- Deal with expanded paths only when loading icons. If the user specifies
an unexpanded path to a module containing icons, this unexpanded path
is returned to the caller!
- Perform the dialog cleanup in WM_DESTROY message handler.
- When pressing ENTER/OK in the dialog box, retrieve the selected icon and
close the dialog *ONLY WHEN* the user actually has selected an icon.
If the user modified manually the module path, pressing ENTER/OK instead
reloads the icons list.
This leaked at least one IRP for every write, making it the largest leak when
running with BTRFS as the system volume.
Thanks to Victor Perevertkin.
Submitted upstream thanks to Pierre:
https://github.com/maharmstone/btrfs/pull/106
IopCloseFile can be called by IopDeleteFile. In that situation, it
doesn't set any process as first parameter. Furthermore, we are in a
situation where it's not required to lock the file object (see the
assert before the call).
- Flush the new control set after the control set has been created.
- Make sure that we create a new control set only on the first boot after setup.
- Move the control set copy code to a separate function.
- Get rid of the global control set values.
- Check whether the user-provided token is a primary token.
- Do not fail when the RtlAdjustPrivilege() call fails (see the code
comment for an explanation). TL;DR is: that call may indeed fail but
the privilege may also not be necessary because the user-provided
token is a restricted version of the caller's primary token.
And this is situation is perfectly fine.
This fixes Java 7 installation, CORE-14874.
- SeIsTokenChild(): Correctly check whether a caller-provided token
is a child from the current process' primary token by looking at
its ParentTokenId member.
- Add a SeIsTokenSibling() helper to determine whether a caller-provided
token and the current process' primary token are siblings, by comparing
their ParentTokenId's and AuthenticationId's.
NOTE: Children tokens are created through CreateRestrictedToken();
sibling tokens are created through DuplicateToken() (amongst others).
See slide 49 of https://www.slideshare.net/Shakacon/social-engineering-the-windows-kernel-by-james-forshaw
or https://googleprojectzero.blogspot.com/2016/01/raising-dead.html
for some details.
