[NTOSKRNL] Return security descriptor size when querying object basic info

2024-12-28 18:15:11 +00:00 · 2018-11-10 10:31:03 +01:00 · 2018-11-10 10:31:03 +01:00 · 102ba75f15
commit 102ba75f15
parent 1fb32afefa
1 changed files with 23 additions and 3 deletions
--- a/ntoskrnl/ob/oblife.c
+++ b/ntoskrnl/ob/oblife.c
@ -1488,6 +1488,8 @@ NtQueryObject(IN HANDLE ObjectHandle,
    PVOID Object = NULL;
    NTSTATUS Status;
    POBJECT_HEADER_QUOTA_INFO ObjectQuota;
+    SECURITY_INFORMATION SecurityInformation;
+    POBJECT_TYPE ObjectType;
    KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
    PAGED_CODE();

@ -1528,6 +1530,7 @@ NtQueryObject(IN HANDLE ObjectHandle,

        /* Get the object header */
        ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object);
+        ObjectType = ObjectHeader->Type;
    }

    _SEH2_TRY
@ -1583,9 +1586,6 @@ NtQueryObject(IN HANDLE ObjectHandle,
                BasicInfo->NameInfoSize = 0; /* FIXME*/
                BasicInfo->TypeInfoSize = 0; /* FIXME*/

-                /* Copy security information */
-                BasicInfo->SecurityDescriptorSize = 0; /* FIXME*/
-
                /* Check if this is a symlink */
                if (ObjectHeader->Type == ObpSymbolicLinkObjectType)
                {
@ -1599,6 +1599,26 @@ NtQueryObject(IN HANDLE ObjectHandle,
                    BasicInfo->CreationTime.QuadPart = (ULONGLONG)0;
                }

+                /* Copy security information */
+                BasicInfo->SecurityDescriptorSize = 0;
+                if (BooleanFlagOn(HandleInfo.GrantedAccess, READ_CONTROL) &&
+                    ObjectHeader->SecurityDescriptor != NULL)
+                {
+                    SecurityInformation = OWNER_SECURITY_INFORMATION |
+                                          GROUP_SECURITY_INFORMATION |
+                                          DACL_SECURITY_INFORMATION |
+                                          SACL_SECURITY_INFORMATION;
+
+                    ObjectType->TypeInfo.SecurityProcedure(Object,
+                                                           QuerySecurityDescriptor,
+                                                           &SecurityInformation,
+                                                           NULL,
+                                                           &BasicInfo->SecurityDescriptorSize,
+                                                           &ObjectHeader->SecurityDescriptor,
+                                                           ObjectType->TypeInfo.PoolType,
+                                                           &ObjectType->TypeInfo.GenericMapping);
+                }
+
                /* Break out with success */
                Status = STATUS_SUCCESS;
                break;