Mikolaj Zalewski : advapi32: Implement GetPrivateObjectSecurity (with test) .
Alexandre Julliard
julliard at winehq.org
Fri Sep 28 06:45:59 CDT 2007
Module: wine
Branch: master
Commit: 8fd1cf0f56a88ffe1f1c5756e7789df8df31bdcc
URL: http://source.winehq.org/git/wine.git/?a=commit;h=8fd1cf0f56a88ffe1f1c5756e7789df8df31bdcc
Author: Mikolaj Zalewski <mikolajz at google.com>
Date: Thu Sep 27 12:01:49 2007 -0700
advapi32: Implement GetPrivateObjectSecurity (with test).
---
dlls/advapi32/security.c | 44 +++++++++++++++++++++++++++++-
dlls/advapi32/tests/security.c | 57 +++++++++++++++++++++++++++++++++++++++-
2 files changed, 98 insertions(+), 3 deletions(-)
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 5b2f7dd..cfe73f4 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -1123,11 +1123,51 @@ BOOL WINAPI GetPrivateObjectSecurity(
DWORD DescriptorLength,
PDWORD ReturnLength )
{
+ SECURITY_DESCRIPTOR desc;
+ BOOL defaulted, present;
+ PACL pacl;
+ PSID psid;
+
TRACE("(%p,0x%08x,%p,0x%08x,%p)\n", ObjectDescriptor, SecurityInformation,
ResultantDescriptor, DescriptorLength, ReturnLength);
- return set_ntstatus( NtQuerySecurityObject(ObjectDescriptor, SecurityInformation,
- ResultantDescriptor, DescriptorLength, ReturnLength ));
+ if (!InitializeSecurityDescriptor(&desc, SECURITY_DESCRIPTOR_REVISION))
+ return FALSE;
+
+ if (SecurityInformation & OWNER_SECURITY_INFORMATION)
+ {
+ if (!GetSecurityDescriptorOwner(ObjectDescriptor, &psid, &defaulted))
+ return FALSE;
+ SetSecurityDescriptorOwner(&desc, psid, defaulted);
+ }
+
+ if (SecurityInformation & GROUP_SECURITY_INFORMATION)
+ {
+ if (!GetSecurityDescriptorGroup(ObjectDescriptor, &psid, &defaulted))
+ return FALSE;
+ SetSecurityDescriptorGroup(&desc, psid, defaulted);
+ }
+
+ if (SecurityInformation & DACL_SECURITY_INFORMATION)
+ {
+ if (!GetSecurityDescriptorDacl(ObjectDescriptor, &present, &pacl, &defaulted))
+ return FALSE;
+ SetSecurityDescriptorDacl(&desc, present, pacl, defaulted);
+ }
+
+ if (SecurityInformation & SACL_SECURITY_INFORMATION)
+ {
+ if (!GetSecurityDescriptorSacl(ObjectDescriptor, &present, &pacl, &defaulted))
+ return FALSE;
+ SetSecurityDescriptorSacl(&desc, present, pacl, defaulted);
+ }
+
+ *ReturnLength = DescriptorLength;
+ if (!MakeSelfRelativeSD(&desc, ResultantDescriptor, ReturnLength))
+ return FALSE;
+ GetSecurityDescriptorOwner(ResultantDescriptor, &psid, &defaulted);
+ FIXME("%p, sid=%p\n", &desc, psid);
+ return TRUE;
}
/******************************************************************************
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 9c98f09..6426f84 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2044,10 +2044,64 @@ static void test_ConvertSecurityDescriptorToString()
AddAuditAccessAceEx(pacl, ACL_REVISION, NO_PROPAGATE_INHERIT_ACE, FILE_GENERIC_READ|FILE_GENERIC_WRITE, psid2, TRUE, FALSE);
ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(&desc, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
CHECK_RESULT_AND_FREE("O:SYG:S-1-5-21-93476-23408-4576D:S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
+}
+
+static void test_PrivateObjectSecurity(void)
+{
+ SECURITY_INFORMATION sec_info = OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION;
+ SECURITY_DESCRIPTOR_CONTROL ctrl;
+ PSECURITY_DESCRIPTOR sec;
+ DWORD dwDescSize;
+ DWORD dwRevision;
+ DWORD retSize;
+ LPSTR string;
+ ULONG len;
+ PSECURITY_DESCRIPTOR buf;
+
+ ok(ConvertStringSecurityDescriptorToSecurityDescriptorA(
+ "O:SY"
+ "G:S-1-5-21-93476-23408-4576"
+ "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
+ "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)", SDDL_REVISION_1, &sec, &dwDescSize), "Creating descriptor failed\n");
+ buf = HeapAlloc(GetProcessHeap(), 0, dwDescSize);
+ SetSecurityDescriptorControl(sec, SE_DACL_PROTECTED, SE_DACL_PROTECTED);
+ GetSecurityDescriptorControl(sec, &ctrl, &dwRevision);
+ todo_wine expect_eq(ctrl, 0x9014, int, "%x");
+
+ ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
+ "GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
+ ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
+ ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
+ CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576");
+ GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
+ expect_eq(ctrl, 0x8000, int, "%x");
+
+ ok(GetPrivateObjectSecurity(sec, GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION, buf, dwDescSize, &retSize),
+ "GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
+ ok(retSize <= dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
+ ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed err=%u\n", GetLastError());
+ CHECK_RESULT_AND_FREE("G:S-1-5-21-93476-23408-4576D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)");
+ GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
+ expect_eq(ctrl, 0x8004, int, "%x");
+
+ ok(GetPrivateObjectSecurity(sec, sec_info, buf, dwDescSize, &retSize),
+ "GetPrivateObjectSecurity failed (err=%u)\n", GetLastError());
+ ok(retSize == dwDescSize, "Buffer too small (%d vs %d)\n", retSize, dwDescSize);
+ ok(pConvertSecurityDescriptorToStringSecurityDescriptorA(buf, SDDL_REVISION_1, sec_info, &string, &len), "Convertion failed\n");
+ CHECK_RESULT_AND_FREE("O:SY"
+ "G:S-1-5-21-93476-23408-4576"
+ "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
+ "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)");
+ GetSecurityDescriptorControl(buf, &ctrl, &dwRevision);
+ expect_eq(ctrl, 0x8014, int, "%x");
+ SetLastError(0xdeadbeef);
+ ok(GetPrivateObjectSecurity(sec, sec_info, buf, 5, &retSize) == FALSE, "GetPrivateObjectSecurity should have failed\n");
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "Expected error ERROR_INSUFFICIENT_BUFFER, got %u\n", GetLastError());
-#undef CHECK_RESULT_AND_FREE
+ LocalFree(sec);
}
+#undef CHECK_RESULT_AND_FREE
START_TEST(security)
{
@@ -2074,4 +2128,5 @@ START_TEST(security)
test_GetNamedSecurityInfoA();
test_ConvertStringSecurityDescriptor();
test_ConvertSecurityDescriptorToString();
+ test_PrivateObjectSecurity();
}
More information about the wine-cvs
mailing list