Re: [PATCH 0/1] MR3505: ntdll: Implement NtCreateToken().

Hans Leidekker (@hans) commented about server/token.c:

•    groups_size = group_count * sizeof( attrs[0] );
  

•    groups = malloc( group_count * sizeof( groups[0] ) );
  

•    if (!groups)
  

•    {
  

•        set_error( STATUS_NO_MEMORY );
  

•        return;
  

•    }
  

•    for (i = 0; i < group_count; i++)
  

•    {
  

•        groups[i].attrs = attrs[i];
  

•        groups[i].sid = sid;
  

•        groups_size += sid_len( sid );
  

•        sid = (struct sid *)((char *)sid + sid_len( sid ));
  

This read should also be checked.