Skip to content

Commit

Permalink
Fix parameters for CreateLowBoxToken
Browse files Browse the repository at this point in the history 
When calling CreateLowBoxToken, the kernel API will throw an error if
there is a mismatch between the saved_handles_count and the
saved_handles array. If the count is 0, the pointer must be null.

This change passes in nullptr to CreateLowBoxToken for saved_handles if
saved_handles_count is 0.

Bug: 1000447
Change-Id: I2e5706944e5348ae1833eb28562945b7874f6a75
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1845831
Reviewed-by: James Forshaw <forshaw@chromium.org>
Commit-Queue: Cliff Smolinsky <cliffsmo@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#703378}
  • Loading branch information
Cliff Smolinsky authored and Commit Bot committed Oct 7, 2019
1 parent 32fac91 commit 049ba28
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion sandbox/win/src/restricted_token_utils.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -368,7 +368,8 @@ DWORD CreateLowBoxToken(HANDLE base_token,
&token_lowbox, base_token, TOKEN_ALL_ACCESS, &obj_attr,
security_capabilities->AppContainerSid,
security_capabilities->CapabilityCount,
security_capabilities->Capabilities, saved_handles_count, saved_handles);
security_capabilities->Capabilities, saved_handles_count,
saved_handles_count > 0 ? saved_handles : nullptr);
if (!NT_SUCCESS(status))
return GetLastErrorFromNtStatus(status);

Expand Down

0 comments on commit 049ba28

Please sign in to comment.