Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-31 19:42:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SAMSRV] Fix usage of self-relative security descriptor in SamrQuerySecurityObject

Browse source 
Fixes crash of netapi32_winetest access
This commit is contained in:
Timo Kreuzer 2023-09-20 11:48:49 +03:00
parent df053d4e43
commit 5127433416
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
dll/win32/samsrv/samrpc.c
View file

@ -332,7 +332,7 @@ SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
{ {
PSAM_DB_OBJECT SamObject; PSAM_DB_OBJECT SamObject;
PSAMPR_SR_SECURITY_DESCRIPTOR SdData = NULL; PSAMPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
PSECURITY_DESCRIPTOR RelativeSd = NULL; PISECURITY_DESCRIPTOR_RELATIVE RelativeSd = NULL;
PSECURITY_DESCRIPTOR ResultSd = NULL; PSECURITY_DESCRIPTOR ResultSd = NULL;
ACCESS_MASK DesiredAccess = 0; ACCESS_MASK DesiredAccess = 0;
ULONG RelativeSdSize = 0; ULONG RelativeSdSize = 0;
@ -397,16 +397,16 @@ SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
/* Invalidate the SD information that was not requested */ /* Invalidate the SD information that was not requested */
if (!(SecurityInformation & OWNER_SECURITY_INFORMATION)) if (!(SecurityInformation & OWNER_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL; RelativeSd->Owner = 0;
if (!(SecurityInformation & GROUP_SECURITY_INFORMATION)) if (!(SecurityInformation & GROUP_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL; RelativeSd->Group = 0;
if (!(SecurityInformation & DACL_SECURITY_INFORMATION)) if (!(SecurityInformation & DACL_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_DACL_PRESENT; RelativeSd->Control &= ~SE_DACL_PRESENT;
if (!(SecurityInformation & SACL_SECURITY_INFORMATION)) if (!(SecurityInformation & SACL_SECURITY_INFORMATION))
((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_SACL_PRESENT; RelativeSd->Control &= ~SE_SACL_PRESENT;
/* Calculate the required SD size */ /* Calculate the required SD size */
Status = RtlMakeSelfRelativeSD(RelativeSd, Status = RtlMakeSelfRelativeSD(RelativeSd,
@ -439,7 +439,7 @@ SamrQuerySecurityObject(IN SAMPR_HANDLE ObjectHandle,
} }
/* Fill the SD data buffer and return it to the caller */ /* Fill the SD data buffer and return it to the caller */
SdData->Length = RelativeSdSize; SdData->Length = ResultSdSize;
SdData->SecurityDescriptor = (PBYTE)ResultSd; SdData->SecurityDescriptor = (PBYTE)ResultSd;
*SecurityDescriptor = SdData; *SecurityDescriptor = SdData;