CreateServiceA and ChangeServiceConfigA:
We already know that lpPassword != NULL so checking again doesnt have too much sense.
CreateServiceW and ChangeServiceConfigW:
Surround the code checking if lpPassword is passed, same as their A logic counterpart APIs. It doesnt have sense to make lpEncryptedPassword to point to a NULL pointer.
It also fixes CID 1363471 and CID 1363479