server: Do not set SE_{D, S}ACL_PRESENT if no {D, S}ACL was set.

Signed-off-by: Matteo Bruni <mbruni@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Michael Müller 2017-06-14 20:20:42 +02:00 committed by Alexandre Julliard
parent af2d01c2fa
commit 187b53e5a5
3 changed files with 16 additions and 6 deletions

View File

@ -6207,8 +6207,8 @@ static void test_AddMandatoryAce(void)
present = TRUE;
ret = GetSecurityDescriptorSacl(sd2, &present, &sacl, &defaulted);
ok(ret, "GetSecurityDescriptorSacl failed with error %u\n", GetLastError());
todo_wine ok(!present, "SACL is present\n");
todo_wine ok(sacl == (void *)0xdeadbeef, "SACL is set\n");
ok(!present, "SACL is present\n");
ok(sacl == (void *)0xdeadbeef, "SACL is set\n");
HeapFree(GetProcessHeap(), 0, sd2);
CloseHandle(handle);

View File

@ -734,7 +734,6 @@ DECL_HANDLER(get_security_object)
else
req_sd.group_len = 0;
req_sd.control |= SE_SACL_PRESENT;
sacl = sd_get_sacl( sd, &present );
if (req->security_info & SACL_SECURITY_INFORMATION && present)
req_sd.sacl_len = sd->sacl_len;
@ -747,7 +746,6 @@ DECL_HANDLER(get_security_object)
else
req_sd.sacl_len = 0;
req_sd.control |= SE_DACL_PRESENT;
dacl = sd_get_dacl( sd, &present );
if (req->security_info & DACL_SECURITY_INFORMATION && present)
req_sd.dacl_len = sd->dacl_len;

View File

@ -583,15 +583,18 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
}
else new_sd.group_len = 0;
new_sd.control |= SE_SACL_PRESENT;
sacl = sd_get_sacl( sd, &present );
if (set_info & SACL_SECURITY_INFORMATION && present)
{
new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = sd->sacl_len;
}
else if (set_info & LABEL_SECURITY_INFORMATION && present)
{
const ACL *old_sacl = NULL;
if (obj->sd && obj->sd->control & SE_SACL_PRESENT) old_sacl = sd_get_sacl( obj->sd, &present );
if (!(replaced_sacl = replace_security_labels( old_sacl, sacl ))) return 0;
new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = replaced_sacl->AclSize;
sacl = replaced_sacl;
}
@ -600,24 +603,33 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
if (obj->sd) sacl = sd_get_sacl( obj->sd, &present );
if (obj->sd && present)
{
new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = obj->sd->sacl_len;
}
else
new_sd.sacl_len = 0;
}
new_sd.control |= SE_DACL_PRESENT;
dacl = sd_get_dacl( sd, &present );
if (set_info & DACL_SECURITY_INFORMATION && present)
{
new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = sd->dacl_len;
}
else
{
if (obj->sd) dacl = sd_get_dacl( obj->sd, &present );
if (obj->sd && present)
{
new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = obj->sd->dacl_len;
}
else if (token)
{
dacl = token_get_default_dacl( token );
new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = dacl->AclSize;
}
else new_sd.dacl_len = 0;