James Hawkins wrote:
Hi,
I'm not exactly sure whether the LPVOID param of NtQueryInformationToken should be a BOOLEAN value or a DWORD like NumRestrictedSids (it isn't documented), but because we just want to know whether there exists at least one, the BOOLEAN does the trick until we know how to handle TokenRestrictedSids.
The parameter is actually of type TOKEN_GROUPS, of which the first DWORD is the number of restricting SIDs. So therefore, the patch is technically correct, but I'd be much more happy if you actually allocated a pointer of type TOKEN_GROUPS. You can see more information about the classes used by NtQueryTokenInformation here: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/se...
Changelog
- Implement IsTokenRestricted.