[NTOSKRNL]

NtDuplicateToken: If the called does not provide any desired access rights the duplicate token will inherit the granted rights of the original token. svn path=/trunk/; revision=47535
2025-01-13 01:22:03 +00:00 · 2010-06-03 13:36:50 +00:00 · 2010-06-03 13:36:50 +00:00 · fc20aaf185
commit fc20aaf185
parent 65435e1b84
1 changed files with 3 additions and 2 deletions
--- a/reactos/ntoskrnl/se/token.c
+++ b/reactos/ntoskrnl/se/token.c
@ -1806,6 +1806,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
    PTOKEN NewToken;
    PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService;
    BOOLEAN QoSPresent;
+    OBJECT_HANDLE_INFORMATION HandleInformation;
    NTSTATUS Status;

    PAGED_CODE();
@ -1843,7 +1844,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
                                       SepTokenObjectType,
                                       PreviousMode,
                                       (PVOID*)&Token,
-                                       NULL);
+                                       &HandleInformation);
    if (!NT_SUCCESS(Status))
    {
        SepReleaseSecurityQualityOfService(CapturedSecurityQualityOfService,
@ -1884,7 +1885,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
    {
        Status = ObInsertObject((PVOID)NewToken,
                                NULL,
-                                DesiredAccess,
+                                (DesiredAccess ? DesiredAccess : HandleInformation.GrantedAccess),
                                0,
                                NULL,
                                &hToken);