Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-06-05 09:20:30 +00:00
Code Issues Projects Releases Packages Wiki Activity

[FORMATTING]

Browse source 
No code changes.

svn path=/trunk/; revision=47428
This commit is contained in:
Eric Kohl 2010-05-29 20:40:28 +00:00
parent fa9cd08b02
commit 6af485d3aa
3 changed files with 101 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
reactos/lib/rtl/process.c
View file

@ -43,7 +43,7 @@ RtlpMapFile(PUNICODE_STRING ImageFileName,
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to read image file from disk\n");
return(Status);
return Status;
}
/* Now create a section for this image */
@ -94,7 +94,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to reserve 1MB of space \n");
return(Status);
return Status;
}
}
@ -118,7 +118,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to allocate Environment Block\n");
return(Status);
return Status;
}
/* Write the Environment Block */
@ -144,7 +144,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to allocate Parameter Block\n");
return(Status);
return Status;
}
/* Write the Parameter Block */
@ -245,7 +245,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
{
DPRINT1("Could not create Kernel Process Object\n");
ZwClose(hSection);
return(Status);
return Status;
}
/* Get some information on the image */
@ -259,7 +259,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
DPRINT1("Could not query Section Info\n");
ZwClose(ProcessInfo->ProcessHandle);
ZwClose(hSection);
return(Status);
return Status;
}
/* Get some information about the process */
@ -273,7 +273,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
DPRINT1("Could not query Process Info\n");
ZwClose(ProcessInfo->ProcessHandle);
ZwClose(hSection);
return(Status);
return Status;
}
/* Create Process Environment */
@ -312,22 +312,21 @@ PVOID
NTAPI
RtlEncodePointer(IN PVOID Pointer)
{
ULONG Cookie;
NTSTATUS Status;
ULONG Cookie;
NTSTATUS Status;
Status = ZwQueryInformationProcess(NtCurrentProcess(),
ProcessCookie,
&Cookie,
sizeof(Cookie),
NULL);
Status = ZwQueryInformationProcess(NtCurrentProcess(),
ProcessCookie,
&Cookie,
sizeof(Cookie),
NULL);
if(!NT_SUCCESS(Status))
{
DPRINT1("Failed to receive the process cookie! Status: 0x%lx\n", Status);
return Pointer;
}
if(!NT_SUCCESS(Status))
{
DPRINT1("Failed to receive the process cookie! Status: 0x%lx\n", Status);
return Pointer;
}
return (PVOID)((ULONG_PTR)Pointer ^ Cookie);
return (PVOID)((ULONG_PTR)Pointer ^ Cookie);
}
/*
@ -337,7 +336,7 @@ PVOID
NTAPI
RtlDecodePointer(IN PVOID Pointer)
{
return RtlEncodePointer(Pointer);
return RtlEncodePointer(Pointer);
}
/*

