Mikolaj Zalewski : advapi32: QueryObjectSecurity should return a self-relative security descriptor and not overflow the buffer .
Alexandre Julliard
julliard at winehq.org
Tue Sep 18 05:31:09 CDT 2007
Module: wine
Branch: master
Commit: c5c0a26f601429dbcb303188d928a1ff80f3ac02
URL: http://source.winehq.org/git/wine.git/?a=commit;h=c5c0a26f601429dbcb303188d928a1ff80f3ac02
Author: Mikolaj Zalewski <mikolajz at google.com>
Date: Mon Sep 17 14:12:27 2007 -0700
advapi32: QueryObjectSecurity should return a self-relative security descriptor and not overflow the buffer.
---
dlls/advapi32/service.c | 23 ++++++++++++++++-------
1 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/dlls/advapi32/service.c b/dlls/advapi32/service.c
index a698f11..ce031ab 100644
--- a/dlls/advapi32/service.c
+++ b/dlls/advapi32/service.c
@@ -2538,17 +2538,26 @@ BOOL WINAPI QueryServiceObjectSecurity(SC_HANDLE hService,
PSECURITY_DESCRIPTOR lpSecurityDescriptor,
DWORD cbBufSize, LPDWORD pcbBytesNeeded)
{
- PACL pACL = NULL;
+ SECURITY_DESCRIPTOR descriptor;
+ DWORD size;
+ BOOL succ;
+ ACL acl;
- FIXME("%p %d %p %u %p\n", hService, dwSecurityInformation,
+ FIXME("%p %d %p %u %p - semi-stub\n", hService, dwSecurityInformation,
lpSecurityDescriptor, cbBufSize, pcbBytesNeeded);
- InitializeSecurityDescriptor(lpSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION);
+ if (dwSecurityInformation != DACL_SECURITY_INFORMATION)
+ FIXME("information %d not supported\n", dwSecurityInformation);
- pACL = HeapAlloc( GetProcessHeap(), 0, sizeof(ACL) );
- InitializeAcl(pACL, sizeof(ACL), ACL_REVISION);
- SetSecurityDescriptorDacl(lpSecurityDescriptor, TRUE, pACL, TRUE);
- return TRUE;
+ InitializeSecurityDescriptor(&descriptor, SECURITY_DESCRIPTOR_REVISION);
+
+ InitializeAcl(&acl, sizeof(ACL), ACL_REVISION);
+ SetSecurityDescriptorDacl(&descriptor, TRUE, &acl, TRUE);
+
+ size = cbBufSize;
+ succ = MakeSelfRelativeSD(&descriptor, lpSecurityDescriptor, &size);
+ *pcbBytesNeeded = size;
+ return succ;
}
/******************************************************************************
More information about the wine-cvs
mailing list