Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 10:02:58 +00:00
Code Issues Projects Releases Packages Wiki Activity

1. fixed RtlValidSecurityDescriptor() that attempted to validate nonexisting owner/group SID

Browse source 
2. implemented RtlValidRelativeSecurityDescriptor()

svn path=/trunk/; revision=10983
This commit is contained in:
Thomas Bluemel 2004-09-22 20:16:02 +00:00
parent c92d7b8a36
commit 594cfc6a04
1 changed files with 90 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

127
reactos/lib/rtl/sd.c
View file

@ -1,4 +1,4 @@
/* $Id: sd.c,v 1.4 2004/08/28 22:22:39 navaraf Exp $ /* $Id: sd.c,v 1.5 2004/09/22 20:16:02 weiden Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -46,17 +46,11 @@ RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
ULONG STDCALL ULONG STDCALL
RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor) RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
{ {
PSID Owner; ULONG Length = sizeof(SECURITY_DESCRIPTOR);
PSID Group;
ULONG Length;
PACL Dacl;
PACL Sacl;
Length = sizeof(SECURITY_DESCRIPTOR);
if (SecurityDescriptor->Owner != NULL) if (SecurityDescriptor->Owner != NULL)
{ {
Owner = SecurityDescriptor->Owner; PSID Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Owner = (PSID)((ULONG_PTR)Owner + Owner = (PSID)((ULONG_PTR)Owner +
@ -68,7 +62,7 @@ RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
if (SecurityDescriptor->Group != NULL) if (SecurityDescriptor->Group != NULL)
{ {
Group = SecurityDescriptor->Group; PSID Group = SecurityDescriptor->Group;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor); Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor);
@ -80,7 +74,7 @@ RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
if (SecurityDescriptor->Control & SE_DACL_PRESENT && if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
SecurityDescriptor->Dacl != NULL) SecurityDescriptor->Dacl != NULL)
{ {
Dacl = SecurityDescriptor->Dacl; PACL Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor); Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor);
@ -91,7 +85,7 @@ RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
if (SecurityDescriptor->Control & SE_SACL_PRESENT && if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
SecurityDescriptor->Sacl != NULL) SecurityDescriptor->Sacl != NULL)
{ {
Sacl = SecurityDescriptor->Sacl; PACL Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor); Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor);
@ -189,42 +183,43 @@ RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
BOOLEAN STDCALL BOOLEAN STDCALL
RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor) RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
{ {
PSID Owner;
PSID Group;
PACL Sacl;
PACL Dacl;
if (SecurityDescriptor->Revision != 1) if (SecurityDescriptor->Revision != 1)
{ {
return(FALSE); return(FALSE);
} }
Owner = SecurityDescriptor->Owner; if (SecurityDescriptor->Owner != NULL)
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Owner = (PSID)((ULONG_PTR)Owner + (ULONG_PTR)SecurityDescriptor); PSID Owner = SecurityDescriptor->Owner;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Owner = (PSID)((ULONG_PTR)Owner + (ULONG_PTR)SecurityDescriptor);
}
if (!RtlValidSid(Owner))
{
return(FALSE);
}
} }
if (!RtlValidSid(Owner)) if (SecurityDescriptor->Group != NULL)
{ {
return(FALSE); PSID Group = SecurityDescriptor->Group;
} if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{
Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor);
}
Group = SecurityDescriptor->Group; if (!RtlValidSid(Group))
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) {
{ return(FALSE);
Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor); }
}
if (!RtlValidSid(Group))
{
return(FALSE);
} }
if (SecurityDescriptor->Control & SE_DACL_PRESENT && if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
SecurityDescriptor->Dacl != NULL) SecurityDescriptor->Dacl != NULL)
{ {
Dacl = SecurityDescriptor->Dacl; PACL Dacl = SecurityDescriptor->Dacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor); Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor);
@ -239,7 +234,7 @@ RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
if (SecurityDescriptor->Control & SE_SACL_PRESENT && if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
SecurityDescriptor->Sacl != NULL) SecurityDescriptor->Sacl != NULL)
{ {
Sacl = SecurityDescriptor->Sacl; PACL Sacl = SecurityDescriptor->Sacl;
if (SecurityDescriptor->Control & SE_SELF_RELATIVE) if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
{ {
Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor); Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor);
@ -768,7 +763,7 @@ RtlSelfRelativeToAbsoluteSD2(
} }
/* /*
* @unimplemented * @implemented
*/ */
BOOLEAN BOOLEAN
STDCALL STDCALL
@ -778,8 +773,66 @@ RtlValidRelativeSecurityDescriptor (
IN SECURITY_INFORMATION RequiredInformation IN SECURITY_INFORMATION RequiredInformation
) )
{ {
UNIMPLEMENTED; if (SecurityDescriptorLength < sizeof(SECURITY_DESCRIPTOR) ||
return FALSE; SecurityDescriptorInput->Revision != 1 ||
!(SecurityDescriptorInput->Control & SE_SELF_RELATIVE))
{
return(FALSE);
}
if (SecurityDescriptorInput->Owner != NULL)
{
PSID Owner = (PSID)((ULONG_PTR)SecurityDescriptorInput->Owner + (ULONG_PTR)SecurityDescriptorInput);
if (!RtlValidSid(Owner))
{
return(FALSE);
}
}
else if (RequiredInformation & OWNER_SECURITY_INFORMATION)
{
return(FALSE);
}
if (SecurityDescriptorInput->Group != NULL)
{
PSID Group = (PSID)((ULONG_PTR)SecurityDescriptorInput->Group + (ULONG_PTR)SecurityDescriptorInput);
if (!RtlValidSid(Group))
{
return(FALSE);
}
}
else if (RequiredInformation & GROUP_SECURITY_INFORMATION)
{
return(FALSE);
}
if (SecurityDescriptorInput->Control & SE_DACL_PRESENT)
{
if (SecurityDescriptorInput->Dacl != NULL &&
!RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Dacl + (ULONG_PTR)SecurityDescriptorInput)))
{
return(FALSE);
}
}
else if (RequiredInformation & DACL_SECURITY_INFORMATION)
{
return(FALSE);
}
if (SecurityDescriptorInput->Control & SE_SACL_PRESENT)
{
if (SecurityDescriptorInput->Sacl != NULL &&
!RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Sacl + (ULONG_PTR)SecurityDescriptorInput)))
{
return(FALSE);
}
}
else if (RequiredInformation & SACL_SECURITY_INFORMATION)
{
return(FALSE);
}
return(TRUE);
} }