Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 22:05:49 +00:00
Code Issues Projects Releases Packages Wiki Activity

[MSV1_0] Improve LogonUserEx2 (#2356)

Browse source 
- Improve traces, using %wZ for UNICODE_STRING;
- Fix UNICODE_STRING validation.
This commit is contained in:
Andreas Maier 2020-02-16 16:55:31 +01:00 committed by GitHub
parent 00a47324f2
commit 8b0cfa1d3c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

21
dll/win32/msv1_0/msv1_0.c
View file

@ -1244,9 +1244,6 @@ LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
/* Fix-up pointers in the authentication info */
PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
Status = RtlValidateUnicodeString(0, &LogonInfo->LogonDomainName);
if (!NT_SUCCESS(Status))
return STATUS_INVALID_PARAMETER;
/* LogonDomainName is optional and can be an empty string */
if (LogonInfo->LogonDomainName.Length)
{
@ -1259,16 +1256,16 @@ LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
LogonInfo->LogonDomainName.Buffer = NULL;
LogonInfo->LogonDomainName.MaximumLength = 0;
}
Status = RtlValidateUnicodeString(0, &LogonInfo->UserName);
Status = RtlValidateUnicodeString(0, &LogonInfo->LogonDomainName);
if (!NT_SUCCESS(Status))
return STATUS_INVALID_PARAMETER;
/* UserName is mandatory and cannot be an empty string */
// TODO: Check for Buffer limits wrt. ClientBufferBase and alignment.
LogonInfo->UserName.Buffer = FIXUP_POINTER(LogonInfo->UserName.Buffer, PtrOffset);
LogonInfo->UserName.MaximumLength = LogonInfo->UserName.Length;
Status = RtlValidateUnicodeString(0, &LogonInfo->Password);
Status = RtlValidateUnicodeString(0, &LogonInfo->UserName);
if (!NT_SUCCESS(Status))
return STATUS_INVALID_PARAMETER;
/* Password is optional and can be an empty string */
@ -1284,9 +1281,13 @@ LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
LogonInfo->Password.MaximumLength = 0;
}
TRACE("Domain: %S\n", LogonInfo->LogonDomainName.Buffer);
TRACE("User: %S\n", LogonInfo->UserName.Buffer);
TRACE("Password: %S\n", LogonInfo->Password.Buffer);
Status = RtlValidateUnicodeString(0, &LogonInfo->Password);
if (!NT_SUCCESS(Status))
return STATUS_INVALID_PARAMETER;
TRACE("Domain: %wZ\n", &LogonInfo->LogonDomainName);
TRACE("User: %wZ\n", &LogonInfo->UserName);
TRACE("Password: %wZ\n", &LogonInfo->Password);
// TODO: If LogonType == Service, do some extra work using LogonInfo->Password.
}
@ -1442,7 +1443,7 @@ LsaApLogonUserEx2(IN PLSA_CLIENT_REQUEST ClientRequest,
goto done;
}
TRACE("UserName: %S\n", UserInfo->All.UserName.Buffer);
TRACE("UserName: %wZ\n", &UserInfo->All.UserName);
/* Check the password */
if ((UserInfo->All.UserAccountControl & USER_PASSWORD_NOT_REQUIRED) == 0)