Don't leak admin group SID memory

jclehner · Jan 18, 2017 · 84dbd93 · 84dbd93
1 parent eafbf90
commit 84dbd93
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/main.c b/main.c
@@ -84,22 +84,23 @@ void usage(FILE *fp)
 void require_admin()
 {
 	SID_IDENTIFIER_AUTHORITY auth = SECURITY_NT_AUTHORITY;
-	PSID adminGroup = NULL;
-	BOOL success = AllocateAndInitializeSid(
+	PSID group = NULL;
+	BOOL admin, success = AllocateAndInitializeSid(
 		&auth, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
-		0, 0, 0, 0, 0, 0, &adminGroup
+		0, 0, 0, 0, 0, 0, &group
 	);
 
 	if (success) {
-		if (CheckTokenMembership(NULL, adminGroup, &success)) {
-			if (!success) {
+		success = CheckTokenMembership(NULL, group, &admin);
+		FreeSid(group);
+		if (success) {
+			if (!admin) {
 				fprintf(stderr, "Error: must be run as administrator\n");
 				exit(1);
 			} else {
 				return;
 			}
 		}
-		FreeSid(adminGroup);
 	}
 
 	fprintf(stderr, "Warning: failed to check administrator privileges\n");