Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-31 06:52:07 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTORKRNL]

Browse source 
SepAccessCheck: Deny access if the DACL is is empty (but not NULL).

svn path=/trunk/; revision=46629
This commit is contained in:
Eric Kohl 2010-03-31 21:02:38 +00:00
parent 9e478e990f
commit baeb295134
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
reactos/ntoskrnl/se/semgr.c
View file

@ -457,6 +457,14 @@ SepAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
}
}
/* Deny access if the DACL is empty */
if (Dacl->AceCount == 0)
{
*GrantedAccess = 0;
*AccessStatus = STATUS_ACCESS_DENIED;
return FALSE;
}
/* RULE 3: Check whether the token is the owner */
Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor,
&Sid,