- Correctly interpret SeCreateClientSecurity return value in NpInitializeSecurity
- Always charge quota when allocating client context
- Specify explicit 0 tag when freeing allocations with unknown pool tag
- Misc readability fixes
svn path=/trunk/; revision=64839
}
SecurityContext = &AccessState->SubjectSecurityContext;
- SeLockSubjectContext(&AccessState->SubjectSecurityContext);
+ SeLockSubjectContext(SecurityContext);
- Status = SeAssignSecurity(0,
+ Status = SeAssignSecurity(NULL,
AccessState->SecurityDescriptor,
&SecurityDescriptor,
- 0,
+ FALSE,
SecurityContext,
IoGetFileObjectGenericMapping(),
PagedPool);
Status = ObLogSecurityDescriptor(SecurityDescriptor,
&CachedSecurityDescriptor,
1);
- ExFreePool(SecurityDescriptor);
+ ExFreePoolWithTag(SecurityDescriptor, 0);
if (!NT_SUCCESS(Status))
{
return Status;
}
- ClientContext = ExAllocatePoolWithTag(PagedPool, sizeof(*ClientContext), NPFS_CLIENT_SEC_CTX_TAG);
+ ClientContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
+ sizeof(*ClientContext),
+ NPFS_CLIENT_SEC_CTX_TAG);
Ccb->ClientContext = ClientContext;
if (!ClientContext) return STATUS_INSUFFICIENT_RESOURCES;
Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, ClientContext);
- if (!NT_SUCCESS(Status)) return Status;
+ if (!NT_SUCCESS(Status))
+ {
+ ExFreePool(Ccb->ClientContext);
+ Ccb->ClientContext = NULL;
+ }
- ExFreePool(Ccb->ClientContext);
- Ccb->ClientContext = NULL;
return Status;
}
if (!NT_SUCCESS(Status)) return Status;
Status = ObLogSecurityDescriptor(TempSecurityDescriptor, &NewSecurityDescriptor, 1);
- ExFreePool(TempSecurityDescriptor);
+ ASSERT(TempSecurityDescriptor != OldSecurityDescriptor);
+ ExFreePoolWithTag(TempSecurityDescriptor, 0);
if (!NT_SUCCESS(Status)) return Status;