- Fix ObReferenceObjectByName and ObOpenObjectByName not to blissfully ignore the AccessState and ParseContext parameters.

- Change ObFindObject's prototype to be able to accomodate these two parameters so that they can be sent to the parse routine.

svn path=/trunk/; revision=22037
This commit is contained in:
Alex Ionescu 2006-05-25 04:17:29 +00:00
parent 1bb8f22330
commit 93db306b0e
6 changed files with 137 additions and 91 deletions

View file

@ -264,7 +264,9 @@ NtCreateKey(OUT PHANDLE KeyHandle,
(PVOID*)&Object, (PVOID*)&Object,
&RemainingPath, &RemainingPath,
CmiKeyType, CmiKeyType,
&Context); &Context,
NULL,
NULL);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
PostCreateKeyInfo.Object = NULL; PostCreateKeyInfo.Object = NULL;
@ -1333,7 +1335,9 @@ NtOpenKey(OUT PHANDLE KeyHandle,
(PVOID*)&Object, (PVOID*)&Object,
&RemainingPath, &RemainingPath,
CmiKeyType, CmiKeyType,
&Context); &Context,
NULL,
NULL);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
DPRINT("CmpFindObject() returned 0x%08lx\n", Status); DPRINT("CmpFindObject() returned 0x%08lx\n", Status);

View file

@ -727,7 +727,9 @@ CmiConnectHive(IN POBJECT_ATTRIBUTES KeyObjectAttributes,
(PVOID*)&ParentKey, (PVOID*)&ParentKey,
&RemainingPath, &RemainingPath,
CmiKeyType, CmiKeyType,
&Context); &Context,
NULL,
NULL);
ObpReleaseCapturedAttributes(&ObjectCreateInfo); ObpReleaseCapturedAttributes(&ObjectCreateInfo);
if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))

View file

@ -118,7 +118,9 @@ ObFindObject(
PVOID* ReturnedObject, PVOID* ReturnedObject,
PUNICODE_STRING RemainingPath, PUNICODE_STRING RemainingPath,
POBJECT_TYPE ObjectType, POBJECT_TYPE ObjectType,
POBP_LOOKUP_CONTEXT Context POBP_LOOKUP_CONTEXT Context,
IN PACCESS_STATE AccessState,
IN PVOID ParseContext
); );
NTSTATUS NTSTATUS

View file

@ -752,7 +752,8 @@ ObGetObjectHandleCount(PVOID Object)
return Header->HandleCount; return Header->HandleCount;
} }
NTSTATUS STDCALL NTSTATUS
NTAPI
ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes, ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes,
IN POBJECT_TYPE ObjectType, IN POBJECT_TYPE ObjectType,
IN OUT PVOID ParseContext, IN OUT PVOID ParseContext,
@ -767,43 +768,54 @@ ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes,
OBJECT_CREATE_INFORMATION ObjectCreateInfo; OBJECT_CREATE_INFORMATION ObjectCreateInfo;
NTSTATUS Status; NTSTATUS Status;
OBP_LOOKUP_CONTEXT Context; OBP_LOOKUP_CONTEXT Context;
AUX_DATA AuxData;
PGENERIC_MAPPING GenericMapping = NULL;
ACCESS_STATE AccessState;
PAGED_CODE(); PAGED_CODE();
DPRINT("ObOpenObjectByName(...)\n");
/* Capture all the info */ /* Capture all the info */
DPRINT("Capturing Create Info\n");
Status = ObpCaptureObjectAttributes(ObjectAttributes, Status = ObpCaptureObjectAttributes(ObjectAttributes,
AccessMode, AccessMode,
ObjectType, ObjectType,
&ObjectCreateInfo, &ObjectCreateInfo,
&ObjectName); &ObjectName);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status)) return Status;
/* Check if we didn't get an access state */
if (!PassedAccessState)
{ {
DPRINT("ObpCaptureObjectAttributes() failed (Status %lx)\n", Status); /* Try to get the generic mapping if we can */
return Status; if (ObjectType) GenericMapping = &ObjectType->TypeInfo.GenericMapping;
/* Use our built-in access state */
PassedAccessState = &AccessState;
Status = SeCreateAccessState(&AccessState,
&AuxData,
DesiredAccess,
GenericMapping);
if (!NT_SUCCESS(Status)) goto Quickie;
} }
/* Get the security descriptor */
if (ObjectCreateInfo.SecurityDescriptor)
{
/* Save it in the access state */
PassedAccessState->SecurityDescriptor =
ObjectCreateInfo.SecurityDescriptor;
}
/* Now do the lookup */
Status = ObFindObject(&ObjectCreateInfo, Status = ObFindObject(&ObjectCreateInfo,
&ObjectName, &ObjectName,
&Object, &Object,
&RemainingPath, &RemainingPath,
ObjectType, ObjectType,
&Context); &Context, // Temporary Hack
if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); PassedAccessState,
if (!NT_SUCCESS(Status)) ParseContext);
{ if (!NT_SUCCESS(Status)) goto Cleanup;
DPRINT("ObFindObject() failed (Status %lx)\n", Status);
goto Cleanup;
}
DPRINT("OBject: %p, Remaining Path: %wZ\n", Object, &RemainingPath); /* ROS Hack */
if (Object == NULL)
{
Status = STATUS_UNSUCCESSFUL;
goto Cleanup;
}
if (RemainingPath.Buffer != NULL) if (RemainingPath.Buffer != NULL)
{ {
if (wcschr(RemainingPath.Buffer + 1, L'\\') == NULL) if (wcschr(RemainingPath.Buffer + 1, L'\\') == NULL)
@ -813,26 +825,37 @@ ObOpenObjectByName(IN POBJECT_ATTRIBUTES ObjectAttributes,
goto Cleanup; goto Cleanup;
} }
/* Create the actual handle now */
Status = ObpCreateHandle(Object, Status = ObpCreateHandle(Object,
DesiredAccess, DesiredAccess,
ObjectCreateInfo.Attributes, ObjectCreateInfo.Attributes,
Handle); Handle);
Cleanup: Cleanup:
if (Object != NULL) /* Dereference the object */
{ if (Object) ObDereferenceObject(Object);
ObDereferenceObject(Object);
}
RtlFreeUnicodeString(&RemainingPath);
ObpReleaseCapturedAttributes(&ObjectCreateInfo);
/* ROS Hacl: Free the remaining path */
RtlFreeUnicodeString(&RemainingPath);
/* Delete the access state */
if (PassedAccessState == &AccessState)
{
SeDeleteAccessState(PassedAccessState);
}
/* Release the object attributes and return status */
Quickie:
ObpReleaseCapturedAttributes(&ObjectCreateInfo);
if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer);
return Status; return Status;
} }
/* /*
* @implemented * @implemented
*/ */
NTSTATUS STDCALL NTSTATUS
NTAPI
ObOpenObjectByPointer(IN PVOID Object, ObOpenObjectByPointer(IN PVOID Object,
IN ULONG HandleAttributes, IN ULONG HandleAttributes,
IN PACCESS_STATE PassedAccessState, IN PACCESS_STATE PassedAccessState,
@ -842,28 +865,24 @@ ObOpenObjectByPointer(IN PVOID Object,
OUT PHANDLE Handle) OUT PHANDLE Handle)
{ {
NTSTATUS Status; NTSTATUS Status;
PAGED_CODE(); PAGED_CODE();
DPRINT("ObOpenObjectByPointer()\n"); /* Reference the object */
Status = ObReferenceObjectByPointer(Object, Status = ObReferenceObjectByPointer(Object,
0, 0,
ObjectType, ObjectType,
AccessMode); AccessMode);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status)) return Status;
{
return Status;
}
/* Create the handle */
Status = ObpCreateHandle(Object, Status = ObpCreateHandle(Object,
DesiredAccess, DesiredAccess,
HandleAttributes, HandleAttributes,
Handle); Handle);
/* ROS Hack: Dereference the object and return */
ObDereferenceObject(Object); ObDereferenceObject(Object);
return Status;
return STATUS_SUCCESS;
} }
NTSTATUS STDCALL NTSTATUS STDCALL
@ -921,11 +940,9 @@ ObInsertObject(IN PVOID Object,
PSECURITY_DESCRIPTOR NewSecurityDescriptor = NULL; PSECURITY_DESCRIPTOR NewSecurityDescriptor = NULL;
SECURITY_SUBJECT_CONTEXT SubjectContext; SECURITY_SUBJECT_CONTEXT SubjectContext;
OBP_LOOKUP_CONTEXT Context; OBP_LOOKUP_CONTEXT Context;
PAGED_CODE(); PAGED_CODE();
/* Get the Header and Create Info */ /* Get the Header and Create Info */
DPRINT("ObInsertObject: %x\n", Object);
Header = BODY_TO_HEADER(Object); Header = BODY_TO_HEADER(Object);
ObjectCreateInfo = Header->ObjectCreateInfo; ObjectCreateInfo = Header->ObjectCreateInfo;
ObjectNameInfo = HEADER_TO_OBJECT_NAME(Header); ObjectNameInfo = HEADER_TO_OBJECT_NAME(Header);
@ -939,7 +956,9 @@ ObInsertObject(IN PVOID Object,
&FoundObject, &FoundObject,
&RemainingPath, &RemainingPath,
NULL, NULL,
&Context); &Context,
NULL,
NULL);
DPRINT("FoundObject: %x, Path: %wZ\n", FoundObject, &RemainingPath); DPRINT("FoundObject: %x, Path: %wZ\n", FoundObject, &RemainingPath);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {

View file

@ -27,7 +27,9 @@ ObFindObject(POBJECT_CREATE_INFORMATION ObjectCreateInfo,
PVOID* ReturnedObject, PVOID* ReturnedObject,
PUNICODE_STRING RemainingPath, PUNICODE_STRING RemainingPath,
POBJECT_TYPE ObjectType, POBJECT_TYPE ObjectType,
POBP_LOOKUP_CONTEXT Context) POBP_LOOKUP_CONTEXT Context,
IN PACCESS_STATE AccessState,
IN PVOID ParseContext)
{ {
PVOID NextObject; PVOID NextObject;
PVOID CurrentObject; PVOID CurrentObject;

View file

@ -188,7 +188,8 @@ ObReferenceObjectByPointer(IN PVOID Object,
return(STATUS_SUCCESS); return(STATUS_SUCCESS);
} }
NTSTATUS STDCALL NTSTATUS
NTAPI
ObReferenceObjectByName(PUNICODE_STRING ObjectPath, ObReferenceObjectByName(PUNICODE_STRING ObjectPath,
ULONG Attributes, ULONG Attributes,
PACCESS_STATE PassedAccessState, PACCESS_STATE PassedAccessState,
@ -204,16 +205,23 @@ ObReferenceObjectByName(PUNICODE_STRING ObjectPath,
OBJECT_CREATE_INFORMATION ObjectCreateInfo; OBJECT_CREATE_INFORMATION ObjectCreateInfo;
NTSTATUS Status; NTSTATUS Status;
OBP_LOOKUP_CONTEXT Context; OBP_LOOKUP_CONTEXT Context;
AUX_DATA AuxData;
PAGED_CODE(); ACCESS_STATE AccessState;
/* Capture the name */ /* Capture the name */
DPRINT("Capturing Name\n");
Status = ObpCaptureObjectName(&ObjectName, ObjectPath, AccessMode); Status = ObpCaptureObjectName(&ObjectName, ObjectPath, AccessMode);
if (!NT_SUCCESS(Status)) if (!NT_SUCCESS(Status)) return Status;
/* Check if we didn't get an access state */
if (!PassedAccessState)
{ {
DPRINT("ObpCaptureObjectName() failed (Status %lx)\n", Status); /* Use our built-in access state */
return Status; PassedAccessState = &AccessState;
Status = SeCreateAccessState(&AccessState,
&AuxData,
DesiredAccess,
&ObjectType->TypeInfo.GenericMapping);
if (!NT_SUCCESS(Status)) goto Quickie;
} }
/* /*
@ -222,32 +230,41 @@ ObReferenceObjectByName(PUNICODE_STRING ObjectPath,
*/ */
ObjectCreateInfo.RootDirectory = NULL; ObjectCreateInfo.RootDirectory = NULL;
ObjectCreateInfo.Attributes = Attributes; ObjectCreateInfo.Attributes = Attributes;
Status = ObFindObject(&ObjectCreateInfo, Status = ObFindObject(&ObjectCreateInfo,
&ObjectName, &ObjectName,
&Object, &Object,
&RemainingPath, &RemainingPath,
ObjectType, ObjectType,
&Context); &Context,
PassedAccessState,
if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer); ParseContext);
if (!NT_SUCCESS(Status)) goto Quickie;
if (!NT_SUCCESS(Status))
{
return(Status);
}
DPRINT("RemainingPath.Buffer '%S' Object %p\n", RemainingPath.Buffer, Object);
/* ROS Hack */
if (RemainingPath.Buffer != NULL || Object == NULL) if (RemainingPath.Buffer != NULL || Object == NULL)
{ {
DPRINT("Object %p\n", Object);
*ObjectPtr = NULL; *ObjectPtr = NULL;
RtlFreeUnicodeString (&RemainingPath); RtlFreeUnicodeString (&RemainingPath);
return(STATUS_OBJECT_NAME_NOT_FOUND); Status = STATUS_OBJECT_NAME_NOT_FOUND;
goto Quickie;
} }
/* Return the object */
*ObjectPtr = Object; *ObjectPtr = Object;
RtlFreeUnicodeString (&RemainingPath);
return(STATUS_SUCCESS); /* ROS Hack: Free the remaining path */
RtlFreeUnicodeString(&RemainingPath);
/* Free the access state */
if (PassedAccessState == &AccessState)
{
SeDeleteAccessState(PassedAccessState);
}
Quickie:
/* Free the captured name if we had one, and return status */
if (ObjectName.Buffer) ExFreePool(ObjectName.Buffer);
return Status;
} }
NTSTATUS STDCALL NTSTATUS STDCALL