[PATCH v2 1/5] advapi32/tests: Add a few tests for GetKernelObjectSecurity() parameter validation.
Zebediah Figura
z.figura12 at gmail.com
Tue Feb 16 23:02:14 CST 2021
Signed-off-by: Zebediah Figura <z.figura12 at gmail.com>
---
dlls/advapi32/tests/security.c | 90 ++++++++++++++++++++++++++++++++++
1 file changed, 90 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index f0b6c90390d..ce1c5500b2f 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -7930,6 +7930,95 @@ static void test_duplicate_token(void)
CloseHandle(token);
}
+static void test_GetKernelObjectSecurity(void)
+{
+ /* Basic tests for parameter validation. */
+
+ SECURITY_DESCRIPTOR_CONTROL control;
+ DWORD size, ret_size, revision;
+ BOOL ret, present, defaulted;
+ PSECURITY_DESCRIPTOR sd;
+ PSID sid;
+ ACL *acl;
+
+ SetLastError(0xdeadbeef);
+ size = 0xdeadbeef;
+ ret = GetKernelObjectSecurity(NULL, OWNER_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret, "expected failure\n");
+ ok(GetLastError() == ERROR_INVALID_HANDLE, "got error %u\n", GetLastError());
+ ok(size == 0xdeadbeef, "got size %u\n", size);
+
+ SetLastError(0xdeadbeef);
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, NULL, 0, NULL);
+ ok(!ret, "expected failure\n");
+ ok(GetLastError() == ERROR_NOACCESS, "got error %u\n", GetLastError());
+
+ SetLastError(0xdeadbeef);
+ size = 0xdeadbeef;
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret, "expected failure\n");
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got error %u\n", GetLastError());
+ ok(size > 0 && size != 0xdeadbeef, "got size 0\n");
+
+ sd = malloc(size + 1);
+
+ SetLastError(0xdeadbeef);
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, sd, size - 1, &ret_size);
+ ok(!ret, "expected failure\n");
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got error %u\n", GetLastError());
+ ok(ret_size == size, "expected size %u, got %u\n", size, ret_size);
+
+ SetLastError(0xdeadbeef);
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, sd, size + 1, &ret_size);
+ ok(ret, "expected success\n");
+ ok(GetLastError() == 0xdeadbeef, "got error %u\n", GetLastError());
+ ok(ret_size == size, "expected size %u, got %u\n", size, ret_size);
+
+ free(sd);
+
+ /* Calling the function with flags not defined succeeds and yields an empty
+ * descriptor. */
+
+ SetLastError(0xdeadbeef);
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), 0x100000, NULL, 0, &size);
+ ok(!ret, "expected failure\n");
+ ok(GetLastError() == ERROR_INSUFFICIENT_BUFFER, "got error %u\n", GetLastError());
+
+ sd = malloc(size);
+ SetLastError(0xdeadbeef);
+ ret = GetKernelObjectSecurity(GetCurrentProcess(), 0x100000, sd, size, &ret_size);
+ ok(ret, "expected success\n");
+ ok(GetLastError() == 0xdeadbeef, "got error %u\n", GetLastError());
+ ok(ret_size == size, "expected size %u, got %u\n", size, ret_size);
+
+ ret = GetSecurityDescriptorControl(sd, &control, &revision);
+ ok(ret, "got error %u\n", GetLastError());
+ todo_wine ok(control == SE_SELF_RELATIVE, "got control %#x\n", control);
+ ok(revision == SECURITY_DESCRIPTOR_REVISION1, "got revision %u\n", revision);
+
+ ret = GetSecurityDescriptorOwner(sd, &sid, &defaulted);
+ ok(ret, "got error %u\n", GetLastError());
+ ok(!sid, "expected no owner SID\n");
+ ok(!defaulted, "expected owner not defaulted\n");
+
+ ret = GetSecurityDescriptorGroup(sd, &sid, &defaulted);
+ ok(ret, "got error %u\n", GetLastError());
+ ok(!sid, "expected no group SID\n");
+ ok(!defaulted, "expected group not defaulted\n");
+
+ ret = GetSecurityDescriptorDacl(sd, &present, &acl, &defaulted);
+ ok(ret, "got error %u\n", GetLastError());
+ todo_wine ok(!present, "expeced no DACL present\n");
+ /* the descriptor is defaulted only on Windows >= 7 */
+
+ ret = GetSecurityDescriptorSacl(sd, &present, &acl, &defaulted);
+ ok(ret, "got error %u\n", GetLastError());
+ ok(!present, "expeced no SACL present\n");
+ /* the descriptor is defaulted only on Windows >= 7 */
+
+ free(sd);
+}
+
START_TEST(security)
{
init();
@@ -7996,6 +8085,7 @@ START_TEST(security)
test_create_process_token();
test_pseudo_handle_security();
test_duplicate_token();
+ test_GetKernelObjectSecurity();
/* Must be the last test, modifies process token */
test_token_security_descriptor();
--
2.20.1
More information about the wine-devel
mailing list