From 7eefe702949da68e49c4365d466c5373099c3b1f Mon Sep 17 00:00:00 2001 From: Pierre Schweitzer Date: Sun, 12 Nov 2017 22:26:18 +0100 Subject: [PATCH] [NTOSKRNL] Implement IoComputeDesiredAccessFileObject() based on checks performed in NtFlushBuffersFile() CORE-14003 --- ntoskrnl/include/internal/io.h | 7 +++++++ ntoskrnl/io/iomgr/util.c | 27 +++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/ntoskrnl/include/internal/io.h b/ntoskrnl/include/internal/io.h index 54a46906db1..2a4c62f42d1 100644 --- a/ntoskrnl/include/internal/io.h +++ b/ntoskrnl/include/internal/io.h @@ -1230,6 +1230,13 @@ IopDoNameTransmogrify( IN PREPARSE_DATA_BUFFER DataBuffer ); +NTSTATUS +NTAPI +IoComputeDesiredAccessFileObject( + IN PFILE_OBJECT FileObject, + IN PACCESS_MASK DesiredAccess +); + // // I/O Timer Routines // diff --git a/ntoskrnl/io/iomgr/util.c b/ntoskrnl/io/iomgr/util.c index 14bfafda7c3..7329dbf8f10 100644 --- a/ntoskrnl/io/iomgr/util.c +++ b/ntoskrnl/io/iomgr/util.c @@ -19,6 +19,33 @@ NTAPI RtlpGetStackLimits(PULONG_PTR StackBase, PULONG_PTR StackLimit); +/* PRIVATE FUNCTIONS *********************************************************/ + +NTSTATUS +NTAPI +IoComputeDesiredAccessFileObject(IN PFILE_OBJECT FileObject, + IN PACCESS_MASK DesiredAccess) +{ + /* Assume failure */ + *DesiredAccess = 0; + + /* First check we really have a FileObject */ + if (OBJECT_TO_OBJECT_HEADER(FileObject)->Type != IoFileObjectType) + { + return STATUS_OBJECT_TYPE_MISMATCH; + } + + /* Then compute desired access: + * Check if the handle has either FILE_WRITE_DATA or FILE_APPEND_DATA was + * granted. However, if this is a named pipe, make sure we don't ask for + * FILE_APPEND_DATA as it interferes with the FILE_CREATE_PIPE_INSTANCE + * access right! + */ + *DesiredAccess = ((!(FileObject->Flags & FO_NAMED_PIPE) ? FILE_APPEND_DATA : 0) | FILE_WRITE_DATA); + + return STATUS_SUCCESS; +} + /* FUNCTIONS *****************************************************************/ /*