ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs.

This commit is contained in:
Rob Shearman 2007-10-16 09:50:50 +01:00 committed by Alexandre Julliard
parent a006b06080
commit 12e44bf299
2 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
dlls/advapi32/tests/security.c
View File

@ -798,7 +798,6 @@ static void test_AccessCheck(void)
ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping, ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
PrivSet, &PrivSetLen, &Access, &AccessStatus); PrivSet, &PrivSetLen, &Access, &AccessStatus);
ok(ret, "AccessCheck failed with error %d\n", GetLastError()); ok(ret, "AccessCheck failed with error %d\n", GetLastError());
todo_wine
ok(AccessStatus && (Access == KEY_READ), ok(AccessStatus && (Access == KEY_READ),
"AccessCheck failed to grant access with error %d\n", "AccessCheck failed to grant access with error %d\n",
GetLastError()); GetLastError());

8
server/token.c
View File

@ -811,18 +811,12 @@ static unsigned int token_access_check( struct token *token,
} }
/* 1: Grant desired access if the object is unprotected */ /* 1: Grant desired access if the object is unprotected */
if (!dacl_present) if (!dacl_present || !dacl)
{ {
*priv_count = 0; *priv_count = 0;
*granted_access = desired_access; *granted_access = desired_access;
return *status = STATUS_SUCCESS; return *status = STATUS_SUCCESS;
} }
if (!dacl)
{
*priv_count = 0;
*status = STATUS_ACCESS_DENIED;
return STATUS_SUCCESS;
}
/* 2: Check if caller wants access to system security part. Note: access /* 2: Check if caller wants access to system security part. Note: access
* is only granted if specifically asked for */ * is only granted if specifically asked for */