Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-24 09:25:10 +00:00
Code Issues Projects Releases Packages Wiki Activity

properly handle fragmented self-relative security descriptors in the 64 bit version of RtlSelfRelativeToAbsoluteSD2

Browse source 
svn path=/trunk/; revision=18939
This commit is contained in:
Thomas Bluemel 2005-11-01 22:36:00 +00:00
parent 30b938fbe9
commit 23c6b8167f
1 changed files with 39 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
reactos/lib/rtl/sd.c
View file

@ -735,8 +735,9 @@ RtlSelfRelativeToAbsoluteSD2(PISECURITY_DESCRIPTOR SelfRelativeSecurityDescripto
PISECURITY_DESCRIPTOR AbsSD = SelfRelativeSecurityDescriptor; PISECURITY_DESCRIPTOR AbsSD = SelfRelativeSecurityDescriptor;
PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)SelfRelativeSecurityDescriptor; PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)SelfRelativeSecurityDescriptor;
#ifdef _WIN64 #ifdef _WIN64
PVOID DataStart; PVOID DataStart, DataEnd;
ULONG DataSize; ULONG DataSize;
LONG MoveDelta;
ULONG OwnerLength; ULONG OwnerLength;
ULONG GroupLength; ULONG GroupLength;
ULONG DaclLength; ULONG DaclLength;
@ -784,7 +785,37 @@ RtlSelfRelativeToAbsoluteSD2(PISECURITY_DESCRIPTOR SelfRelativeSecurityDescripto
ASSERT(sizeof(SECURITY_DESCRIPTOR) > sizeof(SECURITY_DESCRIPTOR_RELATIVE)); ASSERT(sizeof(SECURITY_DESCRIPTOR) > sizeof(SECURITY_DESCRIPTOR_RELATIVE));
DataSize = OwnerLength + GroupLength + DaclLength + SaclLength; /* calculate the start and end of the data area, we simply just move the
data by the difference between the size of the relative and absolute
security descriptor structure */
DataStart = pOwner;
DataEnd = (PVOID)((ULONG_PTR)pOwner + OwnerLength);
if (pGroup != NULL)
{
if (((ULONG_PTR)pGroup < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pGroup;
if (((ULONG_PTR)pGroup + GroupLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
DataEnd = (PVOID)((ULONG_PTR)pGroup + GroupLength);
}
if (pDacl != NULL)
{
if (((ULONG_PTR)pDacl < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pDacl;
if (((ULONG_PTR)pDacl + DaclLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
DataEnd = (PVOID)((ULONG_PTR)pDacl + DaclLength);
}
if (pSacl != NULL)
{
if (((ULONG_PTR)pSacl < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pSacl;
if (((ULONG_PTR)pSacl + DaclLength > (ULONG_PTR)DataEnd) || DataEnd == NULL)
DataEnd = (PVOID)((ULONG_PTR)pSacl + SaclLength);
}
ASSERT((ULONG_PTR)DataEnd >= (ULONG_PTR)DataStart);
DataSize = (ULONG)((ULONG_PTR)DataEnd >= (ULONG_PTR)DataStart);
if (*BufferSize < sizeof(SECURITY_DESCRIPTOR) + DataSize) if (*BufferSize < sizeof(SECURITY_DESCRIPTOR) + DataSize)
{ {
*BufferSize = sizeof(SECURITY_DESCRIPTOR) + DataSize; *BufferSize = sizeof(SECURITY_DESCRIPTOR) + DataSize;
@ -793,17 +824,6 @@ RtlSelfRelativeToAbsoluteSD2(PISECURITY_DESCRIPTOR SelfRelativeSecurityDescripto
if (DataSize != 0) if (DataSize != 0)
{ {
/* calculate the start of the data area, we simply just move the data by
the difference between the size of the relative and absolute security
descriptor structure */
DataStart = pOwner;
if ((pGroup != NULL && (ULONG_PTR)pGroup < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pGroup;
if ((pDacl != NULL && (ULONG_PTR)pDacl < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pDacl;
if ((pSacl != NULL && (ULONG_PTR)pSacl < (ULONG_PTR)DataStart) || DataStart == NULL)
DataStart = pSacl;
/* if DataSize != 0 ther must be at least one SID or ACL in the security /* if DataSize != 0 ther must be at least one SID or ACL in the security
descriptor! Also the data area must be located somewhere after the descriptor! Also the data area must be located somewhere after the
end of the SECURITY_DESCRIPTOR_RELATIVE structure */ end of the SECURITY_DESCRIPTOR_RELATIVE structure */
@ -815,28 +835,26 @@ RtlSelfRelativeToAbsoluteSD2(PISECURITY_DESCRIPTOR SelfRelativeSecurityDescripto
DataStart, DataStart,
DataSize); DataSize);
MoveDelta = (LONG)((LONG_PTR)(AbsSD + 1) - (LONG_PTR)DataStart);
/* adjust the pointers if neccessary */ /* adjust the pointers if neccessary */
if (pOwner != NULL) if (pOwner != NULL)
AbsSD->Owner = (PSID)((ULONG_PTR)pOwner + AbsSD->Owner = (PSID)((LONG_PTR)pOwner + MoveDelta);
sizeof(SECURITY_DESCRIPTOR) - sizeof(SECURITY_DESCRIPTOR_RELATIVE));
else else
AbsSD->Owner = NULL; AbsSD->Owner = NULL;
if (pGroup != NULL) if (pGroup != NULL)
AbsSD->Group = (PSID)((ULONG_PTR)pGroup + AbsSD->Group = (PSID)((LONG_PTR)pGroup + MoveDelta);
sizeof(SECURITY_DESCRIPTOR) - sizeof(SECURITY_DESCRIPTOR_RELATIVE));
else else
AbsSD->Group = NULL; AbsSD->Group = NULL;
if (pSacl != NULL) if (pSacl != NULL)
AbsSD->Sacl = (PACL)((ULONG_PTR)pSacl + AbsSD->Sacl = (PACL)((LONG_PTR)pSacl + MoveDelta);
sizeof(SECURITY_DESCRIPTOR) - sizeof(SECURITY_DESCRIPTOR_RELATIVE));
else else
AbsSD->Sacl = NULL; AbsSD->Sacl = NULL;
if (pDacl != NULL) if (pDacl != NULL)
AbsSD->Dacl = (PACL)((ULONG_PTR)pDacl + AbsSD->Dacl = (PACL)((LONG_PTR)pDacl + MoveDelta);
sizeof(SECURITY_DESCRIPTOR) - sizeof(SECURITY_DESCRIPTOR_RELATIVE));
else else
AbsSD->Dacl = NULL; AbsSD->Dacl = NULL;
} }