROCESSOR_MODE PreviousMode)
 {
    SECURITY_SUBJECT_CONTEXT SubjectContext;
@ -349,35 +350,36 @@ SeSinglePrivilegeCheck (IN LUID PrivilegeValue,

    PAGED_CODE();

-    SeCaptureSubjectContext (&SubjectContext);
+    SeCaptureSubjectContext(&SubjectContext);

    Priv.PrivilegeCount = 1;
    Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
    Priv.Privilege[0].Luid = PrivilegeValue;
    Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;

-    Result = SePrivilegeCheck (&Priv,
+    Result = SePrivilegeCheck(&Priv,
                              &SubjectContext,
                              PreviousMode);

    if (PreviousMode != KernelMode)
    {
 #if 0
-        SePrivilegedServiceAuditAlarm (0,
+        SePrivilegedServiceAuditAlarm(0,
                                      &SubjectContext,
                                      &PrivilegeValue);
 #endif
    }

-    SeReleaseSubjectContext (&SubjectContext);
+    SeReleaseSubjectContext(&SubjectContext);

    return Result;
 }

 /* SYSTEM CALLS ***************************************************************/

-NTSTATUS NTAPI
-NtPrivilegeCheck (IN HANDLE ClientToken,
+NTSTATUS
+NTAPI
+NtPrivilegeCheck(IN HANDLE ClientToken,
                 IN PPRIVILEGE_SET RequiredPrivileges,
                 OUT PBOOLEAN Result)
 {
@ -438,7 +440,7 @@ NtPrivilegeCheck (IN HANDLE ClientToken,

    /* reference the token and make sure we're
     not doing an anonymous impersonation */
-    Status = ObReferenceObjectByHandle (ClientToken,
+    Status = ObReferenceObjectByHandle(ClientToken,
                                       TOKEN_QUERY,
                                       SepTokenObjectType,
                                       PreviousMode,
@ -452,12 +454,12 @@ NtPrivilegeCheck (IN HANDLE ClientToken,
    if (Token->TokenType == TokenImpersonation &&
        Token->ImpersonationLevel < SecurityIdentification)
    {
-        ObDereferenceObject (Token);
+        ObDereferenceObject(Token);
        return STATUS_BAD_IMPERSONATION_LEVEL;
    }

    /* capture the privileges */
-    Status = SeCaptureLuidAndAttributesArray (RequiredPrivileges->Privilege,
+    Status = SeCaptureLuidAndAttributesArray(RequiredPrivileges->Privilege,
                                             PrivilegeCount,
                                             PreviousMode,
                                             NULL,
@ -472,13 +474,13 @@ NtPrivilegeCheck (IN HANDLE ClientToken,
        return Status;
    }

-    CheckResult = SepPrivilegeCheck (Token,
+    CheckResult = SepPrivilegeCheck(Token,
                                    Privileges,
                                    PrivilegeCount,
                                    PrivilegeControl,
                                    PreviousMode);

-    ObDereferenceObject (Token);
+    ObDereferenceObject(Token);

    /* return the array */
    _SEH2_TRY
@ -495,12 +497,11 @@ NtPrivilegeCheck (IN HANDLE ClientToken,
    }
    _SEH2_END;

-    SeReleaseLuidAndAttributesArray (Privileges,
+    SeReleaseLuidAndAttributesArray(Privileges,
                                    PreviousMode,
                                    TRUE);

    return Status;
 }

-
 /* EOF */
--- a/reactos/ntoskrnl/se/sd.c
+++ b/reactos/ntoskrnl/se/sd.c
@ -227,9 +227,9 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIO
    ASSERT(CapturedSecurityQualityOfService);
    ASSERT(Present);

-    if(ObjectAttributes != NULL)
+    if (ObjectAttributes != NULL)
    {
-        if(AccessMode != KernelMode)
+        if (AccessMode != KernelMode)
        {
            SECURITY_QUALITY_OF_SERVICE SafeQos;

@ -238,15 +238,15 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIO
                ProbeForRead(ObjectAttributes,
                             sizeof(OBJECT_ATTRIBUTES),
                             sizeof(ULONG));
-                if(ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
+                if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
                {
-                    if(ObjectAttributes->SecurityQualityOfService != NULL)
+                    if (ObjectAttributes->SecurityQualityOfService != NULL)
                    {
                        ProbeForRead(ObjectAttributes->SecurityQualityOfService,
                                     sizeof(SECURITY_QUALITY_OF_SERVICE),
                                     sizeof(ULONG));
                        
