Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-02 17:56:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTORKRNL]

Browse source 
SepAccessCheck: Deny access if the DACL is is empty (but not NULL).

svn path=/trunk/; revision=46629
This commit is contained in:
Eric Kohl 2010-03-31 21:02:38 +00:00
parent 9e478e990f
commit baeb295134
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
reactos/ntoskrnl/se/semgr.c
View file

@ -457,6 +457,14 @@ SepAccessCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
} }
} }
/* Deny access if the DACL is empty */
if (Dacl->AceCount == 0)
{
*GrantedAccess = 0;
*AccessStatus = STATUS_ACCESS_DENIED;
return FALSE;
}
/* RULE 3: Check whether the token is the owner */ /* RULE 3: Check whether the token is the owner */
Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor, Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor,
&Sid, &Sid,