Sebastian Lackner : server: Fix handling of MAXIMUM_ALLOWED in token_access_check.
Alexandre Julliard
julliard at winehq.org
Fri Feb 3 13:31:33 CST 2017
Module: wine
Branch: master
Commit: 0e42bce0b6bd606565de64158348725efa65bb4c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=0e42bce0b6bd606565de64158348725efa65bb4c
Author: Sebastian Lackner <sebastian at fds-team.de>
Date: Fri Feb 3 09:57:10 2017 +0100
server: Fix handling of MAXIMUM_ALLOWED in token_access_check.
Signed-off-by: Sebastian Lackner <sebastian at fds-team.de>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/advapi32/tests/security.c | 6 ++++++
server/token.c | 5 ++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index f339607..3250544 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -1376,6 +1376,12 @@ static void test_AccessCheck(void)
ok(AccessStatus && (Access == KEY_READ),
"AccessCheck failed to grant access with error %d\n",
GetLastError());
+ ret = AccessCheck(SecurityDescriptor, Token, MAXIMUM_ALLOWED, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+ ok(AccessStatus && (Access == KEY_ALL_ACCESS),
+ "AccessCheck failed to grant access with error %d\n",
+ GetLastError());
/* sd with blank dacl */
ret = SetSecurityDescriptorDacl(SecurityDescriptor, TRUE, Acl, FALSE);
diff --git a/server/token.c b/server/token.c
index 8c5e836..9489529 100644
--- a/server/token.c
+++ b/server/token.c
@@ -844,7 +844,10 @@ static unsigned int token_access_check( struct token *token,
if (!dacl_present || !dacl)
{
if (priv_count) *priv_count = 0;
- *granted_access = desired_access;
+ if (desired_access & MAXIMUM_ALLOWED)
+ *granted_access = mapping->GenericAll;
+ else
+ *granted_access = desired_access;
return *status = STATUS_SUCCESS;
}
More information about the wine-cvs
mailing list