Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 20:56:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

[BASESRV] Handle failures instead of asserting

Browse source
This commit is contained in:
Pierre Schweitzer 2019-05-18 13:37:35 +02:00
parent 4cf5013a54
commit f3c71baa0c
No known key found for this signature in database
GPG key ID: 7545556C3D585B0B
1 changed files with 54 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

68
subsystems/win/basesrv/init.c
View file

@ -5,6 +5,7 @@
* PURPOSE: Initialization * PURPOSE: Initialization
* PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org) * PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
* Hermes Belusca-Maito (hermes.belusca@sfr.fr) * Hermes Belusca-Maito (hermes.belusca@sfr.fr)
* Pierre Schweitzer (pierre@reactos.org)
*/ */
/* INCLUDES *******************************************************************/ /* INCLUDES *******************************************************************/
@ -232,21 +233,33 @@ CreateBaseAcls(OUT PACL* Dacl,
1, SECURITY_LOCAL_SYSTEM_RID, 1, SECURITY_LOCAL_SYSTEM_RID,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
&SystemSid); &SystemSid);
ASSERT(NT_SUCCESS(Status)); if (!NT_SUCCESS(Status))
{
return Status;
}
/* Allocate the World SID */ /* Allocate the World SID */
Status = RtlAllocateAndInitializeSid(&WorldAuthority, Status = RtlAllocateAndInitializeSid(&WorldAuthority,
1, SECURITY_WORLD_RID, 1, SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
&WorldSid); &WorldSid);
ASSERT(NT_SUCCESS(Status)); if (!NT_SUCCESS(Status))
{
RtlFreeSid(SystemSid);
goto Return;
}
/* Allocate the restricted SID */ /* Allocate the restricted SID */
Status = RtlAllocateAndInitializeSid(&NtAuthority, Status = RtlAllocateAndInitializeSid(&NtAuthority,
1, SECURITY_RESTRICTED_CODE_RID, 1, SECURITY_RESTRICTED_CODE_RID,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
&RestrictedSid); &RestrictedSid);
ASSERT(NT_SUCCESS(Status)); if (!NT_SUCCESS(Status))
{
RtlFreeSid(WorldSid);
RtlFreeSid(SystemSid);
goto Return;
}
/* Allocate one ACL with 3 ACEs each for one SID */ /* Allocate one ACL with 3 ACEs each for one SID */
AclLength = sizeof(ACL) + 3 * sizeof(ACCESS_ALLOWED_ACE) + AclLength = sizeof(ACL) + 3 * sizeof(ACCESS_ALLOWED_ACE) +
@ -254,11 +267,19 @@ CreateBaseAcls(OUT PACL* Dacl,
RtlLengthSid(WorldSid) + RtlLengthSid(WorldSid) +
RtlLengthSid(RestrictedSid); RtlLengthSid(RestrictedSid);
*Dacl = RtlAllocateHeap(BaseSrvHeap, 0, AclLength); *Dacl = RtlAllocateHeap(BaseSrvHeap, 0, AclLength);
ASSERT(*Dacl != NULL); if (*Dacl == NULL)
{
Status = STATUS_NO_MEMORY;
goto FreeAndReturn;
}
/* Set the correct header fields */ /* Set the correct header fields */
Status = RtlCreateAcl(*Dacl, AclLength, ACL_REVISION2); Status = RtlCreateAcl(*Dacl, AclLength, ACL_REVISION2);
ASSERT(NT_SUCCESS(Status)); if (!NT_SUCCESS(Status))
{
RtlFreeHeap(BaseSrvHeap, 0, *Dacl);
goto FreeAndReturn;
}
/* Setup access for anyone depending on object security mode */ /* Setup access for anyone depending on object security mode */
if (ObjectSecurityMode != 0) if (ObjectSecurityMode != 0)
@ -276,20 +297,29 @@ CreateBaseAcls(OUT PACL* Dacl,
} }
/* Give the appropriate rights to each SID */ /* Give the appropriate rights to each SID */
Status = RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, WorldAccess, WorldSid); if (NT_SUCCESS(RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, WorldAccess, WorldSid)) &&
ASSERT(NT_SUCCESS(Status)); NT_SUCCESS(RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, DIRECTORY_ALL_ACCESS, SystemSid)))
Status = RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, DIRECTORY_ALL_ACCESS, SystemSid); {
ASSERT(NT_SUCCESS(Status)); RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, DIRECTORY_TRAVERSE, RestrictedSid);
Status = RtlAddAccessAllowedAce(*Dacl, ACL_REVISION2, DIRECTORY_TRAVERSE, RestrictedSid); }
ASSERT(NT_SUCCESS(Status));
/* Now allocate the restricted DACL */ /* Now allocate the restricted DACL */
*RestrictedDacl = RtlAllocateHeap(BaseSrvHeap, 0, AclLength); *RestrictedDacl = RtlAllocateHeap(BaseSrvHeap, 0, AclLength);
ASSERT(*RestrictedDacl != NULL); if (*RestrictedDacl == NULL)
{
Status = STATUS_NO_MEMORY;
RtlFreeHeap(BaseSrvHeap, 0, *Dacl);
goto FreeAndReturn;
}
/* Initialize it */ /* Initialize it */
Status = RtlCreateAcl(*RestrictedDacl, AclLength, ACL_REVISION2); Status = RtlCreateAcl(*RestrictedDacl, AclLength, ACL_REVISION2);
ASSERT(NT_SUCCESS(Status)); if (!NT_SUCCESS(Status))
{
RtlFreeHeap(BaseSrvHeap, 0, *RestrictedDacl);
RtlFreeHeap(BaseSrvHeap, 0, *Dacl);
goto FreeAndReturn;
}
/* Setup access for restricted sid depending on session id and protection mode */ /* Setup access for restricted sid depending on session id and protection mode */
if (SessionId == 0 || (ProtectionMode & 3) == 0) if (SessionId == 0 || (ProtectionMode & 3) == 0)
@ -305,16 +335,22 @@ CreateBaseAcls(OUT PACL* Dacl,
/* And add the same ACEs as before */ /* And add the same ACEs as before */
Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, WorldAccess, WorldSid); Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, WorldAccess, WorldSid);
ASSERT(NT_SUCCESS(Status)); if (NT_SUCCESS(Status))
{
Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, DIRECTORY_ALL_ACCESS, SystemSid); Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, DIRECTORY_ALL_ACCESS, SystemSid);
ASSERT(NT_SUCCESS(Status)); if (NT_SUCCESS(Status))
{
Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, RestrictedAccess, RestrictedSid); Status = RtlAddAccessAllowedAce(*RestrictedDacl, ACL_REVISION2, RestrictedAccess, RestrictedSid);
ASSERT(NT_SUCCESS(Status)); }
}
/* The SIDs are captured, can free them now */ /* The SIDs are captured, can free them now */
FreeAndReturn:
RtlFreeSid(RestrictedSid); RtlFreeSid(RestrictedSid);
RtlFreeSid(WorldSid); RtlFreeSid(WorldSid);
RtlFreeSid(SystemSid); RtlFreeSid(SystemSid);
Return:
return Status; return Status;
} }