-                        if(((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
+                        if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
                            sizeof(SECURITY_QUALITY_OF_SERVICE))
                        {
                            /* don't allocate memory here because ExAllocate should bugcheck
@ -279,13 +279,13 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIO
            }
            _SEH2_END;

-            if(NT_SUCCESS(Status))
+            if (NT_SUCCESS(Status))
            {
-                if(*Present)
+                if (*Present)
                {
                    CapturedQos = ExAllocatePool(PoolType,
                                                 sizeof(SECURITY_QUALITY_OF_SERVICE));
-                    if(CapturedQos != NULL)
+                    if (CapturedQos != NULL)
                    {
                        RtlCopyMemory(CapturedQos,
                                      &SafeQos,
@ -305,18 +305,18 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIO
        }
        else
        {
-            if(ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
+            if (ObjectAttributes->Length == sizeof(OBJECT_ATTRIBUTES))
            {
-                if(CaptureIfKernel)
+                if (CaptureIfKernel)
                {
-                    if(ObjectAttributes->SecurityQualityOfService != NULL)
+                    if (ObjectAttributes->SecurityQualityOfService != NULL)
                    {
-                        if(((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
+                        if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
                            sizeof(SECURITY_QUALITY_OF_SERVICE))
                        {
                            CapturedQos = ExAllocatePool(PoolType,
                                                         sizeof(SECURITY_QUALITY_OF_SERVICE));
-                            if(CapturedQos != NULL)
+                            if (CapturedQos != NULL)
                            {
                                RtlCopyMemory(CapturedQos,
                                              ObjectAttributes->SecurityQualityOfService,
@ -370,7 +370,7 @@ SepReleaseSecurityQualityOfService(IN PSECURITY_QUALITY_OF_SERVICE CapturedSecur
 {
    PAGED_CODE();

-    if(CapturedSecurityQualityOfService != NULL &&
+    if (CapturedSecurityQualityOfService != NULL &&
        (AccessMode != KernelMode || CaptureIfKernel))
    {
        ExFreePool(CapturedSecurityQualityOfService);
@ -399,9 +399,9 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
    ULONG DescriptorSize = 0;
    NTSTATUS Status;

-    if(OriginalSecurityDescriptor != NULL)
+    if (OriginalSecurityDescriptor != NULL)
    {
-        if(CurrentMode != KernelMode)
+        if (CurrentMode != KernelMode)
        {
            RtlZeroMemory(&DescriptorCopy, sizeof(DescriptorCopy));

@ -415,7 +415,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
                             DescriptorSize,
                             sizeof(ULONG));

-                if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
+                if (OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
                {
                    _SEH2_YIELD(return STATUS_UNKNOWN_REVISION);
                }
@ -432,7 +432,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
                ProbeForRead(OriginalSecurityDescriptor,
                             DescriptorSize,
                             sizeof(ULONG));
-                if(DescriptorCopy.Control & SE_SELF_RELATIVE)
+                if (DescriptorCopy.Control & SE_SELF_RELATIVE)
                {
                    PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
                    
@ -456,9 +456,9 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
            }
            _SEH2_END;
        }
-        else if(!CaptureIfKernel)
+        else if (!CaptureIfKernel)
        {
-            if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
+            if (OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
            {
                return STATUS_UNKNOWN_REVISION;
            }
@ -479,7 +479,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
            DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
            DescriptorSize = ((DescriptorCopy.Control & SE_SELF_RELATIVE) ?
                              sizeof(SECURITY_DESCRIPTOR_RELATIVE) : sizeof(SECURITY_DESCRIPTOR));
-            if(DescriptorCopy.Control & SE_SELF_RELATIVE)
+            if (DescriptorCopy.Control & SE_SELF_RELATIVE)
            {
                PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
                
@ -497,25 +497,25 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
            }
        }

