Erich E. Hoover : advapi32/tests: Add tests for creating directories with specific security attributes.
Alexandre Julliard
julliard at winehq.org
Thu Nov 21 14:07:47 CST 2013
Module: wine
Branch: master
Commit: 95c414fea7dd17afe81de406f0a26a29e74cece6
URL: http://source.winehq.org/git/wine.git/?a=commit;h=95c414fea7dd17afe81de406f0a26a29e74cece6
Author: Erich E. Hoover <erich.e.hoover at gmail.com>
Date: Fri Nov 8 12:01:49 2013 -0700
advapi32/tests: Add tests for creating directories with specific security attributes.
---
dlls/advapi32/tests/security.c | 113 ++++++++++++++++++++++++++++++++++++++++
1 files changed, 113 insertions(+), 0 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 16f8837..4de623d 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3003,6 +3003,118 @@ static void test_SetEntriesInAclA(void)
HeapFree(GetProcessHeap(), 0, OldAcl);
}
+static void test_CreateDirectoryA(void)
+{
+ char admin_ptr[sizeof(SID)+sizeof(ULONG)*SID_MAX_SUB_AUTHORITIES], *user;
+ DWORD sid_size = sizeof(admin_ptr), user_size;
+ PSID admin_sid = (PSID) admin_ptr, user_sid;
+ char sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
+ PSECURITY_DESCRIPTOR pSD = &sd;
+ ACL_SIZE_INFORMATION acl_size;
+ ACCESS_ALLOWED_ACE *ace;
+ SECURITY_ATTRIBUTES sa;
+ char tmpdir[MAX_PATH];
+ struct _SID *owner;
+ BOOL bret = TRUE;
+ HANDLE token;
+ DWORD error;
+ PACL pDacl;
+
+ if (!pGetNamedSecurityInfoA || !pCreateWellKnownSid)
+ {
+ win_skip("Required functions are not available\n");
+ return;
+ }
+
+ if (!OpenThreadToken(GetCurrentThread(), TOKEN_READ, TRUE, &token))
+ {
+ if (GetLastError() != ERROR_NO_TOKEN) bret = FALSE;
+ else if (!OpenProcessToken(GetCurrentProcess(), TOKEN_READ, &token)) bret = FALSE;
+ }
+ if (!bret)
+ {
+ win_skip("Failed to get current user token\n");
+ return;
+ }
+ bret = GetTokenInformation(token, TokenUser, NULL, 0, &user_size);
+ ok(!bret && (GetLastError() == ERROR_INSUFFICIENT_BUFFER),
+ "GetTokenInformation(TokenUser) failed with error %d\n", GetLastError());
+ user = HeapAlloc(GetProcessHeap(), 0, user_size);
+ bret = GetTokenInformation(token, TokenUser, user, user_size, &user_size);
+ ok(bret, "GetTokenInformation(TokenUser) failed with error %d\n", GetLastError());
+ CloseHandle( token );
+ user_sid = ((TOKEN_USER *)user)->User.Sid;
+
+ sa.nLength = sizeof(sa);
+ sa.lpSecurityDescriptor = pSD;
+ sa.bInheritHandle = TRUE;
+ InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
+ pCreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, admin_sid, &sid_size);
+ pDacl = HeapAlloc(GetProcessHeap(), 0, 100);
+ bret = InitializeAcl(pDacl, 100, ACL_REVISION);
+ ok(bret, "Failed to initialize ACL.\n");
+ bret = pAddAccessAllowedAceEx(pDacl, ACL_REVISION, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE,
+ GENERIC_ALL, user_sid);
+ ok(bret, "Failed to add Current User to ACL.\n");
+ bret = pAddAccessAllowedAceEx(pDacl, ACL_REVISION, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE,
+ GENERIC_ALL, admin_sid);
+ ok(bret, "Failed to add Administrator Group to ACL.\n");
+ bret = SetSecurityDescriptorDacl(pSD, TRUE, pDacl, FALSE);
+ ok(bret, "Failed to add ACL to security desciptor.\n");
+
+ GetTempPathA(MAX_PATH, tmpdir);
+ lstrcatA(tmpdir, "Please Remove Me");
+ bret = CreateDirectoryA(tmpdir, &sa);
+ ok(bret == TRUE, "CreateDirectoryA(%s) failed err=%d\n", tmpdir, GetLastError());
+ HeapFree(GetProcessHeap(), 0, pDacl);
+
+ SetLastError(0xdeadbeef);
+ error = pGetNamedSecurityInfoA(tmpdir, SE_FILE_OBJECT,
+ OWNER_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION, (PSID*)&owner,
+ NULL, &pDacl, NULL, &pSD);
+ if (error != ERROR_SUCCESS && (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED))
+ {
+ win_skip("GetNamedSecurityInfoA is not implemented\n");
+ goto done;
+ }
+ ok(!error, "GetNamedSecurityInfo failed with error %d\n", error);
+
+ bret = pGetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
+ ok(bret, "GetAclInformation failed\n");
+ todo_wine ok(acl_size.AceCount == 2,
+ "GetAclInformation returned unexpected entry count (%d != 2).\n",
+ acl_size.AceCount);
+ if (acl_size.AceCount > 0)
+ {
+ bret = pGetAce(pDacl, 0, (VOID **)&ace);
+ ok(bret, "Failed to get Current User ACE.\n");
+ bret = EqualSid(&ace->SidStart, user_sid);
+ todo_wine ok(bret, "Current User ACE != Current User SID.\n");
+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
+ "Current User ACE has unexpected flags (0x%x != 0x03)\n",
+ ((ACE_HEADER *)ace)->AceFlags);
+ ok(ace->Mask == 0x1f01ff, "Current User ACE has unexpected mask (0x%x != 0x1f01ff)\n",
+ ace->Mask);
+ }
+ if (acl_size.AceCount > 1)
+ {
+ bret = pGetAce(pDacl, 1, (VOID **)&ace);
+ ok(bret, "Failed to get Administators Group ACE.\n");
+ bret = EqualSid(&ace->SidStart, admin_sid);
+ todo_wine ok(bret, "Administators Group ACE != Administators Group SID.\n");
+ todo_wine ok(((ACE_HEADER *)ace)->AceFlags == (OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE),
+ "Administators Group ACE has unexpected flags (0x%x != 0x03)\n",
+ ((ACE_HEADER *)ace)->AceFlags);
+ ok(ace->Mask == 0x1f01ff, "Administators Group ACE has unexpected mask (0x%x != 0x1f01ff)\n",
+ ace->Mask);
+ }
+
+done:
+ HeapFree(GetProcessHeap(), 0, user);
+ bret = RemoveDirectoryA(tmpdir);
+ ok(bret == TRUE, "RemoveDirectoryA should always succeed\n");
+}
+
static void test_GetNamedSecurityInfoA(void)
{
char admin_ptr[sizeof(SID)+sizeof(ULONG)*SID_MAX_SUB_AUTHORITIES], *user;
@@ -4674,6 +4786,7 @@ START_TEST(security)
test_impersonation_level();
test_SetEntriesInAclW();
test_SetEntriesInAclA();
+ test_CreateDirectoryA();
test_GetNamedSecurityInfoA();
test_ConvertStringSecurityDescriptor();
test_ConvertSecurityDescriptorToString();
More information about the wine-cvs
mailing list