mirror of
https://github.com/reactos/reactos.git
synced 2024-09-29 05:54:05 +00:00
[NTOS:SE]
- Correctly check ACE type in SeFastTraverseCheck. CID 1102005 svn path=/trunk/; revision=68911
This commit is contained in:
parent
e560a1993f
commit
f14431ec16
|
@ -493,7 +493,7 @@ SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
continue;
|
||||
|
||||
/* If access-allowed ACE */
|
||||
if (Ace->Header.AceType & ACCESS_ALLOWED_ACE_TYPE)
|
||||
if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
|
||||
{
|
||||
/* Check if all accesses are granted */
|
||||
if (!(Ace->Mask & DesiredAccess))
|
||||
|
@ -504,9 +504,9 @@ SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
|
|||
return TRUE;
|
||||
}
|
||||
/* If access-denied ACE */
|
||||
else if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
|
||||
else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
|
||||
{
|
||||
/* Here, only check if it denies all the access wanted and deny if so */
|
||||
/* Here, only check if it denies any access wanted and deny if so */
|
||||
if (Ace->Mask & DesiredAccess)
|
||||
return FALSE;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue