Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-09-29 05:54:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

[NTOS:SE]

Browse source 
- Correctly check ACE type in SeFastTraverseCheck. CID 1102005

svn path=/trunk/; revision=68911
This commit is contained in:
Thomas Faber 2015-09-02 09:19:52 +00:00
parent e560a1993f
commit f14431ec16
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
reactos/ntoskrnl/se/accesschk.c
View file

@ -493,7 +493,7 @@ SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
continue;
/* If access-allowed ACE */
if (Ace->Header.AceType & ACCESS_ALLOWED_ACE_TYPE)
if (Ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE)
{
/* Check if all accesses are granted */
if (!(Ace->Mask & DesiredAccess))
@ -504,9 +504,9 @@ SeFastTraverseCheck(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
return TRUE;
}
/* If access-denied ACE */
else if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
else if (Ace->Header.AceType == ACCESS_DENIED_ACE_TYPE)
{
/* Here, only check if it denies all the access wanted and deny if so */
/* Here, only check if it denies any access wanted and deny if so */
if (Ace->Mask & DesiredAccess)
return FALSE;
}