Closed Bug 42874 Opened 24 years ago Closed 24 years ago

ntsec.c: OpenProcessToken may fail with ERROR_ACCESS_DENIED

Categories

(NSPR :: NSPR, defect, P3)

Product:
NSPR
Component:
NSPR
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(1 file)

Proposed patch.
2.11 KB, patch
Details | Diff | Splinter Review 
It was reported that if an application using NSPR 4.0 is
invoked by an ISAPI extension DLL, the OpenProcessToken
call on line 80 of ntsec.c fails with the error code
5 (ERROR_ACCESS_DENIED) because the process impersonates
the identity of the client.  The failure of OpenProcessToken
causes the assertion on line 81 to fail.

In light of this, the assertion of line 81:
    PR_ASSERT(rv != 0);
should be replaced by
    if (rv == 0) {
        PR_LOG(...);  /* log the error code */
        return;
    }
Status: NEW → ASSIGNED
Target Milestone: --- → 4.1
Attached patch Proposed patch.Splinter Review 

    
    

    
  
I checked in the patch on the main trunk.
/cvsroot/mozilla/nsprpub/pr/src/md/windows/ntsec.c, revision 3.4
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: