mirror of
https://github.com/reactos/reactos.git
synced 2024-10-01 06:57:08 +00:00
[NTOS:CM]
- Return a valid security descriptor for keys, even though it's hacked. Based on code removed in r26704. CORE-8382 #resolve #comment Fixed, now we fail with E_FAIL instead. Hurray. svn path=/trunk/; revision=63777
This commit is contained in:
parent
0e1dff05eb
commit
602fd06fa1
|
@ -137,6 +137,74 @@ CmpHiveRootSecurityDescriptor(VOID)
|
||||||
return SecurityDescriptor;
|
return SecurityDescriptor;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
NTSTATUS
|
||||||
|
CmpQuerySecurityDescriptor(IN PCM_KEY_BODY KeyBody,
|
||||||
|
IN SECURITY_INFORMATION SecurityInformation,
|
||||||
|
OUT PSECURITY_DESCRIPTOR SecurityDescriptor,
|
||||||
|
IN OUT PULONG BufferLength)
|
||||||
|
{
|
||||||
|
PISECURITY_DESCRIPTOR_RELATIVE RelSd;
|
||||||
|
PUCHAR Current;
|
||||||
|
ULONG SidSize;
|
||||||
|
ULONG SdSize;
|
||||||
|
NTSTATUS Status;
|
||||||
|
|
||||||
|
DBG_UNREFERENCED_PARAMETER(KeyBody);
|
||||||
|
|
||||||
|
if (SecurityInformation == 0)
|
||||||
|
{
|
||||||
|
return STATUS_ACCESS_DENIED;
|
||||||
|
}
|
||||||
|
|
||||||
|
SidSize = RtlLengthSid(SeWorldSid);
|
||||||
|
SdSize = sizeof(*RelSd) + 2 * SidSize;
|
||||||
|
RelSd = SecurityDescriptor;
|
||||||
|
|
||||||
|
if (*BufferLength < SdSize)
|
||||||
|
{
|
||||||
|
*BufferLength = SdSize;
|
||||||
|
return STATUS_BUFFER_TOO_SMALL;
|
||||||
|
}
|
||||||
|
|
||||||
|
*BufferLength = SdSize;
|
||||||
|
|
||||||
|
Status = RtlCreateSecurityDescriptorRelative(RelSd,
|
||||||
|
SECURITY_DESCRIPTOR_REVISION);
|
||||||
|
if (!NT_SUCCESS(Status))
|
||||||
|
return Status;
|
||||||
|
|
||||||
|
Current = (PUCHAR)(RelSd + 1);
|
||||||
|
ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
|
||||||
|
|
||||||
|
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
RtlCopyMemory(Current, SeWorldSid, SidSize);
|
||||||
|
RelSd->Owner = Current - (PUCHAR)RelSd;
|
||||||
|
Current += SidSize;
|
||||||
|
ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
RtlCopyMemory(Current, SeWorldSid, SidSize);
|
||||||
|
RelSd->Group = Current - (PUCHAR)RelSd;
|
||||||
|
Current += SidSize;
|
||||||
|
ASSERT((ULONG_PTR)Current - (ULONG_PTR)RelSd <= SdSize);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & DACL_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
RelSd->Control |= SE_DACL_PRESENT;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SecurityInformation & SACL_SECURITY_INFORMATION)
|
||||||
|
{
|
||||||
|
RelSd->Control |= SE_SACL_PRESENT;
|
||||||
|
}
|
||||||
|
|
||||||
|
return STATUS_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
NTSTATUS
|
NTSTATUS
|
||||||
NTAPI
|
NTAPI
|
||||||
CmpSecurityMethod(IN PVOID ObjectBody,
|
CmpSecurityMethod(IN PVOID ObjectBody,
|
||||||
|
@ -148,6 +216,38 @@ CmpSecurityMethod(IN PVOID ObjectBody,
|
||||||
IN POOL_TYPE PoolType,
|
IN POOL_TYPE PoolType,
|
||||||
IN PGENERIC_MAPPING GenericMapping)
|
IN PGENERIC_MAPPING GenericMapping)
|
||||||
{
|
{
|
||||||
|
DBG_UNREFERENCED_PARAMETER(OldSecurityDescriptor);
|
||||||
|
DBG_UNREFERENCED_PARAMETER(GenericMapping);
|
||||||
|
|
||||||
|
switch (OperationCode)
|
||||||
|
{
|
||||||
|
case SetSecurityDescriptor:
|
||||||
|
DPRINT("Set security descriptor\n");
|
||||||
|
ASSERT((PoolType == PagedPool) || (PoolType == NonPagedPool));
|
||||||
|
/* HACK */
|
||||||
|
break;
|
||||||
|
|
||||||
|
case QuerySecurityDescriptor:
|
||||||
|
DPRINT("Query security descriptor\n");
|
||||||
|
return CmpQuerySecurityDescriptor(ObjectBody,
|
||||||
|
*SecurityInformation,
|
||||||
|
SecurityDescriptor,
|
||||||
|
BufferLength);
|
||||||
|
|
||||||
|
case DeleteSecurityDescriptor:
|
||||||
|
DPRINT("Delete security descriptor\n");
|
||||||
|
/* HACK */
|
||||||
|
break;
|
||||||
|
|
||||||
|
case AssignSecurityDescriptor:
|
||||||
|
DPRINT("Assign security descriptor\n");
|
||||||
|
/* HACK */
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
KeBugCheckEx(SECURITY_SYSTEM, 0, STATUS_INVALID_PARAMETER, 0, 0);
|
||||||
|
}
|
||||||
|
|
||||||
/* HACK */
|
/* HACK */
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue