pool.c: assert irql and pool type for PASSIVE_LEVEL and above.

ntoskrnl/ob/security.c:
This function did not either identify the new descriptor as self relative
nor honor the case where self-relative was not set.  Now fixed.
Bug identified by WaxDragon (while loading a cygwin app)

svn path=/trunk/; revision=11140

reactos/ntoskrnl/mm/pool.c

@@ -1,4 +1,4 @@
-/* $Id: pool.c,v 1.33 2004/08/21 20:05:35 tamlin Exp $
+/* $Id: pool.c,v 1.34 2004/10/01 04:00:11 arty Exp $
  * 
  * COPYRIGHT:    See COPYING in the top level directory
  * PROJECT:      ReactOS kernel
@@ -93,6 +93,9 @@ ExAllocatePool (POOL_TYPE PoolType, ULONG NumberOfBytes)
  */
 {
    PVOID Block;
+   ASSERT_IRQL(DISPATCH_LEVEL);
+   assert(KeGetCurrentIrql() == PASSIVE_LEVEL || PoolType == NonPagedPool);
+
 #if defined(__GNUC__)
 
    Block = EiAllocatePool(PoolType,
@@ -120,6 +123,10 @@ PVOID STDCALL
 ExAllocatePoolWithTag (ULONG PoolType, ULONG NumberOfBytes, ULONG Tag)
 {
    PVOID Block;
+
+   ASSERT_IRQL(DISPATCH_LEVEL);
+   assert(KeGetCurrentIrql() == PASSIVE_LEVEL || PoolType != PagedPool);
+
 #if defined(__GNUC__)
 
    Block = EiAllocatePool(PoolType,
@@ -161,6 +168,9 @@ ExAllocatePoolWithTagPriority(
     IN EX_POOL_PRIORITY Priority
     )
 {
+   ASSERT_IRQL(DISPATCH_LEVEL);
+   assert(KeGetCurrentIrql() == PASSIVE_LEVEL || PoolType != PagedPool);
+
     /* Check if this is one of the "Special" Flags, used by the Verifier */
     if (Priority & 8) {
         /* Check if this is a xxSpecialUnderrun */
@@ -188,6 +198,9 @@ ExAllocatePoolWithQuotaTag (IN POOL_TYPE PoolType,
     PVOID Block;
     PEPROCESS Process;
 
+    ASSERT_IRQL(DISPATCH_LEVEL);
+    assert(KeGetCurrentIrql() == PASSIVE_LEVEL || PoolType == NonPagedPool);
+
     /* Allocate the Pool First */
     Block = EiAllocatePool(PoolType,
                             NumberOfBytes,
@@ -232,6 +245,8 @@ ExAllocatePoolWithQuotaTag (IN POOL_TYPE PoolType,
 VOID STDCALL
 ExFreePool(IN PVOID Block)
 {
+   ASSERT_IRQL(DISPATCH_LEVEL);
+
    if (Block >= MmPagedPoolBase && (char*)Block < ((char*)MmPagedPoolBase + MmPagedPoolSize))
    {
       ExFreePagedPool(Block);
@@ -248,6 +263,7 @@ ExFreePool(IN PVOID Block)
 VOID STDCALL
 ExFreePoolWithTag(IN PVOID Block, IN ULONG Tag)
 {
+   ASSERT_IRQL(DISPATCH_LEVEL);
    /* FIXME: Validate the tag */
    ExFreePool(Block);
 }

