From edcf3f5363cbaf212654f78eda5542b1d7cea4be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?George=20Bi=C8=99oc?= Date: Tue, 20 Jun 2023 10:42:08 +0200 Subject: [PATCH] [NTOS:SE] Update the NT access check syscalls SAL2 annotations The newly updated SAL2 annotations reflect those from Process Hacker. Also these syscalls must have their function's status code checked, as most of other Native syscalls have them checked. --- sdk/include/ndk/sefuncs.h | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/sdk/include/ndk/sefuncs.h b/sdk/include/ndk/sefuncs.h index b0227a223d0..3c24177cb16 100644 --- a/sdk/include/ndk/sefuncs.h +++ b/sdk/include/ndk/sefuncs.h @@ -13,6 +13,7 @@ Abstract: Author: Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006 + George Bișoc (george.bisoc@reactos.org) - Updated - 23-Apr-2023 --*/ @@ -79,6 +80,8 @@ SeTokenImpersonationLevel( // // Native Calls // +_Must_inspect_result_ +__kernel_entry NTSYSCALLAPI NTSTATUS NTAPI @@ -87,40 +90,44 @@ NtAccessCheck( _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, - _Out_ PPRIVILEGE_SET PrivilegeSet, - _Out_ PULONG ReturnLength, + _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, + _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus); +_Must_inspect_result_ +NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByType( _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, - _In_ PSID PrincipalSelfSid, + _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, - _In_ POBJECT_TYPE_LIST ObjectTypeList, - _In_ ULONG ObjectTypeLength, + _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, + _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, - _In_ PPRIVILEGE_SET PrivilegeSet, + _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus); +_Must_inspect_result_ +NTSYSCALLAPI NTSTATUS NTAPI NtAccessCheckByTypeResultList( _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, - _In_ PSID PrincipalSelfSid, + _In_opt_ PSID PrincipalSelfSid, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, - _In_ POBJECT_TYPE_LIST ObjectTypeList, - _In_ ULONG ObjectTypeLength, + _In_reads_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, + _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, - _In_ PPRIVILEGE_SET PrivilegeSet, + _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, _Inout_ PULONG PrivilegeSetLength, - _Out_ PACCESS_MASK GrantedAccess, - _Out_ PNTSTATUS AccessStatus); + _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, + _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus); _Must_inspect_result_ __kernel_entry NTSYSCALLAPI @@ -331,8 +338,8 @@ ZwAccessCheck( _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, - _Out_ PPRIVILEGE_SET PrivilegeSet, - _Out_ PULONG ReturnLength, + _Out_writes_bytes_(*PrivilegeSetLength) PPRIVILEGE_SET PrivilegeSet, + _Out_ PULONG PrivilegeSetLength, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus);