VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-08-29 21:25:34 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-08-30 22:30:56 (GMT)
commitdc6c279339f8e3a18569afce002fc9329cebeeb7 (patch)
tree076eed9dc70514fbf3718d9819dcf362b591c6bd /src/Driver
parent2f2cb6b7aef0bc297269916c47149faee08a968f (diff)
downloadVeraCrypt-dc6c279339f8e3a18569afce002fc9329cebeeb7.zip
VeraCrypt-dc6c279339f8e3a18569afce002fc9329cebeeb7.tar.gz
Windows Driver: Protect captured subject context during processing of user access token.
Diffstat (limited to 'src/Driver')
-rw-r--r--src/Driver/Ntdriver.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index d292acb..a5965c9 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -2653,6 +2653,7 @@ NTSTATUS MountDevice (PDEVICE_OBJECT DeviceObject, MOUNT_STRUCT *mount)
PACCESS_TOKEN accessToken;
SeCaptureSubjectContext (&subContext);
+ SeLockSubjectContext(&subContext);
accessToken = SeQuerySubjectContextToken (&subContext);
if (!accessToken)
@@ -2678,6 +2679,7 @@ NTSTATUS MountDevice (PDEVICE_OBJECT DeviceObject, MOUNT_STRUCT *mount)
}
}
+ SeUnlockSubjectContext(&subContext);
SeReleaseSubjectContext (&subContext);
if (NT_SUCCESS (ntStatus))