-        if(DescriptorCopy.Control & SE_SELF_RELATIVE)
+        if (DescriptorCopy.Control & SE_SELF_RELATIVE)
        {
            /* in case we're dealing with a self-relative descriptor, do a basic convert
             to an absolute descriptor. We do this so we can simply access the data
             using the pointers without calculating them again. */
            DescriptorCopy.Control &= ~SE_SELF_RELATIVE;
-            if(DescriptorCopy.Owner != NULL)
+            if (DescriptorCopy.Owner != NULL)
            {
                DescriptorCopy.Owner = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Owner);
            }
-            if(DescriptorCopy.Group != NULL)
+            if (DescriptorCopy.Group != NULL)
            {
                DescriptorCopy.Group = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Group);
            }
-            if(DescriptorCopy.Dacl != NULL)
+            if (DescriptorCopy.Dacl != NULL)
            {
                DescriptorCopy.Dacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Dacl);
            }
-            if(DescriptorCopy.Sacl != NULL)
+            if (DescriptorCopy.Sacl != NULL)
            {
                DescriptorCopy.Sacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Sacl);
            }
@ -683,7 +683,6 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG));                       \
             to the caller */
            *CapturedSecurityDescriptor = NewDescriptor;
            return STATUS_SUCCESS;
-
        }
        else
        {
@ -899,13 +898,14 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
    {
        if (SecurityDescriptor->Owner != NULL)
        {
-            if( SecurityDescriptor->Control & SE_SELF_RELATIVE )
+            if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
                Owner = (PSID)((ULONG_PTR)SecurityDescriptor->Owner +
                               (ULONG_PTR)SecurityDescriptor);
            else
                Owner = (PSID)SecurityDescriptor->Owner;
            OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
        }
+
        Control |= (SecurityDescriptor->Control & SE_OWNER_DEFAULTED);
    }
    else
@ -915,6 +915,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
            Owner = (PSID)((ULONG_PTR)ObjectSd->Owner + (ULONG_PTR)ObjectSd);
            OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
        }
+
        Control |= (ObjectSd->Control & SE_OWNER_DEFAULTED);
    }
    
@ -930,6 +931,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
                Group = (PSID)SecurityDescriptor->Group;
            GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
        }
+
        Control |= (SecurityDescriptor->Control & SE_GROUP_DEFAULTED);
    }
    else
@ -939,6 +941,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
            Group = (PSID)((ULONG_PTR)ObjectSd->Group + (ULONG_PTR)ObjectSd);
            GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
        }
+
        Control |= (ObjectSd->Control & SE_GROUP_DEFAULTED);
    }

@ -956,6 +959,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,

            DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
        }
+
        Control |= (SecurityDescriptor->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
    }
    else
@ -966,6 +970,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
            Dacl = (PACL)((ULONG_PTR)ObjectSd->Dacl + (ULONG_PTR)ObjectSd);
            DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
        }
+
        Control |= (ObjectSd->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
    }
    
@ -982,6 +987,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
                Sacl = (PACL)SecurityDescriptor->Sacl;
            SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
        }
+
        Control |= (SecurityDescriptor->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
    }
    else
@ -992,6 +998,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
            Sacl = (PACL)((ULONG_PTR)ObjectSd->Sacl + (ULONG_PTR)ObjectSd);
            SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
        }
+
        Control |= (ObjectSd->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
    }

@ -1006,6 +1013,7 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,

    RtlCreateSecurityDescriptor(NewSd,
                                SECURITY_DESCRIPTOR_REVISION1);
+
    /* We always build a self-relative descriptor */
    NewSd->Control = (USHORT)Control | SE_SELF_RELATIVE;

@ -1288,7 +1296,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
        Token = SubjectContext->PrimaryToken;
    }

-    
    /* Inherit the Owner SID */
    if (ExplicitDescriptor != NULL && ExplicitDescriptor->Owner != NULL)
    {
@ -1298,7 +1305,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
        if (ExplicitDescriptor->Control & SE_SELF_RELATIVE)
        {
            Owner = (PSID)(((ULONG_PTR)Owner) + (ULONG_PTR)ExplicitDescriptor);
-            
        }
    }
    else
@ -1319,7 +1325,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,

    OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);

-    
    /* Inherit the Group SID */
    if (ExplicitDescriptor != NULL && ExplicitDescriptor->Group != NULL)
    {
@ -1348,7 +1353,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,

    GroupLength = ROUND_UP(RtlLengthSid(Group), 4);

-    
    /* Inherit the DACL */
    if (ExplicitDescriptor != NULL &&
        (ExplicitDescriptor->Control & SE_DACL_PRESENT) &&
@ -1373,6 +1377,7 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
        {
            Dacl = (PACL)(((ULONG_PTR)Dacl) + (ULONG_PTR)ParentDescriptor);
        }
+
        Control |= (SE_DACL_PRESENT | SE_DACL_DEFAULTED);
    }
    else if (Token != NULL && Token->DefaultDacl != NULL)
@ -1391,7 +1396,6 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,

    DaclLength = (Dacl != NULL) ? ROUND_UP(Dacl->AclSize, 4) : 0;

-    
    /* Inherit the SACL */
    if (ExplicitDescriptor != NULL &&
        (ExplicitDescriptor->Control & SE_SACL_PRESENT) &&
@ -1416,12 +1420,12 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
        {
            Sacl = (PACL)(((ULONG_PTR)Sacl) + (ULONG_PTR)ParentDescriptor);
        }
+
        Control |= (SE_SACL_PRESENT | SE_SACL_DEFAULTED);
    }

    SaclLength = (Sacl != NULL) ? ROUND_UP(Sacl->AclSize, 4) : 0;

-    
    /* Allocate and initialize the new security descriptor */
    Length = sizeof(SECURITY_DESCRIPTOR) +
    OwnerLength + GroupLength + DaclLength + SaclLength;
@ -1479,7 +1483,9 @@ SeAssignSecurity(PSECURITY_DESCRIPTOR _ParentDescriptor OPTIONAL,
        DPRINT("Owner of %x at %x\n", Descriptor, Descriptor->Owner);
    }
    else
+    {
        DPRINT("Owner of %x is zero length\n", Descriptor);
+    }

    if (GroupLength != 0)
    {
--- a/reactos/ntoskrnl/se/semgr.c
+++ b/reactos/ntoskrnl/se/semgr.c
@ -17,13 +17,15 @@

 PSE_EXPORTS SeExports = NULL;
 SE_EXPORTS SepExports;
+ULONG SidInTokenCalls = 0;

 extern ULONG ExpInitializationPhase;
 extern ERESOURCE SepSubjectContextLock;

 /* PRIVATE FUNCTIONS **********************************************************/

-static BOOLEAN INIT_FUNCTION
+static BOOLEAN
+INIT_FUNCTION
 SepInitExports(VOID)
 {
    SepExports.SeCreateTokenPrivilege = SeCreateTokenPrivilege;
@ -118,6 +120,7 @@ NTAPI
 SepInitializationPhase1(VOID)
 {
    NTSTATUS Status;
+
    PAGED_CODE();

    /* Insert the system token into the tree */
@ -279,8 +282,6 @@ SeDefaultObjectMethod(IN PVOID Object,
    return STATUS_SUCCESS;
 }

-ULONG SidInTokenCalls = 0;
-
 static BOOLEAN
 SepSidInToken(PACCESS_TOKEN _Token,
              PSID Sid)
@ -340,7 +341,8 @@ SepTokenIsOwner(PACCESS_TOKEN Token,
    return SepSidInToken(Token, Sid);
 }

-VOID NTAPI
+VOID
+NTAPI
 SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
                          OUT PACCESS_MASK DesiredAccess)
 {
@ -351,13 +353,15 @@ SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
    {
        *DesiredAccess |= READ_CONTROL;
    }
+
    if (SecurityInformation & SACL_SECURITY_INFORMATION)
    {
        *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
    }
 }

-VOID NTAPI
+VOID
+NTAPI
 SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
                        OUT PACCESS_MASK DesiredAccess)
 {
@ -367,10 +371,12 @@ SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
    {
        *DesiredAccess |= WRITE_OWNER;
    }
+
    if (SecurityInformation & DACL_SECURITY_INFORMATION)
    {
        *DesiredAccess |= WRITE_DAC;
    }
+
    if (SecurityInformation & SACL_SECURITY_INFORMATION)
    {
        *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
@ -763,7 +769,8 @@ SepGetSDGroup(IN PSECURITY_DESCRIPTOR _SecurityDescriptor)
 /*
 * @implemented
 */
-BOOLEAN NTAPI
+BOOLEAN
+NTAPI
 SeAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
              IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
              IN BOOLEAN SubjectContextLocked,
--- a/reactos/ntoskrnl/se/sid.c
+++ b/reactos/ntoskrnl/se/sid.c
@ -150,7 +150,7 @@ SepInitSecurityIDs(VOID)
        SeAnonymousLogonSid == NULL)
    {
        FreeInitializedSids();
-        return(FALSE);
+        return FALSE;
    }

    RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
@ -253,7 +253,7 @@ SepInitSecurityIDs(VOID)
    SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
    *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;

-    return(TRUE);
+    return TRUE;
 }

 NTSTATUS
@ -293,7 +293,7 @@ SepCaptureSid(IN PSID InputSid,
        /* allocate a SID and copy it */
        NewSid = ExAllocatePool(PoolType,
                                SidSize);
-        if(NewSid != NULL)
+        if (NewSid != NULL)
        {
            _SEH2_TRY
            {
@ -316,7 +316,7 @@ SepCaptureSid(IN PSID InputSid,
            Status = STATUS_INSUFFICIENT_RESOURCES;
        }
    }
-    else if(!CaptureIfKernel)
+    else if (!CaptureIfKernel)
    {
        *CapturedSid = InputSid;
        return STATUS_SUCCESS;
@ -328,7 +328,7 @@ SepCaptureSid(IN PSID InputSid,
        /* allocate a SID and copy it */
        NewSid = ExAllocatePool(PoolType,
                                SidSize);
-        if(NewSid != NULL)
+        if (NewSid != NULL)
        {
            RtlCopyMemory(NewSid,
                          Sid,
@ -353,7 +353,7 @@ SepReleaseSid(IN PSID CapturedSid,
 {
    PAGED_CODE();

-    if(CapturedSid != NULL &&
+    if (CapturedSid != NULL &&
        (AccessMode != KernelMode ||
         (AccessMode == KernelMode && CaptureIfKernel)))
    {
--- a/reactos/ntoskrnl/se/token.c
+++ b/reactos/ntoskrnl/se/token.c
@ -25,10 +25,12 @@ ERESOURCE SepTokenLock;
 TOKEN_SOURCE SeSystemTokenSource = {"*SYSTEM*", {0}};
 LUID SeSystemAuthenticationId = SYSTEM_LUID;

-static GENERIC_MAPPING SepTokenMapping = {TOKEN_READ,
+static GENERIC_MAPPING SepTokenMapping = {
+    TOKEN_READ,
    TOKEN_WRITE,
    TOKEN_EXECUTE,
-TOKEN_ALL_ACCESS};
+    TOKEN_ALL_ACCESS
+};

 static const INFORMATION_CLASS_INFO SeTokenInformationClass[] = {

@ -108,10 +110,11 @@ SepFreeProxyData(PVOID ProxyData)

 NTSTATUS
 NTAPI
-SepCopyProxyData(PVOID* Dest, PVOID Src)
+SepCopyProxyData(PVOID* Dest,
+                 PVOID Src)
 {
    UNIMPLEMENTED;
-    return(STATUS_NOT_IMPLEMENTED);
+    return STATUS_NOT_IMPLEMENTED;
 }

 NTSTATUS
@ -170,7 +173,7 @@ RtlLengthSidAndAttributes(ULONG Count,
    for (i = 0; i < Count; i++)
        uLength += RtlLengthSid(Src[i].Sid);

-    return(uLength);
+    return uLength;
 }


@ -214,7 +217,7 @@ SepFindPrimaryGroupAndDefaultOwner(PTOKEN Token,
        return(STATUS_INVALID_PRIMARY_GROUP);
    }

-    return(STATUS_SUCCESS);
+    return STATUS_SUCCESS;
 }


@ -248,7 +251,7 @@ SepDuplicateToken(PTOKEN Token,
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("ObCreateObject() failed (Status %lx)\n", Status);
-        return(Status);
+        return Status;
    }

    /* Zero out the buffer */
@ -258,14 +261,14 @@ SepDuplicateToken(PTOKEN Token,
    if (!NT_SUCCESS(Status))
    {
        ObDereferenceObject(AccessToken);
-        return(Status);
+        return Status;
    }

    Status = ZwAllocateLocallyUniqueId(&AccessToken->ModifiedId);
    if (!NT_SUCCESS(Status))
    {
        ObDereferenceObject(AccessToken);
-        return(Status);
+        return Status;
    }

    AccessToken->TokenLock = &SepTokenLock;
@ -327,7 +330,7 @@ SepDuplicateToken(PTOKEN Token,
            Token->Privileges[i].Attributes;
        }

-        if ( Token->DefaultDacl )
+        if (Token->DefaultDacl)
        {
            AccessToken->DefaultDacl =
            (PACL) ExAllocatePoolWithTag(PagedPool,
@ -339,13 +342,13 @@ SepDuplicateToken(PTOKEN Token,
        }
    }

