Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-27 09:34:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

1. fixed prototypes of NtSetSystemTime and NtQuerySystemTime and made them handle passed buffers securely

Browse source 
2. check for the SeSystemtimePrivilege privilege in NtSetSystemTime()
3. write debug messages when privileges are missing

svn path=/trunk/; revision=13235
This commit is contained in:
Thomas Bluemel 2005-01-23 23:02:19 +00:00
parent 4301549d0d
commit 7c02041548
6 changed files with 87 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
reactos/ntoskrnl/cm/ntfunc.c
View file

@ -1638,7 +1638,7 @@ NtSetValueKey(IN HANDLE KeyHandle,
KeyCell->Flags |= REG_KEY_LINK_CELL;
}
NtQuerySystemTime (&KeyCell->LastWriteTime);
ZwQuerySystemTime (&KeyCell->LastWriteTime);
CmiMarkBlockDirty (RegistryHive, KeyObject->KeyCellOffset);
ExReleaseResourceLite(&CmiRegistryLock);
@ -1683,7 +1683,7 @@ NtDeleteValueKey (IN HANDLE KeyHandle,
KeyObject->KeyCellOffset,
ValueName);
NtQuerySystemTime (&KeyObject->KeyCell->LastWriteTime);
ZwQuerySystemTime (&KeyObject->KeyCell->LastWriteTime);
CmiMarkBlockDirty (KeyObject->RegistryHive, KeyObject->KeyCellOffset);
/* Release hive lock */

1
reactos/ntoskrnl/ex/profile.c
View file

@ -178,6 +178,7 @@ NtCreateProfile(OUT PHANDLE ProfileHandle,
if(!SeSinglePrivilegeCheck(SeSystemProfilePrivilege,
PreviousMode))
{
DPRINT1("NtCreateProfile: Caller requires the SeSystemProfilePrivilege privilege!\n");
return STATUS_PRIVILEGE_NOT_HELD;
}
}

2
reactos/ntoskrnl/ex/sysinfo.c
View file

@ -154,6 +154,7 @@ NtQuerySystemEnvironmentValue (IN PUNICODE_STRING VariableName,
RtlReleaseCapturedUnicodeString(&WName,
PreviousMode,
FALSE);
DPRINT1("NtQuerySystemEnvironmentValue: Caller requires the SeSystemEnvironmentPrivilege privilege!\n");
return STATUS_PRIVILEGE_NOT_HELD;
}
@ -295,6 +296,7 @@ NtSetSystemEnvironmentValue (IN PUNICODE_STRING VariableName,
}
else
{
DPRINT1("NtSetSystemEnvironmentValue: Caller requires the SeSystemEnvironmentPrivilege privilege!\n");
Status = STATUS_PRIVILEGE_NOT_HELD;
}

