server: Fix handling of MAXIMUM_ALLOWED in token_access_check.

Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Sebastian Lackner 2017-02-03 09:57:10 +01:00 committed by Alexandre Julliard
parent a39d67d8c9
commit 0e42bce0b6
2 changed files with 10 additions and 1 deletions

View File

@ -1376,6 +1376,12 @@ static void test_AccessCheck(void)
ok(AccessStatus && (Access == KEY_READ),
"AccessCheck failed to grant access with error %d\n",
GetLastError());
ret = AccessCheck(SecurityDescriptor, Token, MAXIMUM_ALLOWED, &Mapping,
PrivSet, &PrivSetLen, &Access, &AccessStatus);
ok(ret, "AccessCheck failed with error %d\n", GetLastError());
ok(AccessStatus && (Access == KEY_ALL_ACCESS),
"AccessCheck failed to grant access with error %d\n",
GetLastError());
/* sd with blank dacl */
ret = SetSecurityDescriptorDacl(SecurityDescriptor, TRUE, Acl, FALSE);

View File

@ -844,7 +844,10 @@ static unsigned int token_access_check( struct token *token,
if (!dacl_present || !dacl)
{
if (priv_count) *priv_count = 0;
*granted_access = desired_access;
if (desired_access & MAXIMUM_ALLOWED)
*granted_access = mapping->GenericAll;
else
*granted_access = desired_access;
return *status = STATUS_SUCCESS;
}