Rob Shearman : advapi32: Add tests for AccessCheck with NULL DACLs and blank DACLs.
Alexandre Julliard
julliard at winehq.org
Tue Oct 16 07:59:51 CDT 2007
Module: wine
Branch: master
Commit: d1a3e2ede58865f159340cb254a0a9637358b4a0
URL: http://source.winehq.org/git/wine.git/?a=commit;h=d1a3e2ede58865f159340cb254a0a9637358b4a0
Author: Rob Shearman <rob at codeweavers.com>
Date: Tue Oct 16 09:50:15 2007 +0100
advapi32: Add tests for AccessCheck with NULL DACLs and blank DACLs.
---
dlls/advapi32/tests/security.c | 46 ++++++++++++++++++++++++++++++++++-----
1 files changed, 40 insertions(+), 6 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 15fdf49..4c7b7bf 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -735,12 +735,6 @@ static void test_AccessCheck(void)
DOMAIN_ALIAS_RID_USERS, 0, 0, 0, 0, 0, 0, &UsersSid);
ok(res, "AllocateAndInitializeSid failed with error %d\n", GetLastError());
- res = AddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, EveryoneSid);
- ok(res, "AddAccessAllowedAceEx failed with error %d\n", GetLastError());
-
- res = AddAccessDeniedAce(Acl, ACL_REVISION, KEY_SET_VALUE, AdminSid);
- ok(res, "AddAccessDeniedAce failed with error %d\n", GetLastError());
-
SecurityDescriptor = HeapAlloc(GetProcessHeap(), 0, SECURITY_DESCRIPTOR_MIN_LENGTH);
res = InitializeSecurityDescriptor(SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION);
@@ -788,6 +782,46 @@ static void test_AccessCheck(void)
ok(Access == 0xdeadbeef && AccessStatus == 0xdeadbeef,
"Access and/or AccessStatus were changed!\n");
+ /* sd with no dacl present */
+ ret = SetSecurityDescriptorDacl(SecurityDescriptor, FALSE, NULL, FALSE);
+ todo_wine
+ ok(ret, "SetSecurityDescriptorDacl failed with error %d\n", GetLastError());
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+ ok(AccessStatus && (Access == KEY_READ),
+ "AccessCheck failed to grant access with error %d\n",
+ GetLastError());
+
+ /* sd with NULL dacl */
+ ret = SetSecurityDescriptorDacl(SecurityDescriptor, TRUE, NULL, FALSE);
+ ok(ret, "SetSecurityDescriptorDacl failed with error %d\n", GetLastError());
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+ todo_wine
+ ok(AccessStatus && (Access == KEY_READ),
+ "AccessCheck failed to grant access with error %d\n",
+ GetLastError());
+
+ /* sd with blank dacl */
+ ret = SetSecurityDescriptorDacl(SecurityDescriptor, TRUE, Acl, FALSE);
+ ok(ret, "SetSecurityDescriptorDacl failed with error %d\n", GetLastError());
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+ err = GetLastError();
+ ok(!AccessStatus && err == ERROR_ACCESS_DENIED, "AccessCheck should have failed "
+ "with ERROR_ACCESS_DENIED, instead of %d\n", err);
+ ok(!Access, "Should have failed to grant any access, got 0x%08x\n", Access);
+
+ res = AddAccessAllowedAce(Acl, ACL_REVISION, KEY_READ, EveryoneSid);
+ ok(res, "AddAccessAllowedAceEx failed with error %d\n", GetLastError());
+
+ res = AddAccessDeniedAce(Acl, ACL_REVISION, KEY_SET_VALUE, AdminSid);
+ ok(res, "AddAccessDeniedAce failed with error %d\n", GetLastError());
+
+ /* sd with dacl */
ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
PrivSet, &PrivSetLen, &Access, &AccessStatus);
ok(ret, "AccessCheck failed with error %d\n", GetLastError());
More information about the wine-cvs
mailing list