diff --git a/ntoskrnl/se/sid.c b/ntoskrnl/se/sid.c index 557447f539f..033d322d708 100644 --- a/ntoskrnl/se/sid.c +++ b/ntoskrnl/se/sid.c @@ -580,51 +580,41 @@ SepGetSidFromAce( _In_ UCHAR AceType, _In_ PACE Ace) { - PSID Sid; + PULONG Flags; + ULONG GuidSize = 0; + PSID Sid = NULL; PAGED_CODE(); /* Sanity check */ ASSERT(Ace); - /* Initialize the SID */ - Sid = NULL; - /* Obtain the SID based upon ACE type */ switch (AceType) { case ACCESS_DENIED_ACE_TYPE: - { - Sid = (PSID)&((PACCESS_DENIED_ACE)Ace)->SidStart; - break; - } - case ACCESS_ALLOWED_ACE_TYPE: + case SYSTEM_AUDIT_ACE_TYPE: + case SYSTEM_ALARM_ACE_TYPE: { - Sid = (PSID)&((PACCESS_ALLOWED_ACE)Ace)->SidStart; + Sid = (PSID)&((PKNOWN_ACE)Ace)->SidStart; break; } case ACCESS_DENIED_OBJECT_ACE_TYPE: - { - Sid = (PSID)&((PACCESS_DENIED_OBJECT_ACE)Ace)->SidStart; - break; - } - case ACCESS_ALLOWED_OBJECT_ACE_TYPE: { - Sid = (PSID)&((PACCESS_ALLOWED_OBJECT_ACE)Ace)->SidStart; - break; - } + Flags = (PULONG)&((PKNOWN_OBJECT_ACE)Ace)->Flags; + if (*Flags & ACE_OBJECT_TYPE_PRESENT) + { + GuidSize += sizeof(GUID); + } - case SYSTEM_AUDIT_ACE_TYPE: - { - Sid = (PSID)&((PSYSTEM_AUDIT_ACE)Ace)->SidStart; - break; - } + if (*Flags & ACE_INHERITED_OBJECT_TYPE_PRESENT) + { + GuidSize += sizeof(GUID); + } - case SYSTEM_ALARM_ACE_TYPE: - { - Sid = (PSID)&((PSYSTEM_ALARM_ACE)Ace)->SidStart; + Sid = (PSID)((ULONG_PTR)&((PKNOWN_OBJECT_ACE)Ace)->SidStart + GuidSize); break; } diff --git a/sdk/include/xdk/setypes.h b/sdk/include/xdk/setypes.h index a46e4295274..0a538747bda 100644 --- a/sdk/include/xdk/setypes.h +++ b/sdk/include/xdk/setypes.h @@ -801,6 +801,10 @@ typedef struct _SYSTEM_MANDATORY_LABEL_ACE { $ULONG SidStart; } SYSTEM_MANDATORY_LABEL_ACE, *PSYSTEM_MANDATORY_LABEL_ACE; +/* Object ACE flags */ +#define ACE_OBJECT_TYPE_PRESENT 0x00000001 +#define ACE_INHERITED_OBJECT_TYPE_PRESENT 0x00000002 + #define SYSTEM_MANDATORY_LABEL_NO_WRITE_UP 0x1 #define SYSTEM_MANDATORY_LABEL_NO_READ_UP 0x2 #define SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP 0x4