From 8f655f9466eca0f0c5d4719c1cccd032e4a14ae2 Mon Sep 17 00:00:00 2001
From: Pierre Schweitzer <pierre@reactos.org>
Date: Sat, 1 Jun 2019 13:44:55 +0200
Subject: [PATCH] [NTOSKRNL] Implement ObpFreeDosDevicesProtection to free DACL

---
 ntoskrnl/ob/obname.c | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/ntoskrnl/ob/obname.c b/ntoskrnl/ob/obname.c
index 6c996132d87..866ac748d84 100644
--- a/ntoskrnl/ob/obname.c
+++ b/ntoskrnl/ob/obname.c
@@ -141,6 +141,22 @@ ObpGetDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
     return STATUS_SUCCESS;
 }
 
+INIT_FUNCTION
+VOID
+NTAPI
+ObpFreeDosDevicesProtection(OUT PSECURITY_DESCRIPTOR SecurityDescriptor)
+{
+    PACL Dacl;
+    NTSTATUS Status;
+    BOOLEAN DaclPresent, DaclDefaulted;
+
+    Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor, &DaclPresent, &Dacl, &DaclDefaulted);
+    ASSERT(NT_SUCCESS(Status));
+    ASSERT(DaclPresent);
+    ASSERT(Dacl != NULL);
+    ExFreePoolWithTag(Dacl, 'lcaD');
+}
+
 INIT_FUNCTION
 NTSTATUS
 NTAPI
@@ -151,8 +167,6 @@ ObpCreateDosDevicesDirectory(VOID)
     HANDLE Handle, SymHandle;
     SECURITY_DESCRIPTOR DosDevicesSD;
     NTSTATUS Status;
-    PACL Dacl;
-    BOOLEAN DaclPresent, DaclDefaulted;
 
     /* Create a custom security descriptor for the global DosDevices directory */
     Status = ObpGetDosDevicesProtection(&DosDevicesSD);
@@ -256,8 +270,7 @@ ObpCreateDosDevicesDirectory(VOID)
     if (NT_SUCCESS(Status)) NtClose(SymHandle);
 
 done:
-    RtlGetDaclSecurityDescriptor(&DosDevicesSD, &DaclPresent, &Dacl, &DaclDefaulted);
-    ExFreePoolWithTag(Dacl, 'lcaD');
+    ObpFreeDosDevicesProtection(&DosDevicesSD);
 
     /* Return status */
     return Status;