Author: dgorbachev
Date: Thu Jun 25 02:23:29 2009
New Revision: 41603
URL: http://svn.reactos.org/svn/reactos?rev=41603&view=rev
Log:
Hack: partially undo r38510 changes to overcome regression (bug #4169).
Modified:
trunk/reactos/ntoskrnl/se/semgr.c
Modified: trunk/reactos/ntoskrnl/se/semgr.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/se/semgr.c?rev=41603&r1=41602&r2=41603&view=diff
==============================================================================
--- trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/se/semgr.c [iso-8859-1] Thu Jun 25 02:23:29 2009
@@ -638,7 +638,7 @@
PTOKEN Token;
NTSTATUS Status;
PAGED_CODE();
-
+
/* Check if this is kernel mode */
if (PreviousMode == KernelMode)
{
@@ -654,7 +654,7 @@
/* Just give the desired access */
*GrantedAccess = DesiredAccess;
}
-
+
/* Success */
*AccessStatus = STATUS_SUCCESS;
return STATUS_SUCCESS;
@@ -688,24 +688,32 @@
SubjectSecurityContext.ProcessAuditId = NULL;
SeLockSubjectContext(&SubjectSecurityContext);
+ /* FIXME */
/* Now perform the access check */
- SeAccessCheck(SecurityDescriptor,
- &SubjectSecurityContext,
- TRUE,
- DesiredAccess,
- 0,
- &PrivilegeSet, //FIXME
- GenericMapping,
- PreviousMode,
- GrantedAccess,
- AccessStatus);
+ if (SeAccessCheck(SecurityDescriptor,
+ &SubjectSecurityContext,
+ TRUE,
+ DesiredAccess,
+ 0,
+ &PrivilegeSet, //FIXME
+ GenericMapping,
+ PreviousMode,
+ GrantedAccess,
+ AccessStatus))
+ {
+ Status = *AccessStatus;
+ }
+ else
+ {
+ Status = STATUS_ACCESS_DENIED;
+ }
/* Unlock subject context and dereference the token */
SeUnlockSubjectContext(&SubjectSecurityContext);
ObDereferenceObject(Token);
- /* Check succeeded */
- return STATUS_SUCCESS;
+ /* Check succeeded? */
+ return Status;
}
