Author: ekohl Date: Sun Sep 30 22:41:34 2012 New Revision: 57448

URL: http://svn.reactos.org/svn/reactos?rev=57448&view=rev Log: [LSASRV] - Validate Account SIDs in LsarCreateAccount and LsarOpenAccount. - LsarOpenAccount: Do not check the granted access of the policy handle. - LsarOpenAccount: Return the proper status code.

Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c

Modified: trunk/reactos/dll/win32/lsasrv/lsarpc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/lsasrv/lsarpc.c?r... ============================================================================== --- trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/lsasrv/lsarpc.c [iso-8859-1] Sun Sep 30 22:41:34 2012 @@ -440,6 +440,10 @@ LPWSTR SidString = NULL; NTSTATUS Status = STATUS_SUCCESS;

+ /* Validate the AccountSid */ + if (!RtlValidSid(AccountSid)) + return STATUS_INVALID_PARAMETER; + /* Validate the PolicyHandle */ Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, @@ -842,10 +846,14 @@ LPWSTR SidString = NULL; NTSTATUS Status = STATUS_SUCCESS;

+ /* Validate the AccountSid */ + if (!RtlValidSid(AccountSid)) + return STATUS_INVALID_PARAMETER; + /* Validate the PolicyHandle */ Status = LsapValidateDbObject(PolicyHandle, LsaDbPolicyObject, - POLICY_CREATE_ACCOUNT, + 0, &PolicyObject); if (!NT_SUCCESS(Status)) { @@ -861,7 +869,7 @@ &AccountsObject); if (!NT_SUCCESS(Status)) { - ERR("LsapCreateDbObject (Accounts) failed (Status 0x%08lx)\n", Status); + ERR("LsapOpenDbObject (Accounts) failed (Status 0x%08lx)\n", Status); goto done; }

@@ -909,7 +917,7 @@ if (AccountsObject != NULL) LsapCloseDbObject(AccountsObject);

- return STATUS_SUCCESS; + return Status; }