Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 17:52:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

Implement SeValidSecurityDescriptor().

Browse source 
svn path=/trunk/; revision=10288
This commit is contained in:
Eric Kohl 2004-07-26 12:44:40 +00:00
parent 66a51a8a25
commit 9528bf078e
1 changed files with 128 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

130
reactos/ntoskrnl/se/sd.c
View file

@ -1,4 +1,4 @@
/* $Id: sd.c,v 1.15 2004/07/18 17:45:28 ion Exp $ /* $Id: sd.c,v 1.16 2004/07/26 12:44:40 ekohl Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -143,14 +143,138 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
/* /*
* @unimplemented * @implemented
*/ */
BOOLEAN STDCALL BOOLEAN STDCALL
SeValidSecurityDescriptor(IN ULONG Length, SeValidSecurityDescriptor(IN ULONG Length,
IN PSECURITY_DESCRIPTOR SecurityDescriptor) IN PSECURITY_DESCRIPTOR SecurityDescriptor)
{ {
UNIMPLEMENTED; ULONG SdLength;
PSID Sid;
PACL Acl;
if (Length < SECURITY_DESCRIPTOR_MIN_LENGTH)
{
DPRINT1("Invalid Security Descriptor revision\n");
return FALSE; return FALSE;
} }
if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
{
DPRINT1("Invalid Security Descriptor revision\n");
return FALSE;
}
if (!(SecurityDescriptor->Control & SE_SELF_RELATIVE))
{
DPRINT1("No self-relative Security Descriptor\n");
return FALSE;
}
SdLength = sizeof(SECURITY_DESCRIPTOR);
/* Check Owner SID */
if (SecurityDescriptor->Owner == NULL)
{
DPRINT1("No Owner SID\n");
return FALSE;
}
if ((ULONG_PTR)SecurityDescriptor->Owner % sizeof(ULONG))
{
DPRINT1("Invalid Owner SID alignment\n");
return FALSE;
}
Sid = (PSID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Owner);
if (Sid->Revision != SID_REVISION)
{
DPRINT1("Invalid Owner SID revision\n");
return FALSE;
}
SdLength += (sizeof(SID) + (Sid->SubAuthorityCount - 1) * sizeof(ULONG));
if (Length < SdLength)
{
DPRINT1("Invalid Owner SID size\n");
return FALSE;
}
/* Check Group SID */
if (SecurityDescriptor->Group != NULL)
{
if ((ULONG_PTR)SecurityDescriptor->Group % sizeof(ULONG))
{
DPRINT1("Invalid Group SID alignment\n");
return FALSE;
}
Sid = (PSID)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Group);
if (Sid->Revision != SID_REVISION)
{
DPRINT1("Invalid Group SID revision\n");
return FALSE;
}
SdLength += (sizeof(SID) + (Sid->SubAuthorityCount - 1) * sizeof(ULONG));
if (Length < SdLength)
{
DPRINT1("Invalid Group SID size\n");
return FALSE;
}
}
/* Check DACL */
if (SecurityDescriptor->Dacl != NULL)
{
if ((ULONG_PTR)SecurityDescriptor->Dacl % sizeof(ULONG))
{
DPRINT1("Invalid DACL alignment\n");
return FALSE;
}
Acl = (PACL)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Dacl);
if ((Acl->AclRevision < MIN_ACL_REVISION) &&
(Acl->AclRevision > MAX_ACL_REVISION))
{
DPRINT1("Invalid DACL revision\n");
return FALSE;
}
SdLength += Acl->AclSize;
if (Length < SdLength)
{
DPRINT1("Invalid DACL size\n");
return FALSE;
}
}
/* Check SACL */
if (SecurityDescriptor->Sacl != NULL)
{
if ((ULONG_PTR)SecurityDescriptor->Sacl % sizeof(ULONG))
{
DPRINT1("Invalid SACL alignment\n");
return FALSE;
}
Acl = (PACL)((ULONG_PTR)SecurityDescriptor + (ULONG_PTR)SecurityDescriptor->Sacl);
if ((Acl->AclRevision < MIN_ACL_REVISION) ||
(Acl->AclRevision > MAX_ACL_REVISION))
{
DPRINT1("Invalid SACL revision\n");
return FALSE;
}
SdLength += Acl->AclSize;
if (Length < SdLength)
{
DPRINT1("Invalid SACL size\n");
return FALSE;
}
}
return TRUE;
}
/* EOF */ /* EOF */