-    if ( NT_SUCCESS(Status) )
+    if (NT_SUCCESS(Status))
    {
        *NewAccessToken = AccessToken;
        return(STATUS_SUCCESS);
    }

-    return(Status);
+    return Status;
 }

 NTSTATUS
@ -447,10 +450,11 @@ SeCopyClientToken(IN PACCESS_TOKEN Token,
                               PreviousMode,
                               (PTOKEN*)NewToken);

-    return(Status);
+    return Status;
 }

-VOID NTAPI
+VOID
+NTAPI
 SepDeleteToken(PVOID ObjectBody)
 {
    PTOKEN AccessToken = (PTOKEN)ObjectBody;
@ -577,11 +581,11 @@ SepCreateToken(OUT PHANDLE TokenHandle,

    Status = ZwAllocateLocallyUniqueId(&TokenId);
    if (!NT_SUCCESS(Status))
-        return(Status);
+        return Status;

    Status = ZwAllocateLocallyUniqueId(&ModifiedId);
    if (!NT_SUCCESS(Status))
-        return(Status);
+        return Status;

    Status = ObCreateObject(PreviousMode,
                            SepTokenObjectType,
@ -595,7 +599,7 @@ SepCreateToken(OUT PHANDLE TokenHandle,
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("ObCreateObject() failed (Status %lx)\n");
-        return(Status);
+        return Status;
    }

    /* Zero out the buffer */
@ -708,8 +712,7 @@ SepCreateToken(OUT PHANDLE TokenHandle,

    if (!SystemToken)
    {
-        
-        Status = ObInsertObject ((PVOID)AccessToken,
+        Status = ObInsertObject((PVOID)AccessToken,
                                NULL,
                                DesiredAccess,
                                0,
@ -915,7 +918,8 @@ SeQuerySessionIdToken(IN PACCESS_TOKEN Token,
 /*
 * @implemented
 */
-NTSTATUS NTAPI
+NTSTATUS
+NTAPI
 SeQueryAuthenticationIdToken(IN PACCESS_TOKEN Token,
                             OUT PLUID LogonId)
 {
@ -960,6 +964,7 @@ NTAPI
 SeTokenIsAdmin(IN PACCESS_TOKEN Token)
 {
    PAGED_CODE();
+
    return (((PTOKEN)Token)->TokenFlags & TOKEN_WRITE_RESTRICTED) != 0;
 }

@ -971,6 +976,7 @@ NTAPI
 SeTokenIsRestricted(IN PACCESS_TOKEN Token)
 {
    PAGED_CODE();
+
    return (((PTOKEN)Token)->TokenFlags & TOKEN_IS_RESTRICTED) != 0;
 }

@ -982,6 +988,7 @@ NTAPI
 SeTokenIsWriteRestricted(IN PACCESS_TOKEN Token)
 {
    PAGED_CODE();
+
    return (((PTOKEN)Token)->TokenFlags & TOKEN_HAS_RESTORE_PRIVILEGE) != 0;
 }

@ -1020,8 +1027,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                                         ReturnLength,
                                         NULL,
                                         PreviousMode);
-    
-    if(!NT_SUCCESS(Status))
+    if (!NT_SUCCESS(Status))
    {
        DPRINT("NtQueryInformationToken() failed, Status: 0x%x\n", Status);
        return Status;
@ -1047,7 +1053,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        Status = RtlCopySidAndAttributesArray(1,
                                                              &Token->UserAndGroups[0],
@ -1062,7 +1068,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1086,7 +1092,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        ULONG SidLen = RequiredLength - sizeof(tg->GroupCount) -
                        ((Token->UserAndGroupCount - 1) * sizeof(SID_AND_ATTRIBUTES));
@ -1107,7 +1113,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1131,7 +1137,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        tp->PrivilegeCount = Token->PrivilegeCount;
                        RtlCopyLuidAndAttributesArray(Token->PrivilegeCount,
@ -1143,7 +1149,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1168,7 +1174,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        to->Owner = (PSID)(to + 1);
                        Status = RtlCopySid(SidLen,
@ -1180,7 +1186,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1205,7 +1211,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        tpg->PrimaryGroup = (PSID)(tpg + 1);
                        Status = RtlCopySid(SidLen,
@ -1217,7 +1223,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1238,16 +1244,16 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                DPRINT("NtQueryInformationToken(TokenDefaultDacl)\n");
                RequiredLength = sizeof(TOKEN_DEFAULT_DACL);

