parent
645bb9f66b
commit
9f96664dc4
|
@ -518,14 +518,14 @@ static void test_AccessCheck(void)
|
||||||
ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
|
ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
|
||||||
PrivSet, &PrivSetLen, &Access, &AccessStatus);
|
PrivSet, &PrivSetLen, &Access, &AccessStatus);
|
||||||
ok(ret, "AccessCheck failed with error %ld\n", GetLastError());
|
ok(ret, "AccessCheck failed with error %ld\n", GetLastError());
|
||||||
todo_wine ok(AccessStatus && (Access == KEY_READ),
|
ok(AccessStatus && (Access == KEY_READ),
|
||||||
"AccessCheck failed to grant access with error %ld\n",
|
"AccessCheck failed to grant access with error %ld\n",
|
||||||
GetLastError());
|
GetLastError());
|
||||||
|
|
||||||
ret = AccessCheck(SecurityDescriptor, Token, MAXIMUM_ALLOWED, &Mapping,
|
ret = AccessCheck(SecurityDescriptor, Token, MAXIMUM_ALLOWED, &Mapping,
|
||||||
PrivSet, &PrivSetLen, &Access, &AccessStatus);
|
PrivSet, &PrivSetLen, &Access, &AccessStatus);
|
||||||
ok(ret, "AccessCheck failed with error %ld\n", GetLastError());
|
ok(ret, "AccessCheck failed with error %ld\n", GetLastError());
|
||||||
todo_wine ok(AccessStatus,
|
ok(AccessStatus,
|
||||||
"AccessCheck failed to grant any access with error %ld\n",
|
"AccessCheck failed to grant any access with error %ld\n",
|
||||||
GetLastError());
|
GetLastError());
|
||||||
trace("AccessCheck with MAXIMUM_ALLOWED got Access 0x%08lx\n", Access);
|
trace("AccessCheck with MAXIMUM_ALLOWED got Access 0x%08lx\n", Access);
|
||||||
|
|
|
@ -71,24 +71,18 @@ static BOOLEAN copy_acl(DWORD nDestinationAclLength, PACL pDestinationAcl, PACL
|
||||||
static NTSTATUS add_access_ace(PACL pAcl, DWORD dwAceRevision, DWORD dwAceFlags,
|
static NTSTATUS add_access_ace(PACL pAcl, DWORD dwAceRevision, DWORD dwAceFlags,
|
||||||
DWORD dwAccessMask, PSID pSid, DWORD dwAceType)
|
DWORD dwAccessMask, PSID pSid, DWORD dwAceType)
|
||||||
{
|
{
|
||||||
SID *sid = (SID *)pSid;
|
|
||||||
ACE_HEADER *pAceHeader;
|
ACE_HEADER *pAceHeader;
|
||||||
|
DWORD dwLengthSid;
|
||||||
DWORD dwAceSize;
|
DWORD dwAceSize;
|
||||||
DWORD dwSidStart;
|
DWORD *pAccessMask;
|
||||||
DWORD sidLength;
|
DWORD *pSidStart;
|
||||||
PDWORD pAccessMask;
|
|
||||||
|
|
||||||
if (!RtlValidSid(sid))
|
if (!RtlValidSid(pSid))
|
||||||
return STATUS_INVALID_SID;
|
return STATUS_INVALID_SID;
|
||||||
|
|
||||||
if (pAcl->AclRevision > MAX_ACL_REVISION || dwAceRevision > MAX_ACL_REVISION)
|
if (pAcl->AclRevision > MAX_ACL_REVISION || dwAceRevision > MAX_ACL_REVISION)
|
||||||
return STATUS_REVISION_MISMATCH;
|
return STATUS_REVISION_MISMATCH;
|
||||||
|
|
||||||
/* choose the higher of the two revisions */
|
|
||||||
sid->IdentifierAuthority.Value[1] = pAcl->AclRevision;
|
|
||||||
if (dwAceRevision > pAcl->AclRevision)
|
|
||||||
sid->IdentifierAuthority.Value[1] = dwAceRevision;
|
|
||||||
|
|
||||||
if (!RtlValidAcl(pAcl))
|
if (!RtlValidAcl(pAcl))
|
||||||
return STATUS_INVALID_ACL;
|
return STATUS_INVALID_ACL;
|
||||||
|
|
||||||
|
@ -99,22 +93,25 @@ static NTSTATUS add_access_ace(PACL pAcl, DWORD dwAceRevision, DWORD dwAceFlags,
|
||||||
return STATUS_ALLOTTED_SPACE_EXCEEDED;
|
return STATUS_ALLOTTED_SPACE_EXCEEDED;
|
||||||
|
|
||||||
/* calculate generic size of the ACE */
|
/* calculate generic size of the ACE */
|
||||||
sidLength = RtlLengthSid(sid);
|
dwLengthSid = RtlLengthSid(pSid);
|
||||||
dwAceSize = sizeof(ACE_HEADER) + sizeof(DWORD) + sidLength;
|
dwAceSize = sizeof(ACE_HEADER) + sizeof(DWORD) + dwLengthSid;
|
||||||
if ((DWORD)(pAceHeader + dwAceSize) > (DWORD)(pAcl + pAcl->AclSize))
|
if ((DWORD)(pAceHeader + dwAceSize) > (DWORD)(pAcl + pAcl->AclSize))
|
||||||
return STATUS_ALLOTTED_SPACE_EXCEEDED;
|
return STATUS_ALLOTTED_SPACE_EXCEEDED;
|
||||||
|
|
||||||
/* fill the new Ace */
|
/* fill the new ACE */
|
||||||
pAceHeader->AceType = dwAceType;
|
pAceHeader->AceType = dwAceType;
|
||||||
pAceHeader->AceFlags = dwAceFlags;
|
pAceHeader->AceFlags = dwAceFlags;
|
||||||
pAceHeader->AceSize = dwAceSize;
|
pAceHeader->AceSize = dwAceSize;
|
||||||
pAccessMask = (DWORD *)(pAceHeader + sizeof(ACE_HEADER));
|
|
||||||
|
/* skip past the ACE_HEADER of the ACE */
|
||||||
|
pAccessMask = (DWORD *)(pAceHeader + 1);
|
||||||
*pAccessMask = dwAccessMask;
|
*pAccessMask = dwAccessMask;
|
||||||
|
|
||||||
dwSidStart = (DWORD)(pAceHeader + sizeof(ACE_HEADER) + sizeof(DWORD));
|
/* skip past ACE->Mask */
|
||||||
RtlCopySid(sidLength, (PSID)dwSidStart, sid);
|
pSidStart = pAccessMask + 1;
|
||||||
|
RtlCopySid(dwLengthSid, (PSID)pSidStart, pSid);
|
||||||
|
|
||||||
pAcl->AclRevision = sid->IdentifierAuthority.Value[1];
|
pAcl->AclRevision = max(pAcl->AclRevision, dwAceRevision);
|
||||||
pAcl->AceCount++;
|
pAcl->AceCount++;
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
|
|
Loading…
Reference in New Issue