reactos/ntoskrnl/ob/security.c

@@ -266,18 +266,22 @@ NtSetSecurityObject(IN HANDLE Handle,
 	{
 	  if (SecurityDescriptor->Owner != NULL)
 	    {
-	      Owner = (PSID)((ULONG_PTR)SecurityDescriptor->Owner + (ULONG_PTR)SecurityDescriptor);
-	      OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
+		if( SecurityDescriptor->Control & SE_SELF_RELATIVE )
+		    Owner = (PSID)((ULONG_PTR)SecurityDescriptor->Owner + 
+				   (ULONG_PTR)SecurityDescriptor);
+		else
+		    Owner = (PSID)SecurityDescriptor->Owner;
+		OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
 	    }
 	  Control |= (SecurityDescriptor->Control & SE_OWNER_DEFAULTED);
 	}
       else
 	{
 	  if (ObjectSd->Owner != NULL)
-	    {
+	  {
 	      Owner = (PSID)((ULONG_PTR)ObjectSd->Owner + (ULONG_PTR)ObjectSd);
 	      OwnerLength = ROUND_UP(RtlLengthSid(Owner), 4);
-	    }
+	  }
 	  Control |= (ObjectSd->Control & SE_OWNER_DEFAULTED);
 	}
 
@@ -286,8 +290,12 @@ NtSetSecurityObject(IN HANDLE Handle,
 	{
 	  if (SecurityDescriptor->Group != NULL)
 	    {
-	      Group = (PSID)((ULONG_PTR)SecurityDescriptor->Group + (ULONG_PTR)SecurityDescriptor);
-	      GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
+		if( SecurityDescriptor->Control & SE_SELF_RELATIVE )
+		    Group = (PSID)((ULONG_PTR)SecurityDescriptor->Group + 
+				   (ULONG_PTR)SecurityDescriptor);
+		else
+		    Group = (PSID)SecurityDescriptor->Group;
+		GroupLength = ROUND_UP(RtlLengthSid(Group), 4);
 	    }
 	  Control |= (SecurityDescriptor->Control & SE_GROUP_DEFAULTED);
 	}
@@ -307,7 +315,12 @@ NtSetSecurityObject(IN HANDLE Handle,
 	  if ((SecurityDescriptor->Control & SE_DACL_PRESENT) &&
 	      (SecurityDescriptor->Dacl != NULL))
 	    {
-	      Dacl = (PACL)((ULONG_PTR)SecurityDescriptor->Dacl + (ULONG_PTR)SecurityDescriptor);
+		if( SecurityDescriptor->Control & SE_SELF_RELATIVE )
+		    Dacl = (PACL)((ULONG_PTR)SecurityDescriptor->Dacl + 
+				  (ULONG_PTR)SecurityDescriptor);
+		else
+		    Dacl = (PACL)SecurityDescriptor->Dacl;
+
 	      DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
 	    }
 	  Control |= (SecurityDescriptor->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
@@ -329,8 +342,12 @@ NtSetSecurityObject(IN HANDLE Handle,
 	  if ((SecurityDescriptor->Control & SE_SACL_PRESENT) &&
 	      (SecurityDescriptor->Sacl != NULL))
 	    {
-	      Sacl = (PACL)((ULONG_PTR)SecurityDescriptor->Sacl + (ULONG_PTR)SecurityDescriptor);
-	      SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
+		if( SecurityDescriptor->Control & SE_SELF_RELATIVE )
+		    Sacl = (PACL)((ULONG_PTR)SecurityDescriptor->Sacl + 
+				  (ULONG_PTR)SecurityDescriptor);
+		else
+		    Sacl = (PACL)SecurityDescriptor->Sacl;
+		SaclLength = ROUND_UP((ULONG)Sacl->AclSize, 4);
 	    }
 	  Control |= (SecurityDescriptor->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
 	}
@@ -356,7 +373,8 @@ NtSetSecurityObject(IN HANDLE Handle,
 
       RtlCreateSecurityDescriptor(NewSd,
 				  SECURITY_DESCRIPTOR_REVISION1);
-      NewSd->Control = Control;
+      /* We always build a self-relative descriptor */
+      NewSd->Control = Control | SE_SELF_RELATIVE;
 
       Current = (ULONG_PTR)NewSd + sizeof(SECURITY_DESCRIPTOR);