mirror of
https://github.com/reactos/reactos.git
synced 2025-08-04 09:46:18 +00:00
- Fix ACL size calculation in SepInitDACLs.
- Fix size check in RtlpAddKnownAce. svn path=/trunk/; revision=11567
This commit is contained in:
Filip Navara
parent
6b9538eb54
commit
d00861b8e8
2 changed files with 45 additions and 24 deletions
|
|
@ -133,7 +133,8 @@ RtlpAddKnownAce (PACL Acl,
|
||||||
{
|
{
|
||||||
return(STATUS_ALLOTTED_SPACE_EXCEEDED);
|
return(STATUS_ALLOTTED_SPACE_EXCEEDED);
|
||||||
}
|
}
|
||||||
if (RtlLengthSid(Sid) + sizeof(ACE) > Acl->AclSize)
|
if ((ULONG_PTR)Ace + RtlLengthSid(Sid) + sizeof(ACE) >
|
||||||
|
(ULONG_PTR)Acl + Acl->AclSize)
|
||||||
{
|
{
|
||||||
return(STATUS_ALLOTTED_SPACE_EXCEEDED);
|
return(STATUS_ALLOTTED_SPACE_EXCEEDED);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
/* $Id: acl.c,v 1.20 2004/08/15 16:39:11 chorns Exp $
|
/* $Id: acl.c,v 1.21 2004/11/06 21:32:16 navaraf Exp $
|
||||||
*
|
*
|
||||||
* COPYRIGHT: See COPYING in the top level directory
|
* COPYRIGHT: See COPYING in the top level directory
|
||||||
* PROJECT: ReactOS kernel
|
* PROJECT: ReactOS kernel
|
||||||
|
|
@ -33,26 +33,21 @@ PACL SeUnrestrictedDacl = NULL;
|
||||||
BOOLEAN INIT_FUNCTION
|
BOOLEAN INIT_FUNCTION
|
||||||
SepInitDACLs(VOID)
|
SepInitDACLs(VOID)
|
||||||
{
|
{
|
||||||
ULONG AclLength2;
|
ULONG AclLength;
|
||||||
ULONG AclLength3;
|
|
||||||
ULONG AclLength4;
|
|
||||||
|
|
||||||
AclLength2 = sizeof(ACL) +
|
|
||||||
2 * (RtlLengthRequiredSid(1) + sizeof(ACE));
|
|
||||||
AclLength3 = sizeof(ACL) +
|
|
||||||
3 * (RtlLengthRequiredSid(1) + sizeof(ACE));
|
|
||||||
AclLength4 = sizeof(ACL) +
|
|
||||||
4 * (RtlLengthRequiredSid(1) + sizeof(ACE));
|
|
||||||
|
|
||||||
/* create PublicDefaultDacl */
|
/* create PublicDefaultDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeLocalSystemSid));
|
||||||
|
|
||||||
SePublicDefaultDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SePublicDefaultDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength2,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SePublicDefaultDacl == NULL)
|
if (SePublicDefaultDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SePublicDefaultDacl,
|
RtlCreateAcl(SePublicDefaultDacl,
|
||||||
AclLength2,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SePublicDefaultDacl,
|
RtlAddAccessAllowedAce(SePublicDefaultDacl,
|
||||||
|
|
@ -67,14 +62,20 @@ SepInitDACLs(VOID)
|
||||||
|
|
||||||
|
|
||||||
/* create PublicDefaultUnrestrictedDacl */
|
/* create PublicDefaultUnrestrictedDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
|
||||||
|
|
||||||
SePublicDefaultUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SePublicDefaultUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength4,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SePublicDefaultUnrestrictedDacl == NULL)
|
if (SePublicDefaultUnrestrictedDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SePublicDefaultUnrestrictedDacl,
|
RtlCreateAcl(SePublicDefaultUnrestrictedDacl,
|
||||||
AclLength4,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
|
RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
|
||||||
|
|
@ -98,14 +99,19 @@ SepInitDACLs(VOID)
|
||||||
SeRestrictedCodeSid);
|
SeRestrictedCodeSid);
|
||||||
|
|
||||||
/* create PublicOpenDacl */
|
/* create PublicOpenDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
|
||||||
|
|
||||||
SePublicOpenDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SePublicOpenDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength3,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SePublicOpenDacl == NULL)
|
if (SePublicOpenDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SePublicOpenDacl,
|
RtlCreateAcl(SePublicOpenDacl,
|
||||||
AclLength3,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SePublicOpenDacl,
|
RtlAddAccessAllowedAce(SePublicOpenDacl,
|
||||||
|
|
@ -124,14 +130,20 @@ SepInitDACLs(VOID)
|
||||||
SeAliasAdminsSid);
|
SeAliasAdminsSid);
|
||||||
|
|
||||||
/* create PublicOpenUnrestrictedDacl */
|
/* create PublicOpenUnrestrictedDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
|
||||||
|
|
||||||
SePublicOpenUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SePublicOpenUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength4,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SePublicOpenUnrestrictedDacl == NULL)
|
if (SePublicOpenUnrestrictedDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SePublicOpenUnrestrictedDacl,
|
RtlCreateAcl(SePublicOpenUnrestrictedDacl,
|
||||||
AclLength4,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
|
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
|
||||||
|
|
@ -155,14 +167,18 @@ SepInitDACLs(VOID)
|
||||||
SeRestrictedCodeSid);
|
SeRestrictedCodeSid);
|
||||||
|
|
||||||
/* create SystemDefaultDacl */
|
/* create SystemDefaultDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeLocalSystemSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeAliasAdminsSid));
|
||||||
|
|
||||||
SeSystemDefaultDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SeSystemDefaultDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength2,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SeSystemDefaultDacl == NULL)
|
if (SeSystemDefaultDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SeSystemDefaultDacl,
|
RtlCreateAcl(SeSystemDefaultDacl,
|
||||||
AclLength2,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SeSystemDefaultDacl,
|
RtlAddAccessAllowedAce(SeSystemDefaultDacl,
|
||||||
|
|
@ -176,14 +192,18 @@ SepInitDACLs(VOID)
|
||||||
SeAliasAdminsSid);
|
SeAliasAdminsSid);
|
||||||
|
|
||||||
/* create UnrestrictedDacl */
|
/* create UnrestrictedDacl */
|
||||||
|
AclLength = sizeof(ACL) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeWorldSid)) +
|
||||||
|
(sizeof(ACE) + RtlLengthSid(SeRestrictedCodeSid));
|
||||||
|
|
||||||
SeUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
SeUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
|
||||||
AclLength2,
|
AclLength,
|
||||||
TAG_ACL);
|
TAG_ACL);
|
||||||
if (SeUnrestrictedDacl == NULL)
|
if (SeUnrestrictedDacl == NULL)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
RtlCreateAcl(SeUnrestrictedDacl,
|
RtlCreateAcl(SeUnrestrictedDacl,
|
||||||
AclLength2,
|
AclLength,
|
||||||
ACL_REVISION);
|
ACL_REVISION);
|
||||||
|
|
||||||
RtlAddAccessAllowedAce(SeUnrestrictedDacl,
|
RtlAddAccessAllowedAce(SeUnrestrictedDacl,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue