projects / reactos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65435e1)
[NTOSKRNL]
authorEric Kohl <eric.kohl@reactos.org>
Thu, 3 Jun 2010 13:36:50 +0000 (13:36 +0000)
committerEric Kohl <eric.kohl@reactos.org>
Thu, 3 Jun 2010 13:36:50 +0000 (13:36 +0000)
NtDuplicateToken: If the called does not provide any desired access rights the duplicate token will inherit the granted rights of the original token.

svn path=/trunk/; revision=47535

reactos/ntoskrnl/se/token.c patch | blob | history

diff --git a/reactos/ntoskrnl/se/token.c b/reactos/ntoskrnl/se/token.c
index 04fe7c2..aa281bc 100644 (file)
--- a/reactos/ntoskrnl/se/token.c
+++ b/reactos/ntoskrnl/se/token.c
@@ -1806,6 +1806,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
     PTOKEN NewToken;
     PSECURITY_QUALITY_OF_SERVICE CapturedSecurityQualityOfService;
     BOOLEAN QoSPresent;
+    OBJECT_HANDLE_INFORMATION HandleInformation;
     NTSTATUS Status;
 
     PAGED_CODE();
@@ -1843,7 +1844,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
                                        SepTokenObjectType,
                                        PreviousMode,
                                        (PVOID*)&Token,
-                                       NULL);
+                                       &HandleInformation);
     if (!NT_SUCCESS(Status))
     {
         SepReleaseSecurityQualityOfService(CapturedSecurityQualityOfService,
@@ -1884,7 +1885,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
     {
         Status = ObInsertObject((PVOID)NewToken,
                                 NULL,
-                                DesiredAccess,
+                                (DesiredAccess ? DesiredAccess : HandleInformation.GrantedAccess),
                                 0,
                                 NULL,
                                 &hToken);
A free Windows-compatible Operating System