104
reactos/ntoskrnl/se/sd.c
View file

@ -249,9 +249,11 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes OPTIO
if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
sizeof(SECURITY_QUALITY_OF_SERVICE))
{
/* don't allocate memory here because ExAllocate should bugcheck
the system if it's buggy, SEH would catch that! So make a local
copy of the qos structure.*/
/*
* Don't allocate memory here because ExAllocate should bugcheck
* the system if it's buggy, SEH would catch that! So make a local
* copy of the qos structure.
*/
RtlCopyMemory(&SafeQos,
ObjectAttributes->SecurityQualityOfService,
sizeof(SECURITY_QUALITY_OF_SERVICE));
@ -407,8 +409,10 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
_SEH2_TRY
{
/* first only probe and copy until the control field of the descriptor
to determine whether it's a self-relative descriptor */
/*
* First only probe and copy until the control field of the descriptor
* to determine whether it's a self-relative descriptor
*/
DescriptorSize = FIELD_OFFSET(SECURITY_DESCRIPTOR,
Owner);
ProbeForRead(OriginalSecurityDescriptor,
@ -420,22 +424,24 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
_SEH2_YIELD(return STATUS_UNKNOWN_REVISION);
}
/* make a copy on the stack */
/* Make a copy on the stack */
DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
DescriptorSize = ((DescriptorCopy.Control & SE_SELF_RELATIVE) ?
sizeof(SECURITY_DESCRIPTOR_RELATIVE) : sizeof(SECURITY_DESCRIPTOR));
/* probe and copy the entire security descriptor structure. The SIDs
and ACLs will be probed and copied later though */
/*
* Probe and copy the entire security descriptor structure. The SIDs
* and ACLs will be probed and copied later though
*/
ProbeForRead(OriginalSecurityDescriptor,
DescriptorSize,
sizeof(ULONG));
if (DescriptorCopy.Control & SE_SELF_RELATIVE)
{
PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
DescriptorCopy.Owner = (PSID)RelSD->Owner;
DescriptorCopy.Group = (PSID)RelSD->Group;
DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
@ -468,12 +474,12 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
}
else
{
if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
if (OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
{
return STATUS_UNKNOWN_REVISION;
}
/* make a copy on the stack */
/* Make a copy on the stack */
DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
@ -482,7 +488,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
if (DescriptorCopy.Control & SE_SELF_RELATIVE)
{
PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
DescriptorCopy.Owner = (PSID)RelSD->Owner;
DescriptorCopy.Group = (PSID)RelSD->Group;
DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
@ -499,9 +505,11 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
if (DescriptorCopy.Control & SE_SELF_RELATIVE)
{
/* in case we're dealing with a self-relative descriptor, do a basic convert
to an absolute descriptor. We do this so we can simply access the data
using the pointers without calculating them again. */
/*
* In case we're dealing with a self-relative descriptor, do a basic convert
* to an absolute descriptor. We do this so we can simply access the data
* using the pointers without calculating them again.
*/
DescriptorCopy.Control &= ~SE_SELF_RELATIVE;
if (DescriptorCopy.Owner != NULL)
{
@ -521,7 +529,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
}
}
/* determine the size of the SIDs */
/* Determine the size of the SIDs */
#define DetermineSIDSize(SidType) \
do { \
if(DescriptorCopy.SidType != NULL) \
@ -530,7 +538,7 @@ SID *SidType = (SID*)DescriptorCopy.SidType; \
\
if(CurrentMode != KernelMode) \
{ \
/* securely access the buffers! */ \
/* Securely access the buffers! */ \
_SEH2_TRY \
{ \
SidType##SAC = ProbeForReadUchar(&SidType->SubAuthorityCount); \
@ -561,7 +569,7 @@ DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG)); \
#undef DetermineSIDSize
/* determine the size of the ACLs */
/* Determine the size of the ACLs */
#define DetermineACLSize(AclType, AclFlag) \
do { \
if((DescriptorCopy.Control & SE_##AclFlag##_PRESENT) && \
@ -571,7 +579,7 @@ PACL AclType = (PACL)DescriptorCopy.AclType; \
\
if(CurrentMode != KernelMode) \
{ \
/* securely access the buffers! */ \
/* Securely access the buffers! */ \
_SEH2_TRY \
{ \
AclType##Size = ProbeForReadUshort(&AclType->AclSize); \
@ -604,27 +612,31 @@ DescriptorCopy.AclType = NULL; \
#undef DetermineACLSize
/* allocate enough memory to store a complete copy of a self-relative
security descriptor */
/*
* Allocate enough memory to store a complete copy of a self-relative
* security descriptor
*/
NewDescriptor = ExAllocatePoolWithTag(PoolType,
DescriptorSize,
TAG_SD);
if(NewDescriptor != NULL)
if (NewDescriptor != NULL)
{
ULONG_PTR Offset = sizeof(SECURITY_DESCRIPTOR);
RtlZeroMemory(NewDescriptor, DescriptorSize);
NewDescriptor->Revision = DescriptorCopy.Revision;
NewDescriptor->Sbz1 = DescriptorCopy.Sbz1;
NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE;
_SEH2_TRY
{
/* setup the offsets and copy the SIDs and ACLs to the new
self-relative security descriptor. Probing the pointers is not
neccessary anymore as we did that when collecting the sizes!
Make sure to validate the SIDs and ACLs *again* as they could have
been modified in the meanwhile! */
/*
* Setup the offsets and copy the SIDs and ACLs to the new
* self-relative security descriptor. Probing the pointers is not
* neccessary anymore as we did that when collecting the sizes!
* Make sure to validate the SIDs and ACLs *again* as they could have
* been modified in the meanwhile!
*/
#define CopySID(Type) \
do { \
if(DescriptorCopy.Type != NULL) \
@ -673,14 +685,16 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* we failed to copy the data to the new descriptor */
/* We failed to copy the data to the new descriptor */
ExFreePool(NewDescriptor);
_SEH2_YIELD(return _SEH2_GetExceptionCode());
}
_SEH2_END;
/* we're finally done! copy the pointer to the captured descriptor to
to the caller */
/*
* We're finally done!
* Copy the pointer to the captured descriptor to to the caller.
*/
*CapturedSecurityDescriptor = NewDescriptor;
return STATUS_SUCCESS;
}
@ -691,7 +705,7 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG)); \
}
else
{
/* nothing to do... */
/* Nothing to do... */
*CapturedSecurityDescriptor = NULL;
}
@ -765,6 +779,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
Dacl = (PACL)((ULONG_PTR)ObjectSd->Dacl + (ULONG_PTR)ObjectSd);
DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
}
Control |= (ObjectSd->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
}
@ -776,6 +791,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
Sacl = (PACL)((ULONG_PTR)ObjectSd->Sacl + (ULONG_PTR)ObjectSd);
SaclLength = ROUND_UP(Sacl->AclSize, 4);
}
Control |= (ObjectSd->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
}
@ -846,14 +862,16 @@ SeReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
{
PAGED_CODE();
/* WARNING! You need to call this function with the same value for CurrentMode
and CaptureIfKernelMode that you previously passed to
SeCaptureSecurityDescriptor() in order to avoid memory leaks! */
if(CapturedSecurityDescriptor != NULL &&
(CurrentMode != KernelMode ||
(CurrentMode == KernelMode && CaptureIfKernelMode)))
/*
* WARNING! You need to call this function with the same value for CurrentMode
* and CaptureIfKernelMode that you previously passed to
* SeCaptureSecurityDescriptor() in order to avoid memory leaks!
*/
if (CapturedSecurityDescriptor != NULL &&
(CurrentMode != KernelMode ||
(CurrentMode == KernelMode && CaptureIfKernelMode)))
{
/* only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */
/* Only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */
ExFreePoolWithTag(CapturedSecurityDescriptor, TAG_SD);
}
@ -888,8 +906,9 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
ObjectSd = *ObjectsSecurityDescriptor;
/* The object does not have a security descriptor. */
if (!ObjectSd)
return STATUS_NO_SECURITY_ON_OBJECT; // The object does not have a security descriptor.
return STATUS_NO_SECURITY_ON_OBJECT;
SecurityInformation = *_SecurityInformation;
@ -1074,8 +1093,9 @@ SeSetSecurityDescriptorInfoEx(IN PVOID Object OPTIONAL,
{
PISECURITY_DESCRIPTOR ObjectSd = *ObjectsSecurityDescriptor;
/* The object does not have a security descriptor. */
if (!ObjectSd)
return STATUS_NO_SECURITY_ON_OBJECT; // The object does not have a security descriptor.
return STATUS_NO_SECURITY_ON_OBJECT;
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;

34
reactos/ntoskrnl/se/token.c
View file

@ -790,10 +790,10 @@ SepCreateSystemProcessToken(VOID)
Privileges[i].Attributes = 0;
Privileges[i++].Luid = SeTakeOwnershipPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeCreatePagefilePrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeLockMemoryPrivilege;
Privileges[i].Attributes = 0;
@ -802,16 +802,16 @@ SepCreateSystemProcessToken(VOID)
Privileges[i].Attributes = 0;
Privileges[i++].Luid = SeIncreaseQuotaPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeIncreaseBasePriorityPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeCreatePermanentPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeDebugPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeAuditPrivilege;
Privileges[i].Attributes = 0;
@ -820,7 +820,7 @@ SepCreateSystemProcessToken(VOID)
Privileges[i].Attributes = 0;
Privileges[i++].Luid = SeSystemEnvironmentPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeChangeNotifyPrivilege;
Privileges[i].Attributes = 0;
@ -835,7 +835,7 @@ SepCreateSystemProcessToken(VOID)
Privileges[i].Attributes = 0;
Privileges[i++].Luid = SeLoadDriverPrivilege;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
Privileges[i++].Luid = SeProfileSingleProcessPrivilege;
Privileges[i].Attributes = 0;
@ -1709,7 +1709,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
{
PACL CapturedAcl;
/* capture and copy the dacl */
/* Capture and copy the dacl */
Status = SepCaptureAcl(InputAcl,
PreviousMode,
PagedPool,
@ -1717,19 +1717,19 @@ NtSetInformationToken(IN HANDLE TokenHandle,
&CapturedAcl);
if (NT_SUCCESS(Status))
{
/* free the previous dacl if present */
/* Free the previous dacl if present */
if(Token->DefaultDacl != NULL)
{
ExFreePool(Token->DefaultDacl);
}
/* set the new dacl */
/* Set the new dacl */
Token->DefaultDacl = CapturedAcl;
}
}
else
{
/* clear and free the default dacl if present */
/* Clear and free the default dacl if present */
if (Token->DefaultDacl != NULL)
{
ExFreePool(Token->DefaultDacl);
@ -1750,7 +1750,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
_SEH2_TRY
{
/* buffer size was already verified, no need to check here again */
/* Buffer size was already verified, no need to check here again */
SessionId = *(PULONG)TokenInformation;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
@ -1880,7 +1880,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
}
}
/* free the captured structure */
/* Free the captured structure */
SepReleaseSecurityQualityOfService(CapturedSecurityQualityOfService,
PreviousMode,
FALSE);
@ -1997,7 +1997,8 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
}
else
{
/* FIXME: Should revert all the changes, calculate how
/*
* FIXME: Should revert all the changes, calculate how
* much space would be needed, set ResultLength
* accordingly and fail.
*/
@ -2044,7 +2045,8 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
}
else
{
/* FIXME: Should revert all the changes, calculate how
/*
* FIXME: Should revert all the changes, calculate how
* much space would be needed, set ResultLength
* accordingly and fail.
*/