mirror of
https://github.com/reactos/reactos.git
synced 2025-06-29 09:31:23 +00:00
[NTOSKRNL]
Simplify SepPrivilegeCheck. Patch by Timo Kreuzer. svn path=/trunk/; revision=50390
This commit is contained in:
Eric Kohl
parent
08c3db2a66
commit
b51f0a0553
1 changed files with 23 additions and 31 deletions
|
|
@ -118,54 +118,46 @@ SepPrivilegeCheck(PTOKEN Token,
|
||||||
{
|
{
|
||||||
ULONG i;
|
ULONG i;
|
||||||
ULONG j;
|
ULONG j;
|
||||||
ULONG k;
|
ULONG Required;
|
||||||
|
|
||||||
DPRINT("SepPrivilegeCheck() called\n");
|
DPRINT("SepPrivilegeCheck() called\n");
|
||||||
|
|
||||||
PAGED_CODE();
|
PAGED_CODE();
|
||||||
|
|
||||||
if (PreviousMode == KernelMode)
|
if (PreviousMode == KernelMode)
|
||||||
{
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
|
||||||
|
|
||||||
k = 0;
|
/* Get the number of privileges that are required to match */
|
||||||
if (PrivilegeCount > 0)
|
Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
|
||||||
|
|
||||||
|
/* Loop all requested privileges until we found the required ones */
|
||||||
|
for (i = 0; i < PrivilegeCount && Required > 0; i++)
|
||||||
{
|
{
|
||||||
for (i = 0; i < Token->PrivilegeCount; i++)
|
/* Loop the privileges of the token */
|
||||||
|
for (j = 0; j < Token->PrivilegeCount; j++)
|
||||||
{
|
{
|
||||||
for (j = 0; j < PrivilegeCount; j++)
|
/* Check if the LUIDs match */
|
||||||
|
if (Token->Privileges[j].Luid.LowPart == Privileges[i].Luid.LowPart &&
|
||||||
|
Token->Privileges[j].Luid.HighPart == Privileges[i].Luid.HighPart)
|
||||||
{
|
{
|
||||||
if (Token->Privileges[i].Luid.LowPart == Privileges[j].Luid.LowPart &&
|
DPRINT("Found privilege. Attributes: %lx\n",
|
||||||
Token->Privileges[i].Luid.HighPart == Privileges[j].Luid.HighPart)
|
Token->Privileges[j].Attributes);
|
||||||
{
|
|
||||||
DPRINT("Found privilege\n");
|
|
||||||
DPRINT("Privilege attributes %lx\n",
|
|
||||||
Token->Privileges[i].Attributes);
|
|
||||||
|
|
||||||
if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
|
/* Check if the privilege is enabled */
|
||||||
{
|
if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
|
||||||
Privileges[j].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
|
{
|
||||||
k++;
|
Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
|
||||||
}
|
Required--;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Leave the inner loop */
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) &&
|
/* Return whether we found all required privileges */
|
||||||
PrivilegeCount == k)
|
return (Required == 0);
|
||||||
{
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (k > 0 &&
|
|
||||||
!(PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY))
|
|
||||||
{
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
return FALSE;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
NTSTATUS
|
NTSTATUS
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue