Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-06 12:45:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

[LSASRV]

Browse source 
LsarQuerySecurityObject: Build a new SD that conatains requested information only and return it to the caller.

svn path=/trunk/; revision=72220
This commit is contained in:
Eric Kohl 2016-08-14 15:42:40 +00:00
parent e60fde9ccb
commit 09e88a8e27
1 changed files with 48 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
reactos/dll/win32/lsasrv/lsarpc.c
View file

@ -136,14 +136,21 @@ NTSTATUS WINAPI LsarQuerySecurityObject(
{ {
PLSA_DB_OBJECT DbObject = NULL; PLSA_DB_OBJECT DbObject = NULL;
PSECURITY_DESCRIPTOR RelativeSd = NULL; PSECURITY_DESCRIPTOR RelativeSd = NULL;
PSECURITY_DESCRIPTOR ResultSd = NULL;
PLSAPR_SR_SECURITY_DESCRIPTOR SdData = NULL; PLSAPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
ACCESS_MASK DesiredAccess = 0; ACCESS_MASK DesiredAccess = 0;
ULONG RelativeSdSize = 0; ULONG RelativeSdSize = 0;
ULONG ResultSdSize = 0;
NTSTATUS Status; NTSTATUS Status;
TRACE("LsarQuerySecurityObject(%p %lx %p)\n",
ObjectHandle, SecurityInformation, SecurityDescriptor);
if (SecurityDescriptor == NULL) if (SecurityDescriptor == NULL)
return STATUS_INVALID_PARAMETER; return STATUS_INVALID_PARAMETER;
*SecurityDescriptor = NULL;
if ((SecurityInformation & OWNER_SECURITY_INFORMATION) || if ((SecurityInformation & OWNER_SECURITY_INFORMATION) ||
(SecurityInformation & GROUP_SECURITY_INFORMATION) || (SecurityInformation & GROUP_SECURITY_INFORMATION) ||
(SecurityInformation & DACL_SECURITY_INFORMATION)) (SecurityInformation & DACL_SECURITY_INFORMATION))
@ -181,10 +188,40 @@ NTSTATUS WINAPI LsarQuerySecurityObject(
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
goto done; goto done;
/* /* Invalidate the SD information that was not requested */
* FIXME: Invalidate the SD information that was not requested. if (!(SecurityInformation & OWNER_SECURITY_INFORMATION))
* (see SecurityInformation) ((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL;
*/
if (!(SecurityInformation & GROUP_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL;
if (!(SecurityInformation & DACL_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_DACL_PRESENT;
if (!(SecurityInformation & SACL_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_SACL_PRESENT;
/* Calculate the required SD size */
Status = RtlMakeSelfRelativeSD(RelativeSd,
NULL,
&ResultSdSize);
if (Status != STATUS_BUFFER_TOO_SMALL)
goto done;
/* Allocate a buffer for the new SD */
ResultSd = MIDL_user_allocate(ResultSdSize);
if (ResultSd == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
/* Build the new SD */
Status = RtlMakeSelfRelativeSD(RelativeSd,
ResultSd,
&ResultSdSize);
if (!NT_SUCCESS(Status))
goto done;
/* Allocate the SD data buffer */ /* Allocate the SD data buffer */
SdData = MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR)); SdData = MIDL_user_allocate(sizeof(LSAPR_SR_SECURITY_DESCRIPTOR));
@ -196,17 +233,20 @@ NTSTATUS WINAPI LsarQuerySecurityObject(
/* Fill the SD data buffer and return it to the caller */ /* Fill the SD data buffer and return it to the caller */
SdData->Length = RelativeSdSize; SdData->Length = RelativeSdSize;
SdData->SecurityDescriptor = (PBYTE)RelativeSd; SdData->SecurityDescriptor = (PBYTE)ResultSd;
*SecurityDescriptor = SdData; *SecurityDescriptor = SdData;
done: done:
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
if (RelativeSd != NULL) if (ResultSd != NULL)
MIDL_user_free(RelativeSd); MIDL_user_free(ResultSd);
} }
if (RelativeSd != NULL)
MIDL_user_free(RelativeSd);
return Status; return Status;
} }
@ -2174,7 +2214,7 @@ NTSTATUS WINAPI LsarDeleteObject(
PLSA_DB_OBJECT DbObject; PLSA_DB_OBJECT DbObject;
NTSTATUS Status; NTSTATUS Status;
TRACE("(%p)\n", ObjectHandle); TRACE("LsarDeleteObject(%p)\n", ObjectHandle);
if (ObjectHandle == NULL) if (ObjectHandle == NULL)
return STATUS_INVALID_PARAMETER; return STATUS_INVALID_PARAMETER;