3 Sep
2016
3 Sep
'16
3:06 p.m.
Author: ekohl
Date: Sat Sep 3 15:06:20 2016
New Revision: 72547
URL: http://svn.reactos.org/svn/reactos?rev=72547&view=rev
Log:
[SAMSRV]
SamrQuerySecurityObject: Return security information according to the SecurityInformation
parameter.
Modified:
trunk/reactos/dll/win32/samsrv/samrpc.c
Modified: trunk/reactos/dll/win32/samsrv/samrpc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?…
==============================================================================
--- trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] Sat Sep 3 15:06:20 2016
@@ -218,10 +218,12 @@
OUT PSAMPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor)
{
PSAM_DB_OBJECT SamObject;
- PSAMPR_SR_SECURITY_DESCRIPTOR SamSD = NULL;
- PSECURITY_DESCRIPTOR SdBuffer = NULL;
+ PSAMPR_SR_SECURITY_DESCRIPTOR SdData = NULL;
+ PSECURITY_DESCRIPTOR RelativeSd = NULL;
+ PSECURITY_DESCRIPTOR ResultSd = NULL;
ACCESS_MASK DesiredAccess = 0;
- ULONG Length = 0;
+ ULONG RelativeSdSize = 0;
+ ULONG ResultSdSize = 0;
NTSTATUS Status;
TRACE("(%p %lx %p)\n",
@@ -248,64 +250,98 @@
if (!NT_SUCCESS(Status))
goto done;
- SamSD = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR));
- if (SamSD == NULL)
- {
- Status = STATUS_INSUFFICIENT_RESOURCES;
- goto done;
- }
-
+ /* Get the size of the SD */
Status = SampGetObjectAttribute(SamObject,
L"SecDesc",
NULL,
NULL,
- &Length);
+ &RelativeSdSize);
if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW)
{
TRACE("Status 0x%08lx\n", Status);
goto done;
}
- TRACE("SD Length: %lu\n", Length);
-
- SdBuffer = midl_user_allocate(Length);
- if (SdBuffer == NULL)
+ /* Allocate a buffer for the SD */
+ RelativeSd = midl_user_allocate(RelativeSdSize);
+ if (RelativeSd == NULL)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto done;
}
+ /* Get the SD */
Status = SampGetObjectAttribute(SamObject,
L"SecDesc",
NULL,
- SdBuffer,
- &Length);
+ RelativeSd,
+ &RelativeSdSize);
if (!NT_SUCCESS(Status))
{
TRACE("Status 0x%08lx\n", Status);
goto done;
}
- /* FIXME: Use SecurityInformation to return only the requested information */
-
- SamSD->Length = Length;
- SamSD->SecurityDescriptor = SdBuffer;
+ /* Invalidate the SD information that was not requested */
+ if (!(SecurityInformation & OWNER_SECURITY_INFORMATION))
+ ((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL;
+
+ if (!(SecurityInformation & GROUP_SECURITY_INFORMATION))
+ ((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL;
+
+ if (!(SecurityInformation & DACL_SECURITY_INFORMATION))
+ ((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_DACL_PRESENT;
+
+ if (!(SecurityInformation & SACL_SECURITY_INFORMATION))
+ ((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_SACL_PRESENT;
+
+ /* Calculate the required SD size */
+ Status = RtlMakeSelfRelativeSD(RelativeSd,
+ NULL,
+ &ResultSdSize);
+ if (Status != STATUS_BUFFER_TOO_SMALL)
+ goto done;
+
+ /* Allocate a buffer for the new SD */
+ ResultSd = MIDL_user_allocate(ResultSdSize);
+ if (ResultSd == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* Build the new SD */
+ Status = RtlMakeSelfRelativeSD(RelativeSd,
+ ResultSd,
+ &ResultSdSize);
+ if (!NT_SUCCESS(Status))
+ goto done;
+
+ /* Allocate the SD data buffer */
+ SdData = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR));
+ if (SdData == NULL)
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
+ goto done;
+ }
+
+ /* Fill the SD data buffer and return it to the caller */
+ SdData->Length = RelativeSdSize;
+ SdData->SecurityDescriptor = (PBYTE)ResultSd;
+
+ *SecurityDescriptor = SdData;
done:
RtlReleaseResource(&SampResource);
- if (NT_SUCCESS(Status))
- {
- *SecurityDescriptor = SamSD;
- }
- else
- {
- if (SdBuffer != NULL)
- midl_user_free(SdBuffer);
-
- if (SamSD != NULL)
- midl_user_free(SamSD);
- }
+ if (!NT_SUCCESS(Status))
+ {
+ if (ResultSd != NULL)
+ MIDL_user_free(ResultSd);
+ }
+
+ if (RelativeSd != NULL)
+ MIDL_user_free(RelativeSd);
return Status;
}