Dan Kegel : ntdll: NtAccessCheck: Only send used bytes to server.

Alexandre Julliard julliard at winehq.org
Wed Oct 31 08:35:35 CDT 2007


Module: wine
Branch: master
Commit: ab07d61b916cbdb698879226cc77075c4405ee88
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=ab07d61b916cbdb698879226cc77075c4405ee88

Author: Dan Kegel <dank at kegel.com>
Date:   Tue Oct 30 23:17:31 2007 -0700

ntdll: NtAccessCheck: Only send used bytes to server.

---

 dlls/ntdll/sec.c |   40 +++++++++++++++++++++-------------------
 1 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/dlls/ntdll/sec.c b/dlls/ntdll/sec.c
index 0a9fa5c..2815838 100644
--- a/dlls/ntdll/sec.c
+++ b/dlls/ntdll/sec.c
@@ -45,6 +45,20 @@ WINE_DEFAULT_DEBUG_CHANNEL(ntdll);
 
 #define NT_SUCCESS(status) (status == STATUS_SUCCESS)
 
+/* helper function to retrieve active length of an ACL */
+static size_t acl_bytesInUse(PACL pAcl)
+{
+    int i;
+    size_t bytesInUse = sizeof(ACL);
+    PACE_HEADER ace = (PACE_HEADER) (pAcl + 1);
+    for (i = 0; i < pAcl->AceCount; i++)
+    {
+	bytesInUse += ace->AceSize;
+	ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
+    }
+    return bytesInUse;
+}
+
 /* helper function to copy an ACL */
 static BOOLEAN copy_acl(DWORD nDestinationAclLength, PACL pDestinationAcl, PACL pSourceAcl)
 {
@@ -655,7 +669,7 @@ NTSTATUS WINAPI RtlGetSaclSecurityDescriptor(
 	SECURITY_DESCRIPTOR* lpsd=pSecurityDescriptor;
 
 	TRACE("(%p,%p,%p,%p)\n",
-	pSecurityDescriptor, lpbSaclPresent, *pSacl, lpbSaclDefaulted);
+	pSecurityDescriptor, lpbSaclPresent, pSacl, lpbSaclDefaulted);
 
 	if (lpsd->Revision != SECURITY_DESCRIPTOR_REVISION)
 	  return STATUS_UNKNOWN_REVISION;
@@ -1553,9 +1567,9 @@ NtAccessCheck(
         RtlGetGroupSecurityDescriptor( SecurityDescriptor, &group, &defaulted );
         sd.group_len = RtlLengthSid( group );
         RtlGetSaclSecurityDescriptor( SecurityDescriptor, &present, &sacl, &defaulted );
-        sd.sacl_len = ((present && sacl) ? sacl->AclSize : 0);
+        sd.sacl_len = ((present && sacl) ? acl_bytesInUse(sacl) : 0);
         RtlGetDaclSecurityDescriptor( SecurityDescriptor, &present, &dacl, &defaulted );
-        sd.dacl_len = ((present && dacl) ? dacl->AclSize : 0);
+        sd.dacl_len = ((present && dacl) ? acl_bytesInUse(dacl) : 0);
 
         wine_server_add_data( req, &sd, sizeof(sd) );
         wine_server_add_data( req, owner, sd.owner_len );
@@ -1637,7 +1651,7 @@ NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle,
     {
         status = RtlGetSaclSecurityDescriptor( SecurityDescriptor, &present, &sacl, &defaulted );
         if (status != STATUS_SUCCESS) return status;
-        sd.sacl_len = (sacl && present) ? sacl->AclSize : 0;
+        sd.sacl_len = (sacl && present) ? acl_bytesInUse(sacl) : 0;
         sd.control |= SE_SACL_PRESENT;
     }
 
@@ -1645,7 +1659,7 @@ NTSTATUS WINAPI NtSetSecurityObject(HANDLE Handle,
     {
         status = RtlGetDaclSecurityDescriptor( SecurityDescriptor, &present, &dacl, &defaulted );
         if (status != STATUS_SUCCESS) return status;
-        sd.dacl_len = (dacl && present) ? dacl->AclSize : 0;
+        sd.dacl_len = (dacl && present) ? acl_bytesInUse(dacl) : 0;
         sd.control |= SE_DACL_PRESENT;
     }
 
@@ -1745,23 +1759,11 @@ NTSTATUS WINAPI RtlQueryInformationAcl(
                 status = STATUS_INVALID_PARAMETER;
             else
             {
-                INT i;
-                PACE_HEADER ace;
-
                 paclsize->AceCount = pAcl->AceCount;
-
-                paclsize->AclBytesInUse = 0;
-		ace = (PACE_HEADER) (pAcl + 1);
-
-                for (i = 0; i < pAcl->AceCount; i++)
-                {
-                    paclsize->AclBytesInUse += ace->AceSize;
-		    ace = (PACE_HEADER)(((BYTE*)ace)+ace->AceSize);
-                }
-
+                paclsize->AclBytesInUse = acl_bytesInUse(pAcl);
 		if (pAcl->AclSize < paclsize->AclBytesInUse)
                 {
-                    WARN("Acl has %d bytes free\n", paclsize->AclBytesFree);
+                    WARN("Acl uses %d bytes, but only has %d allocated!  Returning smaller of the two values.\n", pAcl->AclSize, paclsize->AclBytesInUse);
                     paclsize->AclBytesFree = 0;
                     paclsize->AclBytesInUse = pAcl->AclSize;
                 }




More information about the wine-cvs mailing list