Major Description
The three functions RtlCreateUnicodeString, RtlCreateUnicodeStringFromAsciiz and SeSinglePrivilegeCheck do not follow the normal Windows NT coding convention that requires functions to return NTSTATUS. They return BOOLEAN instead.
This makes their use unintuitive to people familiar with the convention and can easily lead to misuse. Because such bugs can easily be re-introduced, the code base should be checked for them regularly.
Example patterns that need review:
// Using NT_SUCCESS on the return value is wrong in any context
|
NT_SUCCESS(RtlCreateUnicodeString(...))
|
|
|
// Assignment to an NTSTATUS variable is wrong. These are often called Status, so code like this needs review to check the type:
|
Status = RtlCreateUnicodeString(...);
|
|
|
// Can be good or bad, depending on the current function's return type
|
return RtlCreateUnicodeString(...);
|
Example safe patterns:
// No return value check (not "good", but at least not affected by this problem)
|
RtlCreateUnicodeString(...);
|
|
|
// Return value assigned to boolean variable
|
Success = RtlCreateUnicodeString(...);
|
|
|
// Status assignment based on boolean return value
|
Status = RtlCreateUnicodeString(...) ? STATUS_SUCCESS : STATUS_INSUFFICIENT_RESOURCES;
|
|
|
// Direct use as a boolean conditional
|
if (!RtlCreateUnciodeString(...))
|