IN ULONG Flags,
OUT PVOID *ReturnedState)
{
-#if 0
PRTL_ACQUIRE_STATE State;
NTSTATUS Status, IntStatus;
ULONG ReturnLength, i, OldSize;
* new privileges (big enough, after old privileges memory area)
*/
State = RtlAllocateHeap(RtlGetProcessHeap(), 0, sizeof(RTL_ACQUIRE_STATE) + sizeof(TOKEN_PRIVILEGES) +
- NumPriv * sizeof(LUID_AND_ATTRIBUTES));
+ (NumPriv - ANYSIZE_ARRAY) * sizeof(LUID_AND_ATTRIBUTES));
if (!State)
{
return STATUS_NO_MEMORY;
goto Cleanup;
}
- /* Save said token */
+ /* Save said token and the fact we have impersonated */
State->Token = ImpersonationToken;
+ State->Flags |= RTL_ACQUIRE_PRIVILEGE_IMPERSONATE;
ZwClose(ProcessToken);
}
* There's NO overflow risks (OldPrivileges is always used with its size)
*/
State->OldPrivileges = (PTOKEN_PRIVILEGES)State->OldPrivBuffer;
- State->NewPrivileges = (PTOKEN_PRIVILEGES)(State->OldPrivBuffer + 1024);
+ State->NewPrivileges = (PTOKEN_PRIVILEGES)(State->OldPrivBuffer + (sizeof(State->OldPrivBuffer) / sizeof(State->OldPrivBuffer[0])));
/* Assign all the privileges to be acquired */
State->NewPrivileges->PrivilegeCount = NumPriv;
else
{
*ReturnedState = State;
+ break;
}
- } while (FALSE);
+ } while (TRUE);
DPRINT("RtlAcquirePrivilege succeed!\n");
DPRINT("RtlAcquirePrivilege() failed with status: %lx\n", Status);
return Status;
-#else
- UNIMPLEMENTED;
- return STATUS_NOT_IMPLEMENTED;
-#endif
}
/*
NTAPI
RtlReleasePrivilege(IN PVOID ReturnedState)
{
-#if 0
NTSTATUS Status;
PRTL_ACQUIRE_STATE State = (PRTL_ACQUIRE_STATE)ReturnedState;
DPRINT("RtlReleasePrivilege(%p)\n", ReturnedState);
- /* If we had an active impersonation before we acquired privileges */
+ /* If we had an active impersonation before we acquired privileges
+ * Or if we have impersonated, quit it
+ */
if (State->Flags & RTL_ACQUIRE_PRIVILEGE_IMPERSONATE)
{
/* Restore it for the current thread */
/* Release token and free state */
ZwClose(State->Token);
RtlFreeHeap(RtlGetProcessHeap(), 0, State);
-#else
- UNIMPLEMENTED;
-#endif
}
/*