server: Give all access rights when opening an object with MAXIMUM_ALLOWED.

Signed-off-by: Michael Müller <michael@fds-team.de>
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Michael Müller 2017-02-10 18:12:06 +01:00 committed by Alexandre Julliard
parent a6661ba9ad
commit 0e49e0541f
2 changed files with 39 additions and 0 deletions

View File

@ -6414,6 +6414,43 @@ static void test_pseudo_tokens(void)
"Expected ERROR_NO_TOKEN, got %u\n", GetLastError()); "Expected ERROR_NO_TOKEN, got %u\n", GetLastError());
} }
static void test_maximum_allowed(void)
{
HANDLE (WINAPI *pCreateEventExA)(SECURITY_ATTRIBUTES *, LPCSTR, DWORD, DWORD);
char buffer_sd[SECURITY_DESCRIPTOR_MIN_LENGTH], buffer_acl[256];
SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)&buffer_sd;
SECURITY_ATTRIBUTES sa;
ACL *acl = (ACL *)&buffer_acl;
HMODULE hkernel32 = GetModuleHandleA("kernel32.dll");
ACCESS_MASK mask;
HANDLE handle;
BOOL ret;
pCreateEventExA = (void *)GetProcAddress(hkernel32, "CreateEventExA");
if (!pCreateEventExA)
{
win_skip("CreateEventExA is not available\n");
return;
}
ret = InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION);
ok(ret, "InitializeSecurityDescriptor failed with %u\n", GetLastError());
ret = InitializeAcl(acl, 256, ACL_REVISION);
ok(ret, "InitializeAcl failed with %u\n", GetLastError());
ret = SetSecurityDescriptorDacl(sd, TRUE, acl, FALSE);
ok(ret, "SetSecurityDescriptorDacl failed with %u\n", GetLastError());
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = sd;
sa.bInheritHandle = FALSE;
handle = pCreateEventExA(&sa, NULL, 0, MAXIMUM_ALLOWED | 0x4);
ok(handle != NULL, "CreateEventExA failed with error %u\n", GetLastError());
mask = get_obj_access(handle);
ok(mask == EVENT_ALL_ACCESS, "Expected %x, got %x\n", EVENT_ALL_ACCESS, mask);
CloseHandle(handle);
}
START_TEST(security) START_TEST(security)
{ {
init(); init();
@ -6461,4 +6498,5 @@ START_TEST(security)
test_system_security_access(); test_system_security_access();
test_GetSidIdentifierAuthority(); test_GetSidIdentifierAuthority();
test_pseudo_tokens(); test_pseudo_tokens();
test_maximum_allowed();
} }

View File

@ -272,6 +272,7 @@ static obj_handle_t alloc_handle_entry( struct process *process, void *ptr,
obj_handle_t alloc_handle_no_access_check( struct process *process, void *ptr, unsigned int access, unsigned int attr ) obj_handle_t alloc_handle_no_access_check( struct process *process, void *ptr, unsigned int access, unsigned int attr )
{ {
struct object *obj = ptr; struct object *obj = ptr;
if (access & MAXIMUM_ALLOWED) access = GENERIC_ALL;
access = obj->ops->map_access( obj, access ) & ~RESERVED_ALL; access = obj->ops->map_access( obj, access ) & ~RESERVED_ALL;
return alloc_handle_entry( process, ptr, access, attr ); return alloc_handle_entry( process, ptr, access, attr );
} }