Rob Shearman : server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs .
Alexandre Julliard
julliard at winehq.org
Tue Oct 16 07:59:52 CDT 2007
Module: wine
Branch: master
Commit: 12e44bf29974743d3ca9819817657c785e3c49e1
URL: http://source.winehq.org/git/wine.git/?a=commit;h=12e44bf29974743d3ca9819817657c785e3c49e1
Author: Rob Shearman <rob at codeweavers.com>
Date: Tue Oct 16 09:50:50 2007 +0100
server: Fix token_access_check to allow full access to security descriptors with present but NULL DACLs.
---
dlls/advapi32/tests/security.c | 1 -
server/token.c | 8 +-------
2 files changed, 1 insertions(+), 8 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 0fbd3f9..b9a12ce 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -798,7 +798,6 @@ static void test_AccessCheck(void)
ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
PrivSet, &PrivSetLen, &Access, &AccessStatus);
ok(ret, "AccessCheck failed with error %d\n", GetLastError());
- todo_wine
ok(AccessStatus && (Access == KEY_READ),
"AccessCheck failed to grant access with error %d\n",
GetLastError());
diff --git a/server/token.c b/server/token.c
index bbb293a..38877fe 100644
--- a/server/token.c
+++ b/server/token.c
@@ -811,18 +811,12 @@ static unsigned int token_access_check( struct token *token,
}
/* 1: Grant desired access if the object is unprotected */
- if (!dacl_present)
+ if (!dacl_present || !dacl)
{
*priv_count = 0;
*granted_access = desired_access;
return *status = STATUS_SUCCESS;
}
- if (!dacl)
- {
- *priv_count = 0;
- *status = STATUS_ACCESS_DENIED;
- return STATUS_SUCCESS;
- }
/* 2: Check if caller wants access to system security part. Note: access
* is only granted if specifically asked for */
More information about the wine-cvs
mailing list