-                if(Token->DefaultDacl != NULL)
+                if (Token->DefaultDacl != NULL)
                {
                    RequiredLength += Token->DefaultDacl->AclSize;
                }

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
-                        if(Token->DefaultDacl != NULL)
+                        if (Token->DefaultDacl != NULL)
                        {
                            tdd->DefaultDacl = (PACL)(tdd + 1);
                            RtlCopyMemory(tdd->DefaultDacl,
@ -1264,7 +1270,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1287,7 +1293,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        *ts = Token->TokenSource;
                    }
@ -1296,7 +1302,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1319,7 +1325,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        *tt = Token->TokenType;
                    }
@ -1328,7 +1334,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1359,7 +1365,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        *sil = Token->ImpersonationLevel;
                    }
@ -1368,7 +1374,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1391,7 +1397,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        ts->TokenId = Token->TokenId;
                        ts->AuthenticationId = Token->AuthenticationId;
@ -1409,7 +1415,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1432,7 +1438,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        RtlCopyLuid(&to->OriginatingLogonSession,
                                    &Token->AuthenticationId);
@ -1442,7 +1448,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1471,7 +1477,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,

                _SEH2_TRY
                {
-                    if(TokenInformationLength >= RequiredLength)
+                    if (TokenInformationLength >= RequiredLength)
                    {
                        ULONG SidLen = RequiredLength - sizeof(tg->GroupCount) -
                        (Token->RestrictedSidCount * sizeof(SID_AND_ATTRIBUTES));
@ -1492,7 +1498,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                        Status = STATUS_BUFFER_TOO_SMALL;
                    }

-                    if(ReturnLength != NULL)
+                    if (ReturnLength != NULL)
                    {
                        *ReturnLength = RequiredLength;
                    }
@ -1520,14 +1526,14 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
                Status = SeQuerySessionIdToken(Token,
                                               &SessionId);

-                if(NT_SUCCESS(Status))
+                if (NT_SUCCESS(Status))
                {
                    _SEH2_TRY
                    {
                        /* buffer size was already verified, no need to check here again */
                        *(PULONG)TokenInformation = SessionId;

-                        if(ReturnLength != NULL)
+                        if (ReturnLength != NULL)
                        {
                            *ReturnLength = sizeof(ULONG);
                        }
@ -1551,7 +1557,7 @@ NtQueryInformationToken(IN HANDLE TokenHandle,
        ObDereferenceObject(Token);
    }

-    return(Status);
+    return Status;
 }


@ -1582,15 +1588,14 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                                       TokenInformation,
                                       TokenInformationLength,
                                       PreviousMode);
-    
-    if(!NT_SUCCESS(Status))
+    if (!NT_SUCCESS(Status))
    {
        /* Invalid buffers */
        DPRINT("NtSetInformationToken() failed, Status: 0x%x\n", Status);
        return Status;
    }

-    if(TokenInformationClass == TokenSessionId)
+    if (TokenInformationClass == TokenSessionId)
    {
        NeededAccess |= TOKEN_ADJUST_SESSIONID;
    }
@ -1607,7 +1612,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
        {
            case TokenOwner:
            {
-                if(TokenInformationLength >= sizeof(TOKEN_OWNER))
+                if (TokenInformationLength >= sizeof(TOKEN_OWNER))
                {
                    PTOKEN_OWNER to = (PTOKEN_OWNER)TokenInformation;
                    PSID InputSid = NULL, CapturedSid;
@ -1627,7 +1632,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                                           PagedPool,
                                           FALSE,
                                           &CapturedSid);
-                    if(NT_SUCCESS(Status))
+                    if (NT_SUCCESS(Status))
                    {
                        RtlCopySid(RtlLengthSid(CapturedSid),
                                   Token->UserAndGroups[Token->DefaultOwnerIndex].Sid,
@ -1646,7 +1651,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,

