Author: ekohl Date: Sat Sep 3 15:06:20 2016 New Revision: 72547

URL: http://svn.reactos.org/svn/reactos?rev=72547&view=rev Log: [SAMSRV] SamrQuerySecurityObject: Return security information according to the SecurityInformation parameter.

Modified: trunk/reactos/dll/win32/samsrv/samrpc.c

Modified: trunk/reactos/dll/win32/samsrv/samrpc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?r... ============================================================================== --- trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] Sat Sep 3 15:06:20 2016 @@ -218,10 +218,12 @@ OUT PSAMPR_SR_SECURITY_DESCRIPTOR *SecurityDescriptor) { PSAM_DB_OBJECT SamObject; - PSAMPR_SR_SECURITY_DESCRIPTOR SamSD = NULL; - PSECURITY_DESCRIPTOR SdBuffer = NULL; + PSAMPR_SR_SECURITY_DESCRIPTOR SdData = NULL; + PSECURITY_DESCRIPTOR RelativeSd = NULL; + PSECURITY_DESCRIPTOR ResultSd = NULL; ACCESS_MASK DesiredAccess = 0; - ULONG Length = 0; + ULONG RelativeSdSize = 0; + ULONG ResultSdSize = 0; NTSTATUS Status;

TRACE("(%p %lx %p)\n", @@ -248,64 +250,98 @@ if (!NT_SUCCESS(Status)) goto done;

- SamSD = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR)); - if (SamSD == NULL) - { - Status = STATUS_INSUFFICIENT_RESOURCES; - goto done; - } - + /* Get the size of the SD */ Status = SampGetObjectAttribute(SamObject, L"SecDesc", NULL, NULL, - &Length); + &RelativeSdSize); if (!NT_SUCCESS(Status) && Status != STATUS_BUFFER_OVERFLOW) { TRACE("Status 0x%08lx\n", Status); goto done; }

- TRACE("SD Length: %lu\n", Length); - - SdBuffer = midl_user_allocate(Length); - if (SdBuffer == NULL) + /* Allocate a buffer for the SD */ + RelativeSd = midl_user_allocate(RelativeSdSize); + if (RelativeSd == NULL) { Status = STATUS_INSUFFICIENT_RESOURCES; goto done; }

+ /* Get the SD */ Status = SampGetObjectAttribute(SamObject, L"SecDesc", NULL, - SdBuffer, - &Length); + RelativeSd, + &RelativeSdSize); if (!NT_SUCCESS(Status)) { TRACE("Status 0x%08lx\n", Status); goto done; }

- /* FIXME: Use SecurityInformation to return only the requested information */ - - SamSD->Length = Length; - SamSD->SecurityDescriptor = SdBuffer; + /* Invalidate the SD information that was not requested */ + if (!(SecurityInformation & OWNER_SECURITY_INFORMATION)) + ((PISECURITY_DESCRIPTOR)RelativeSd)->Owner = NULL; + + if (!(SecurityInformation & GROUP_SECURITY_INFORMATION)) + ((PISECURITY_DESCRIPTOR)RelativeSd)->Group = NULL; + + if (!(SecurityInformation & DACL_SECURITY_INFORMATION)) + ((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_DACL_PRESENT; + + if (!(SecurityInformation & SACL_SECURITY_INFORMATION)) + ((PISECURITY_DESCRIPTOR)RelativeSd)->Control &= ~SE_SACL_PRESENT; + + /* Calculate the required SD size */ + Status = RtlMakeSelfRelativeSD(RelativeSd, + NULL, + &ResultSdSize); + if (Status != STATUS_BUFFER_TOO_SMALL) + goto done; + + /* Allocate a buffer for the new SD */ + ResultSd = MIDL_user_allocate(ResultSdSize); + if (ResultSd == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + /* Build the new SD */ + Status = RtlMakeSelfRelativeSD(RelativeSd, + ResultSd, + &ResultSdSize); + if (!NT_SUCCESS(Status)) + goto done; + + /* Allocate the SD data buffer */ + SdData = midl_user_allocate(sizeof(SAMPR_SR_SECURITY_DESCRIPTOR)); + if (SdData == NULL) + { + Status = STATUS_INSUFFICIENT_RESOURCES; + goto done; + } + + /* Fill the SD data buffer and return it to the caller */ + SdData->Length = RelativeSdSize; + SdData->SecurityDescriptor = (PBYTE)ResultSd; + + *SecurityDescriptor = SdData;

done: RtlReleaseResource(&SampResource);

- if (NT_SUCCESS(Status)) - { - *SecurityDescriptor = SamSD; - } - else - { - if (SdBuffer != NULL) - midl_user_free(SdBuffer); - - if (SamSD != NULL) - midl_user_free(SamSD); - } + if (!NT_SUCCESS(Status)) + { + if (ResultSd != NULL) + MIDL_user_free(ResultSd); + } + + if (RelativeSd != NULL) + MIDL_user_free(RelativeSd);

return Status; }