Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-08 05:35:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

[LSASRV]

Browse source 
- Validate Account SIDs in LsarCreateAccount and LsarOpenAccount.
- LsarOpenAccount: Do not check the granted access of the policy handle.
- LsarOpenAccount: Return the proper status code.

svn path=/trunk/; revision=57448
This commit is contained in:
Eric Kohl 2012-09-30 22:41:34 +00:00
parent e36d4c8c40
commit 0683a941e9
1 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
reactos/dll/win32/lsasrv/lsarpc.c
View file

@ -440,6 +440,10 @@ NTSTATUS WINAPI LsarCreateAccount(
LPWSTR SidString = NULL;
NTSTATUS Status = STATUS_SUCCESS;
/* Validate the AccountSid */
if (!RtlValidSid(AccountSid))
return STATUS_INVALID_PARAMETER;
/* Validate the PolicyHandle */
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
@ -842,10 +846,14 @@ NTSTATUS WINAPI LsarOpenAccount(
LPWSTR SidString = NULL;
NTSTATUS Status = STATUS_SUCCESS;
/* Validate the AccountSid */
if (!RtlValidSid(AccountSid))
return STATUS_INVALID_PARAMETER;
/* Validate the PolicyHandle */
Status = LsapValidateDbObject(PolicyHandle,
LsaDbPolicyObject,
POLICY_CREATE_ACCOUNT,
0,
&PolicyObject);
if (!NT_SUCCESS(Status))
{
@ -861,7 +869,7 @@ NTSTATUS WINAPI LsarOpenAccount(
&AccountsObject);
if (!NT_SUCCESS(Status))
{
ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
ERR("LsapOpenDbObject (Accounts) failed (Status 0x%08lx)\n", Status);
goto done;
}
@ -909,7 +917,7 @@ done:
if (AccountsObject != NULL)
LsapCloseDbObject(AccountsObject);
return STATUS_SUCCESS;
return Status;
}