109
reactos/ntoskrnl/ex/time.c
View file

@ -142,28 +142,57 @@ ExpSetTimeZoneInformation(PTIME_ZONE_INFORMATION TimeZoneInformation)
* RETURNS: Status
*/
NTSTATUS STDCALL
NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime,
OUT PLARGE_INTEGER UnsafeOldSystemTime OPTIONAL)
NtSetSystemTime(IN PLARGE_INTEGER SystemTime,
OUT PLARGE_INTEGER PreviousTime OPTIONAL)
{
LARGE_INTEGER OldSystemTime;
LARGE_INTEGER NewSystemTime;
LARGE_INTEGER LocalTime;
TIME_FIELDS TimeFields;
NTSTATUS Status;
/* FIXME: Check for SeSystemTimePrivilege */
Status = MmCopyFromCaller(&NewSystemTime, UnsafeNewSystemTime,
sizeof(NewSystemTime));
if (!NT_SUCCESS(Status))
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status = STATUS_SUCCESS;
PreviousMode = ExGetPreviousMode();
if(PreviousMode != KernelMode)
{
_SEH_TRY
{
ProbeForRead(SystemTime,
sizeof(LARGE_INTEGER),
sizeof(ULONG));
NewSystemTime = *SystemTime;
if(PreviousTime != NULL)
{
ProbeForWrite(PreviousTime,
sizeof(LARGE_INTEGER),
sizeof(ULONG));
}
}
_SEH_HANDLE
{
Status = _SEH_GetExceptionCode();
}
_SEH_END;
if(!NT_SUCCESS(Status))
{
return Status;
}
}
if(!SeSinglePrivilegeCheck(SeSystemtimePrivilege,
PreviousMode))
{
DPRINT1("NtSetSystemTime: Caller requires the SeSystemtimePrivilege privilege!\n");
return STATUS_PRIVILEGE_NOT_HELD;
}
if(PreviousTime != NULL)
{
KeQuerySystemTime(&OldSystemTime);
}
if (UnsafeOldSystemTime != NULL)
{
KeQuerySystemTime(&OldSystemTime);
}
ExSystemTimeToLocalTime(&NewSystemTime,
&LocalTime);
RtlTimeToTimeFields(&LocalTime,
@ -173,15 +202,18 @@ NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime,
/* Set system time */
KiSetSystemTime(&NewSystemTime);
if (UnsafeOldSystemTime != NULL)
if(PreviousTime != NULL)
{
_SEH_TRY
{
Status = MmCopyToCaller(UnsafeOldSystemTime, &OldSystemTime,
sizeof(OldSystemTime));
if (!NT_SUCCESS(Status))
{
return Status;
}
*PreviousTime = OldSystemTime;
}
_SEH_HANDLE
{
Status = _SEH_GetExceptionCode();
}
_SEH_END;
}
return STATUS_SUCCESS;
}
@ -194,19 +226,38 @@ NtSetSystemTime(IN PLARGE_INTEGER UnsafeNewSystemTime,
* time of day in the standard time format.
*/
NTSTATUS STDCALL
NtQuerySystemTime(OUT PLARGE_INTEGER UnsafeCurrentTime)
NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
{
LARGE_INTEGER CurrentTime;
NTSTATUS Status;
KPROCESSOR_MODE PreviousMode;
NTSTATUS Status = STATUS_SUCCESS;
KeQuerySystemTime(&CurrentTime);
Status = MmCopyToCaller(UnsafeCurrentTime, &CurrentTime,
sizeof(CurrentTime));
if (!NT_SUCCESS(Status))
PreviousMode = ExGetPreviousMode();
if(PreviousMode != KernelMode)
{
_SEH_TRY
{
return(Status);
ProbeForRead(SystemTime,
sizeof(LARGE_INTEGER),
sizeof(ULONG));
/* it's safe to pass the pointer directly to KeQuerySystemTime as it's just
a basic copy to these pointer, if it raises an exception nothing dangerous
can happen! */
KeQuerySystemTime(SystemTime);
}
return STATUS_SUCCESS;
_SEH_HANDLE
{
Status = _SEH_GetExceptionCode();
}
_SEH_END;
}
else
{
KeQuerySystemTime(SystemTime);
}
return Status;
}

2
reactos/ntoskrnl/ob/symlink.c
View file

@ -256,7 +256,7 @@ NtCreateSymbolicLinkObject(OUT PHANDLE LinkHandle,
DPRINT("DeviceName %S\n", SymbolicLink->TargetName.Buffer);
NtQuerySystemTime (&SymbolicLink->CreateTime);
ZwQuerySystemTime (&SymbolicLink->CreateTime);
DPRINT("%s() = STATUS_SUCCESS\n",__FUNCTION__);
ObDereferenceObject(SymbolicLink);

1
reactos/ntoskrnl/ps/process.c
View file

@ -1932,6 +1932,7 @@ NtSetInformationProcess(IN HANDLE ProcessHandle,
if(!SeSinglePrivilegeCheck(SeTcbPrivilege,
PreviousMode))
{
DPRINT1("NtSetInformationProcess: Caller requires the SeTcbPrivilege privilege for setting ProcessSessionInformation!\n");
/* can't set the session id, bail! */
Status = STATUS_PRIVILEGE_NOT_HELD;
break;