Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-01 02:10:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

[NTOSKRNL] Use the appropriated security descriptor when creating a device

Browse source 
CORE-9176
This commit is contained in:
Pierre Schweitzer 2018-12-04 19:12:06 +01:00
parent 36c38c45ee
commit 73e7a5d474
No known key found for this signature in database
GPG key ID: 7545556C3D585B0B
1 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
ntoskrnl/io/iomgr/device.c
View file

@ -1045,6 +1045,8 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
ULONG AlignedDeviceExtensionSize; ULONG AlignedDeviceExtensionSize;
ULONG TotalSize; ULONG TotalSize;
HANDLE TempHandle; HANDLE TempHandle;
PACL Dacl;
SECURITY_DESCRIPTOR SecurityDescriptor, *ReturnedSD;
PAGED_CODE(); PAGED_CODE();
/* Check if we have to generate a name */ /* Check if we have to generate a name */
@ -1060,12 +1062,20 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
DeviceName = &AutoName; DeviceName = &AutoName;
} }
/* Get the security descriptor */
ReturnedSD = IopCreateDefaultDeviceSecurityDescriptor(DeviceType,
DeviceCharacteristics,
DeviceName != NULL,
&SecurityDescriptor,
&Dacl,
NULL);
/* Initialize the Object Attributes */ /* Initialize the Object Attributes */
InitializeObjectAttributes(&ObjectAttributes, InitializeObjectAttributes(&ObjectAttributes,
DeviceName, DeviceName,
OBJ_KERNEL_HANDLE, OBJ_KERNEL_HANDLE,
NULL, NULL,
SePublicOpenUnrestrictedSd); ReturnedSD);
/* Honor exclusive flag */ /* Honor exclusive flag */
if (Exclusive) ObjectAttributes.Attributes |= OBJ_EXCLUSIVE; if (Exclusive) ObjectAttributes.Attributes |= OBJ_EXCLUSIVE;
@ -1092,7 +1102,12 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
0, 0,
0, 0,
(PVOID*)&CreatedDeviceObject); (PVOID*)&CreatedDeviceObject);
if (!NT_SUCCESS(Status)) return Status; if (!NT_SUCCESS(Status))
{
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
return Status;
}
/* Clear the whole Object and extension so we don't null stuff manually */ /* Clear the whole Object and extension so we don't null stuff manually */
RtlZeroMemory(CreatedDeviceObject, TotalSize); RtlZeroMemory(CreatedDeviceObject, TotalSize);
@ -1144,6 +1159,8 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
Status = IopCreateVpb(CreatedDeviceObject); Status = IopCreateVpb(CreatedDeviceObject);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
/* Dereference the device object and fail */ /* Dereference the device object and fail */
ObDereferenceObject(CreatedDeviceObject); ObDereferenceObject(CreatedDeviceObject);
return Status; return Status;
@ -1197,7 +1214,12 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
1, 1,
(PVOID*)&CreatedDeviceObject, (PVOID*)&CreatedDeviceObject,
&TempHandle); &TempHandle);
if (!NT_SUCCESS(Status)) return Status; if (!NT_SUCCESS(Status))
{
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
return Status;
}
/* Now do the final linking */ /* Now do the final linking */
ObReferenceObject(DriverObject); ObReferenceObject(DriverObject);
@ -1211,6 +1233,9 @@ IoCreateDevice(IN PDRIVER_OBJECT DriverObject,
/* Close the temporary handle and return to caller */ /* Close the temporary handle and return to caller */
ObCloseHandle(TempHandle, KernelMode); ObCloseHandle(TempHandle, KernelMode);
*DeviceObject = CreatedDeviceObject; *DeviceObject = CreatedDeviceObject;
if (Dacl != NULL) ExFreePoolWithTag(Dacl, 'eSoI');
return STATUS_SUCCESS; return STATUS_SUCCESS;
} }