summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
00ee551)
- Correctly interpret SeCreateClientSecurity return value in NpInitializeSecurity
- Always charge quota when allocating client context
- Specify explicit 0 tag when freeing allocations with unknown pool tag
- Misc readability fixes
svn path=/trunk/; revision=64839
}
SecurityContext = &AccessState->SubjectSecurityContext;
}
SecurityContext = &AccessState->SubjectSecurityContext;
- SeLockSubjectContext(&AccessState->SubjectSecurityContext);
+ SeLockSubjectContext(SecurityContext);
- Status = SeAssignSecurity(0,
+ Status = SeAssignSecurity(NULL,
AccessState->SecurityDescriptor,
&SecurityDescriptor,
AccessState->SecurityDescriptor,
&SecurityDescriptor,
SecurityContext,
IoGetFileObjectGenericMapping(),
PagedPool);
SecurityContext,
IoGetFileObjectGenericMapping(),
PagedPool);
Status = ObLogSecurityDescriptor(SecurityDescriptor,
&CachedSecurityDescriptor,
1);
Status = ObLogSecurityDescriptor(SecurityDescriptor,
&CachedSecurityDescriptor,
1);
- ExFreePool(SecurityDescriptor);
+ ExFreePoolWithTag(SecurityDescriptor, 0);
if (!NT_SUCCESS(Status))
{
if (!NT_SUCCESS(Status))
{
- ClientContext = ExAllocatePoolWithTag(PagedPool, sizeof(*ClientContext), NPFS_CLIENT_SEC_CTX_TAG);
+ ClientContext = ExAllocatePoolWithQuotaTag(PagedPool | POOL_QUOTA_FAIL_INSTEAD_OF_RAISE,
+ sizeof(*ClientContext),
+ NPFS_CLIENT_SEC_CTX_TAG);
Ccb->ClientContext = ClientContext;
if (!ClientContext) return STATUS_INSUFFICIENT_RESOURCES;
Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, ClientContext);
Ccb->ClientContext = ClientContext;
if (!ClientContext) return STATUS_INSUFFICIENT_RESOURCES;
Status = SeCreateClientSecurity(Thread, &Ccb->ClientQos, 0, ClientContext);
- if (!NT_SUCCESS(Status)) return Status;
+ if (!NT_SUCCESS(Status))
+ {
+ ExFreePool(Ccb->ClientContext);
+ Ccb->ClientContext = NULL;
+ }
- ExFreePool(Ccb->ClientContext);
- Ccb->ClientContext = NULL;
if (!NT_SUCCESS(Status)) return Status;
Status = ObLogSecurityDescriptor(TempSecurityDescriptor, &NewSecurityDescriptor, 1);
if (!NT_SUCCESS(Status)) return Status;
Status = ObLogSecurityDescriptor(TempSecurityDescriptor, &NewSecurityDescriptor, 1);
- ExFreePool(TempSecurityDescriptor);
+ ASSERT(TempSecurityDescriptor != OldSecurityDescriptor);
+ ExFreePoolWithTag(TempSecurityDescriptor, 0);
if (!NT_SUCCESS(Status)) return Status;
if (!NT_SUCCESS(Status)) return Status;