[tkreuzer] 44276: SeCaptureSecurityDescriptor: instead of first copying the relative offsets of a SECURITY_DESCRIPTOR_RELATIVE into the pointer fields of a SECURITY_DESCRIPTOR and later adding the base pointer, do it directly as the code already needs to handle relative and absolute structures differently before.
Author: tkreuzer Date: Mon Nov 23 22:52:18 2009 New Revision: 44276
URL: http://svn.reactos.org/svn/reactos?rev=44276&view=rev Log: SeCaptureSecurityDescriptor: instead of first copying the relative offsets of a SECURITY_DESCRIPTOR_RELATIVE into the pointer fields of a SECURITY_DESCRIPTOR and later adding the base pointer, do it directly as the code already needs to handle relative and absolute structures differently before.
Modified: branches/ros-amd64-bringup/reactos/ntoskrnl/se/sd.c
Modified: branches/ros-amd64-bringup/reactos/ntoskrnl/se/sd.c URL: http://svn.reactos.org/svn/reactos/branches/ros-amd64-bringup/reactos/ntoskr... ============================================================================== --- branches/ros-amd64-bringup/reactos/ntoskrnl/se/sd.c [iso-8859-1] (original) +++ branches/ros-amd64-bringup/reactos/ntoskrnl/se/sd.c [iso-8859-1] Mon Nov 23 22:52:18 2009 @@ -436,10 +436,10 @@ { PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
- DescriptorCopy.Owner = (PSID)RelSD->Owner; - DescriptorCopy.Group = (PSID)RelSD->Group; - DescriptorCopy.Sacl = (PACL)RelSD->Sacl; - DescriptorCopy.Dacl = (PACL)RelSD->Dacl; + DescriptorCopy.Owner = (PSID)((PCHAR)RelSD + RelSD->Owner); + DescriptorCopy.Group = (PSID)((PCHAR)RelSD + RelSD->Group); + DescriptorCopy.Sacl = (PACL)((PCHAR)RelSD + RelSD->Sacl); + DescriptorCopy.Dacl = (PACL)((PCHAR)RelSD + RelSD->Dacl); } else { @@ -483,10 +483,10 @@ { PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
- DescriptorCopy.Owner = (PSID)RelSD->Owner; - DescriptorCopy.Group = (PSID)RelSD->Group; - DescriptorCopy.Sacl = (PACL)RelSD->Sacl; - DescriptorCopy.Dacl = (PACL)RelSD->Dacl; + DescriptorCopy.Owner = (PSID)((PCHAR)RelSD + RelSD->Owner); + DescriptorCopy.Group = (PSID)((PCHAR)RelSD + RelSD->Group); + DescriptorCopy.Sacl = (PACL)((PCHAR)RelSD + RelSD->Sacl); + DescriptorCopy.Dacl = (PACL)((PCHAR)RelSD + RelSD->Dacl); } else { @@ -494,30 +494,6 @@ DescriptorCopy.Group = OriginalSecurityDescriptor->Group; DescriptorCopy.Sacl = OriginalSecurityDescriptor->Sacl; DescriptorCopy.Dacl = OriginalSecurityDescriptor->Dacl; - } - } - - if(DescriptorCopy.Control & SE_SELF_RELATIVE) - { - /* in case we're dealing with a self-relative descriptor, do a basic convert - to an absolute descriptor. We do this so we can simply access the data - using the pointers without calculating them again. */ - DescriptorCopy.Control &= ~SE_SELF_RELATIVE; - if(DescriptorCopy.Owner != NULL) - { - DescriptorCopy.Owner = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Owner); - } - if(DescriptorCopy.Group != NULL) - { - DescriptorCopy.Group = (PSID)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Group); - } - if(DescriptorCopy.Dacl != NULL) - { - DescriptorCopy.Dacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Dacl); - } - if(DescriptorCopy.Sacl != NULL) - { - DescriptorCopy.Sacl = (PACL)((ULONG_PTR)OriginalSecurityDescriptor + (ULONG_PTR)DescriptorCopy.Sacl); } }
-
tkreuzer@svn.reactos.org