[tfaber] 75019: [NTMARTA] - Add support for CURRENT_USER trustee in AccpGetTrusteeSid. Fixes crash in advapi32_winetest:security CORE-13420 #resolve - Ros-diffs

13 Jun 2017

Author: tfaber
Date: Tue Jun 13 10:10:57 2017
New Revision: 75019
URL: http://svn.reactos.org/svn/reactos?rev=75019&view=rev
Log:
[NTMARTA]
- Add support for CURRENT_USER trustee in AccpGetTrusteeSid. Fixes crash in
advapi32_winetest:security
CORE-13420 #resolve
Modified:
    trunk/reactos/dll/win32/ntmarta/ntmarta.c
Modified: trunk/reactos/dll/win32/ntmarta/ntmarta.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/ntmarta/ntmarta.…
==============================================================================

--- trunk/reactos/dll/win32/ntmarta/ntmarta.c   [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/ntmarta/ntmarta.c   [iso-8859-1] Tue Jun 13 10:10:57 2017
@@ -444,6 +444,51 @@
 }
 static DWORD
+AccpLookupCurrentUser(OUT PSID *ppSid)
+{
+    DWORD Ret;
+    CHAR Buffer[sizeof(TOKEN_USER) + sizeof(SID) +
sizeof(DWORD)*SID_MAX_SUB_AUTHORITIES];
+    DWORD Length;
+    HANDLE Token;
+    PSID pSid;
+
+    *ppSid = NULL;
+    if (!OpenThreadToken(GetCurrentThread(), TOKEN_READ, TRUE, &Token))
+    {
+        Ret = GetLastError();
+        if (Ret != ERROR_NO_TOKEN)
+        {
+            return Ret;
+        }
+
+        if (!OpenProcessToken(GetCurrentProcess(), TOKEN_READ, &Token))
+        {
+            return GetLastError();
+        }
+    }
+
+    Length = sizeof(Buffer);
+    if (!GetTokenInformation(Token, TokenUser, Buffer, Length, &Length))
+    {
+        Ret = GetLastError();
+        CloseHandle(Token);
+        return Ret;
+    }
+    CloseHandle(Token);
+
+    pSid = ((PTOKEN_USER)Buffer)->User.Sid;
+    Length = GetLengthSid(pSid);
+    *ppSid = LocalAlloc(LMEM_FIXED, Length);
+    if (!*ppSid)
+    {
+        return ERROR_NOT_ENOUGH_MEMORY;
+    }
+    CopyMemory(*ppSid, pSid, Length);
+
+    return ERROR_SUCCESS;
+}
+
+static DWORD
 AccpLookupSidByName(IN LSA_HANDLE PolicyHandle,
                     IN LPWSTR Name,
                     OUT PSID *pSid)
@@ -509,6 +554,7 @@
                   OUT BOOL *Allocated)
 {
     DWORD Ret = ERROR_SUCCESS;
+    LPWSTR TrusteeName;
     *ppSid = NULL;
     *Allocated = FALSE;
@@ -535,6 +581,18 @@
             /* fall through */
         case TRUSTEE_IS_NAME:
+            TrusteeName = AccpGetTrusteeName(Trustee);
+            if (!wcscmp(TrusteeName, L"CURRENT_USER"))
+            {
+                Ret = AccpLookupCurrentUser(ppSid);
+                if (Ret == ERROR_SUCCESS)
+                {
+                    ASSERT(*ppSid != NULL);
+                    *Allocated = TRUE;
+                }
+                break;
+            }
+
             if (*pPolicyHandle == NULL)
             {
                 Ret = AccpOpenLSAPolicyHandle(NULL, /* FIXME - always local? */
@@ -547,7 +605,7 @@
             }
             Ret = AccpLookupSidByName(*pPolicyHandle,
-                                      AccpGetTrusteeName(Trustee),
+                                      TrusteeName,
                                       ppSid);
             if (Ret == ERROR_SUCCESS)
             {
    