            case TokenPrimaryGroup:
            {
-                if(TokenInformationLength >= sizeof(TOKEN_PRIMARY_GROUP))
+                if (TokenInformationLength >= sizeof(TOKEN_PRIMARY_GROUP))
                {
                    PTOKEN_PRIMARY_GROUP tpg = (PTOKEN_PRIMARY_GROUP)TokenInformation;
                    PSID InputSid = NULL, CapturedSid;
@ -1666,7 +1671,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                                           PagedPool,
                                           FALSE,
                                           &CapturedSid);
-                    if(NT_SUCCESS(Status))
+                    if (NT_SUCCESS(Status))
                    {
                        RtlCopySid(RtlLengthSid(CapturedSid),
                                   Token->PrimaryGroup,
@ -1685,7 +1690,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,

            case TokenDefaultDacl:
            {
-                if(TokenInformationLength >= sizeof(TOKEN_DEFAULT_DACL))
+                if (TokenInformationLength >= sizeof(TOKEN_DEFAULT_DACL))
                {
                    PTOKEN_DEFAULT_DACL tdd = (PTOKEN_DEFAULT_DACL)TokenInformation;
                    PACL InputAcl = NULL;
@ -1700,7 +1705,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                    }
                    _SEH2_END;

-                    if(InputAcl != NULL)
+                    if (InputAcl != NULL)
                    {
                        PACL CapturedAcl;

@ -1710,7 +1715,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                                               PagedPool,
                                               TRUE,
                                               &CapturedAcl);
-                        if(NT_SUCCESS(Status))
+                        if (NT_SUCCESS(Status))
                        {
                            /* free the previous dacl if present */
                            if(Token->DefaultDacl != NULL)
@ -1725,7 +1730,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                    else
                    {
                        /* clear and free the default dacl if present */
-                        if(Token->DefaultDacl != NULL)
+                        if (Token->DefaultDacl != NULL)
                        {
                            ExFreePool(Token->DefaultDacl);
                            Token->DefaultDacl = NULL;
@ -1754,7 +1759,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                }
                _SEH2_END;

-                if(!SeSinglePrivilegeCheck(SeTcbPrivilege,
+                if (!SeSinglePrivilegeCheck(SeTcbPrivilege,
                                            PreviousMode))
                {
                    Status = STATUS_PRIVILEGE_NOT_HELD;
@ -1775,7 +1780,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
        ObDereferenceObject(Token);
    }

-    return(Status);
+    return Status;
 }


@ -1827,7 +1832,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
                                                FALSE,
                                                &CapturedSecurityQualityOfService,
                                                &QoSPresent);
-    if(!NT_SUCCESS(Status))
+    if (!NT_SUCCESS(Status))
    {
        DPRINT1("NtDuplicateToken() failed to capture QoS! Status: 0x%x\n", Status);
        return Status;
@ -1899,7 +1904,7 @@ NtAdjustGroupsToken(IN HANDLE TokenHandle,
 * @implemented
 */
 NTSTATUS NTAPI
-NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
+NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
                        IN BOOLEAN DisableAllPrivileges,
                        IN PTOKEN_PRIVILEGES NewState,
                        IN ULONG BufferLength,
@ -1997,6 +2002,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
                         * accordingly and fail.
                         */
                    }
+
                    k++;
                }

@ -2004,6 +2010,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
                Token->Privileges[i].Attributes &= ~SE_PRIVILEGE_ENABLED;
            }
        }
+
        Status = STATUS_SUCCESS;
    }
    else
@ -2042,6 +2049,7 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
                                 * accordingly and fail.
                                 */
                            }
+
                            k++;
                        }

@ -2052,10 +2060,12 @@ NtAdjustPrivilegesToken (IN HANDLE TokenHandle,
                        DPRINT ("New attributes %lx\n",
                                Token->Privileges[i].Attributes);
                    }
+
                    Count++;
                }
            }
        }
+
        Status = Count < NewState->PrivilegeCount ? STATUS_NOT_ALL_ASSIGNED : STATUS_SUCCESS;
    }

@ -2102,7 +2112,7 @@ NtCreateToken(OUT PHANDLE TokenHandle,

    PreviousMode = ExGetPreviousMode();

-    if(PreviousMode != KernelMode)
+    if (PreviousMode != KernelMode)
    {
        _SEH2_TRY
        {
@ -2324,7 +2334,7 @@ NtOpenThreadTokenEx(IN HANDLE ThreadHandle,

    if (CopyOnOpen && NewThread) ObDereferenceObject(NewThread);

-    if(NT_SUCCESS(Status))
+    if (NT_SUCCESS(Status))
    {
        _SEH2_TRY
        {