From 1ba558dafbe8d2459a8ca82c58f4f6162629d233 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herm=C3=A8s=20B=C3=89LUSCA=20-=20MA=C3=8FTO?= Date: Fri, 20 Jun 2025 19:37:43 +0200 Subject: [PATCH 1/2] WlxLoggedOutSAS: Tell how the pProfile structure is allocated. Like the pNprNotifyInfo fields, the fields inside the returned pProfile structure, and the structure itself, appears to be allocated with `LocalAlloc()`. My investigations appear to show that this is what Windows <= 2003 msgina.dll does, and what winlogon.exe expects (since the latter will free the buffers with `LocalFree()`). --- .../content/winwlx/nf-winwlx-wlxloggedoutsas.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md b/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md index 32a68be30813..f0864e2f0947 100644 --- a/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md +++ b/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md @@ -161,7 +161,7 @@ A pointer to an The GINA is not required to return password information. Any NULL fields within the structure will be ignored by Winlogon. Use LocalAlloc to allocate each string; Winlogon will free them when they are no longer needed. -The GINA should provide domain, user, and password values for complete Session Directory functionality. If the password is not provided, Session Directory will require the user to input the password twice before the user is connected to the server. +The GINA should provide domain, user, and password values for complete Session Directory functionality. If the password is not provided, Session Directory will require the user to input the password twice before the user is connected to the server. For information about protecting passwords, see Handling Passwords. @@ -169,7 +169,9 @@ For information about protecting passwords, see WLX_PROFILE_V1_0 or a -WLX_PROFILE_V2_0 structure. The first DWORD in the structure indicates which structure it is. Winlogon uses this structure to load the profile of the logged-on user, and frees the memory associated with the structure when it no longer needs it. +WLX_PROFILE_V2_0 structure. The first DWORD in the structure indicates which structure it is. +Use LocalAlloc to allocate this structure, as well as each of its fields. +Winlogon uses this structure to load the profile of the logged-on user, and frees the memory associated with the structure and its fields when it no longer needs it. ## -returns @@ -228,6 +230,4 @@ Do not activate the user shell program in WlxLoggedOutSAS. The user shell WlxActivateUserShell - - -WlxInitialize \ No newline at end of file +WlxInitialize From 1cde2d546d5db5c2632632e5243f180fa3a579be Mon Sep 17 00:00:00 2001 From: Alvin Ashcraft <73072+alvinashcraft@users.noreply.github.com> Date: Mon, 30 Jun 2025 10:42:21 -0400 Subject: [PATCH 2/2] Apply suggestions from code review Update paths to avoid redirected URLs. --- .../content/winwlx/nf-winwlx-wlxloggedoutsas.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md b/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md index f0864e2f0947..1f937cfbc568 100644 --- a/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md +++ b/sdk-api-src/content/winwlx/nf-winwlx-wlxloggedoutsas.md @@ -159,18 +159,20 @@ If you need this handle after calling the WLX_MPR_NOTIFY_INFO structure that contains domain, user name, and password information for the user. Winlogon will use this information to provide identification and authentication information to network providers. -The GINA is not required to return password information. Any NULL fields within the structure will be ignored by Winlogon. Use LocalAlloc to allocate each string; Winlogon will free them when they are no longer needed. +The GINA is not required to return password information. Any NULL fields within the structure will be ignored by Winlogon. Use LocalAlloc to allocate each string; Winlogon will free them when they are no longer needed. The GINA should provide domain, user, and password values for complete Session Directory functionality. If the password is not provided, Session Directory will require the user to input the password twice before the user is connected to the server. -For information about protecting passwords, see Handling Passwords. +For information about protecting passwords, see Handling Passwords. ### -param pProfile [out] On return from a successful authentication, the pProfile parameter points to either a -WLX_PROFILE_V1_0 or a -WLX_PROFILE_V2_0 structure. The first DWORD in the structure indicates which structure it is. -Use LocalAlloc to allocate this structure, as well as each of its fields. +WLX_PROFILE_V1_0 or a +WLX_PROFILE_V2_0 structure. The first DWORD in the structure indicates which structure it is. + +Use LocalAlloc to allocate this structure, as well as each of its fields. + Winlogon uses this structure to load the profile of the logged-on user, and frees the memory associated with the structure and its fields when it no longer needs it. ## -returns @@ -228,6 +230,6 @@ Do not activate the user shell program in WlxLoggedOutSAS. The user shell ## -see-also -WlxActivateUserShell +WlxActivateUserShell -WlxInitialize +WlxInitialize