/* GLOBALS ********************************************************************/
-POBJECT_TYPE SepTokenObjectType = NULL;
+POBJECT_TYPE SeTokenObjectType = NULL;
ERESOURCE SepTokenLock;
TOKEN_SOURCE SeSystemTokenSource = {"*SYSTEM*", {0}};
ULONG uLength;
ULONG i;
PVOID EndMem;
- PTOKEN AccessToken;
+ PTOKEN AccessToken = NULL;
NTSTATUS Status;
PAGED_CODE();
Status = ObCreateObject(PreviousMode,
- SepTokenObjectType,
+ SeTokenObjectType,
ObjectAttributes,
PreviousMode,
NULL,
for (i = 0; i < Token->UserAndGroupCount; i++)
uLength += RtlLengthSid(Token->UserAndGroups[i].Sid);
- AccessToken->UserAndGroups =
- (PSID_AND_ATTRIBUTES)ExAllocatePoolWithTag(PagedPool,
- uLength,
- TAG_TOKEN_USERS);
+ AccessToken->UserAndGroups = ExAllocatePoolWithTag(PagedPool,
+ uLength,
+ TAG_TOKEN_USERS);
+ if (AccessToken->UserAndGroups == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
EndMem = &AccessToken->UserAndGroups[AccessToken->UserAndGroupCount];
EndMem,
&EndMem,
&uLength);
- if (NT_SUCCESS(Status))
- {
- Status = SepFindPrimaryGroupAndDefaultOwner(
- AccessToken,
- Token->PrimaryGroup,
- 0);
- }
+ if (!NT_SUCCESS(Status))
+ goto done;
- if (NT_SUCCESS(Status))
- {
- AccessToken->PrivilegeCount = Token->PrivilegeCount;
+ Status = SepFindPrimaryGroupAndDefaultOwner(AccessToken,
+ Token->PrimaryGroup,
+ 0);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ AccessToken->PrivilegeCount = Token->PrivilegeCount;
- uLength = AccessToken->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
- AccessToken->Privileges =
- (PLUID_AND_ATTRIBUTES)ExAllocatePoolWithTag(PagedPool,
+ uLength = AccessToken->PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
+ AccessToken->Privileges = ExAllocatePoolWithTag(PagedPool,
uLength,
TAG_TOKEN_PRIVILAGES);
+ if (AccessToken->Privileges == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
- for (i = 0; i < AccessToken->PrivilegeCount; i++)
- {
- RtlCopyLuid(&AccessToken->Privileges[i].Luid,
- &Token->Privileges[i].Luid);
- AccessToken->Privileges[i].Attributes =
- Token->Privileges[i].Attributes;
- }
+ for (i = 0; i < AccessToken->PrivilegeCount; i++)
+ {
+ RtlCopyLuid(&AccessToken->Privileges[i].Luid,
+ &Token->Privileges[i].Luid);
+ AccessToken->Privileges[i].Attributes =
+ Token->Privileges[i].Attributes;
+ }
- if (Token->DefaultDacl)
+ if (Token->DefaultDacl)
+ {
+ AccessToken->DefaultDacl = ExAllocatePoolWithTag(PagedPool,
+ Token->DefaultDacl->AclSize,
+ TAG_TOKEN_ACL);
+ if (AccessToken->DefaultDacl == NULL)
{
- AccessToken->DefaultDacl =
- (PACL) ExAllocatePoolWithTag(PagedPool,
- Token->DefaultDacl->AclSize,
- TAG_TOKEN_ACL);
- memcpy(AccessToken->DefaultDacl,
- Token->DefaultDacl,
- Token->DefaultDacl->AclSize);
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
}
+
+ memcpy(AccessToken->DefaultDacl,
+ Token->DefaultDacl,
+ Token->DefaultDacl->AclSize);
}
- if (NT_SUCCESS(Status))
+ *NewAccessToken = AccessToken;
+
+done:
+ if (!NT_SUCCESS(Status))
{
- *NewAccessToken = AccessToken;
- return(STATUS_SUCCESS);
+ if (AccessToken)
+ {
+ if (AccessToken->UserAndGroups)
+ ExFreePoolWithTag(AccessToken->UserAndGroups, TAG_TOKEN_USERS);
+
+ if (AccessToken->Privileges)
+ ExFreePoolWithTag(AccessToken->Privileges, TAG_TOKEN_PRIVILAGES);
+
+ if (AccessToken->DefaultDacl)
+ ExFreePoolWithTag(AccessToken->DefaultDacl, TAG_TOKEN_ACL);
+
+ ObDereferenceObject(AccessToken);
+ }
}
return Status;
ObjectTypeInitializer.ValidAccessMask = TOKEN_ALL_ACCESS;
ObjectTypeInitializer.UseDefaultObject = TRUE;
ObjectTypeInitializer.DeleteProcedure = SepDeleteToken;
- ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SepTokenObjectType);
+ ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &SeTokenObjectType);
}
VOID
return Status;
Status = ObCreateObject(PreviousMode,
- SepTokenObjectType,
+ SeTokenObjectType,
ObjectAttributes,
PreviousMode,
NULL,
for (i = 0; i < GroupCount; i++)
uLength += RtlLengthSid(Groups[i].Sid);
- AccessToken->UserAndGroups =
- (PSID_AND_ATTRIBUTES)ExAllocatePoolWithTag(PagedPool,
- uLength,
- TAG_TOKEN_USERS);
+ AccessToken->UserAndGroups = ExAllocatePoolWithTag(PagedPool,
+ uLength,
+ TAG_TOKEN_USERS);
+ if (AccessToken->UserAndGroups == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
EndMem = &AccessToken->UserAndGroups[AccessToken->UserAndGroupCount];
EndMem,
&EndMem,
&uLength);
- if (NT_SUCCESS(Status))
- {
- Status = RtlCopySidAndAttributesArray(GroupCount,
- Groups,
- uLength,
- &AccessToken->UserAndGroups[1],
- EndMem,
- &EndMem,
- &uLength);
- }
+ if (!NT_SUCCESS(Status))
+ goto done;
- if (NT_SUCCESS(Status))
- {
- Status = SepFindPrimaryGroupAndDefaultOwner(
- AccessToken,
- PrimaryGroup,
- Owner);
- }
+ Status = RtlCopySidAndAttributesArray(GroupCount,
+ Groups,
+ uLength,
+ &AccessToken->UserAndGroups[1],
+ EndMem,
+ &EndMem,
+ &uLength);
+ if (!NT_SUCCESS(Status))
+ goto done;
- if (NT_SUCCESS(Status))
- {
- uLength = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
- AccessToken->Privileges =
- (PLUID_AND_ATTRIBUTES)ExAllocatePoolWithTag(PagedPool,
+ Status = SepFindPrimaryGroupAndDefaultOwner(AccessToken,
+ PrimaryGroup,
+ Owner);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ uLength = PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES);
+ AccessToken->Privileges = ExAllocatePoolWithTag(PagedPool,
uLength,
TAG_TOKEN_PRIVILAGES);
+ if (AccessToken->Privileges == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
- if (PreviousMode != KernelMode)
- {
- _SEH2_TRY
- {
- RtlCopyMemory(AccessToken->Privileges,
- Privileges,
- PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
- }
- _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
- {
- Status = _SEH2_GetExceptionCode();
- }
- _SEH2_END;
- }
- else
+ if (PreviousMode != KernelMode)
+ {
+ _SEH2_TRY
{
RtlCopyMemory(AccessToken->Privileges,
Privileges,
PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
}
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+ {
+ Status = _SEH2_GetExceptionCode();
+ }
+ _SEH2_END;
+ }
+ else
+ {
+ RtlCopyMemory(AccessToken->Privileges,
+ Privileges,
+ PrivilegeCount * sizeof(LUID_AND_ATTRIBUTES));
}
- if (NT_SUCCESS(Status))
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ AccessToken->DefaultDacl = ExAllocatePoolWithTag(PagedPool,
+ DefaultDacl->AclSize,
+ TAG_TOKEN_ACL);
+ if (AccessToken->DefaultDacl == NULL)
{
- AccessToken->DefaultDacl =
- (PACL) ExAllocatePoolWithTag(PagedPool,
- DefaultDacl->AclSize,
- TAG_TOKEN_ACL);
- memcpy(AccessToken->DefaultDacl,
- DefaultDacl,
- DefaultDacl->AclSize);
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
}
+ RtlCopyMemory(AccessToken->DefaultDacl,
+ DefaultDacl,
+ DefaultDacl->AclSize);
+
if (!SystemToken)
{
Status = ObInsertObject((PVOID)AccessToken,
*TokenHandle = (HANDLE)AccessToken;
}
+done:
+ if (!NT_SUCCESS(Status))
+ {
+ if (AccessToken)
+ {
+ if (AccessToken->UserAndGroups)
+ ExFreePoolWithTag(AccessToken->UserAndGroups, TAG_TOKEN_USERS);
+
+ if (AccessToken->Privileges)
+ ExFreePoolWithTag(AccessToken->Privileges, TAG_TOKEN_PRIVILAGES);
+
+ if (AccessToken->DefaultDacl)
+ ExFreePoolWithTag(AccessToken->DefaultDacl, TAG_TOKEN_ACL);
+
+ ObDereferenceObject(AccessToken);
+ }
+ }
+
return Status;
}
Status = ObReferenceObjectByHandle(TokenHandle,
(TokenInformationClass == TokenSource) ? TOKEN_QUERY_SOURCE : TOKEN_QUERY,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&Token,
NULL);
Status = ObReferenceObjectByHandle(TokenHandle,
NeededAccess,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&Token,
NULL);
Status = ObReferenceObjectByHandle(ExistingTokenHandle,
TOKEN_DUPLICATE,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&Token,
&HandleInformation);
/* Reference the token */
Status = ObReferenceObjectByHandle(TokenHandle,
TOKEN_ADJUST_PRIVILEGES | (PreviousState != NULL ? TOKEN_QUERY : 0),
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&Token,
NULL);
else
{
Status = ObOpenObjectByPointer(Token, HandleAttributes,
- NULL, DesiredAccess, SepTokenObjectType,
+ NULL, DesiredAccess, SeTokenObjectType,
PreviousMode, &hToken);
}
Status = ObReferenceObjectByHandle(FirstTokenHandle,
TOKEN_QUERY,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&FirstToken,
NULL);
Status = ObReferenceObjectByHandle(SecondTokenHandle,
TOKEN_QUERY,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&SecondToken,
NULL);