mirror of
https://github.com/reactos/reactos.git
synced 2024-09-29 14:09:10 +00:00
[ntoskrnl] Check if caller has valid access before opening a registry key
Assign security descriptor to new keys we're creating svn path=/trunk/; revision=42960
This commit is contained in:
parent
291b697b95
commit
b6f0ced7a5
|
@ -224,6 +224,7 @@ CmpDoCreateChild(IN PHHIVE Hive,
|
|||
ULONG StorageType;
|
||||
LARGE_INTEGER SystemTime;
|
||||
PCM_KEY_CONTROL_BLOCK Kcb;
|
||||
PSECURITY_DESCRIPTOR NewDescriptor;
|
||||
|
||||
/* Get the storage type */
|
||||
StorageType = Stable;
|
||||
|
@ -360,6 +361,26 @@ CmpDoCreateChild(IN PHHIVE Hive,
|
|||
/* Link it with the KCB */
|
||||
EnlistKeyBodyWithKCB(KeyBody, 0);
|
||||
|
||||
/* Assign security */
|
||||
Status = SeAssignSecurity(ParentDescriptor,
|
||||
AccessState->SecurityDescriptor,
|
||||
&NewDescriptor,
|
||||
TRUE,
|
||||
&AccessState->SubjectSecurityContext,
|
||||
&CmpKeyObjectType->TypeInfo.GenericMapping,
|
||||
CmpKeyObjectType->TypeInfo.PoolType);
|
||||
if (NT_SUCCESS(Status))
|
||||
{
|
||||
Status = CmpSecurityMethod(*Object,
|
||||
AssignSecurityDescriptor,
|
||||
NULL,
|
||||
NewDescriptor,
|
||||
NULL,
|
||||
NULL,
|
||||
CmpKeyObjectType->TypeInfo.PoolType,
|
||||
&CmpKeyObjectType->TypeInfo.GenericMapping);
|
||||
}
|
||||
|
||||
Quickie:
|
||||
/* Check if we got here because of failure */
|
||||
if (!NT_SUCCESS(Status))
|
||||
|
@ -686,6 +707,16 @@ CmpDoOpen(IN PHHIVE Hive,
|
|||
|
||||
/* Link to the KCB */
|
||||
EnlistKeyBodyWithKCB(KeyBody, 0);
|
||||
|
||||
if (!ObCheckObjectAccess(*Object,
|
||||
AccessState,
|
||||
FALSE,
|
||||
AccessMode,
|
||||
&Status))
|
||||
{
|
||||
/* Access check failed */
|
||||
ObDereferenceObject(*Object);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue