=?UTF-8?Q?Michael=20M=C3=BCller=20?=: server: Give all access rights when opening an object with MAXIMUM_ALLOWED.
Alexandre Julliard
julliard at winehq.org
Mon Feb 13 15:24:39 CST 2017
Module: wine
Branch: master
Commit: 0e49e0541fa4bfbf11224173a8ead006dcb41e08
URL: http://source.winehq.org/git/wine.git/?a=commit;h=0e49e0541fa4bfbf11224173a8ead006dcb41e08
Author: Michael Müller <michael at fds-team.de>
Date: Fri Feb 10 18:12:06 2017 +0100
server: Give all access rights when opening an object with MAXIMUM_ALLOWED.
Signed-off-by: Michael Müller <michael at fds-team.de>
Signed-off-by: Sebastian Lackner <sebastian at fds-team.de>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/advapi32/tests/security.c | 38 ++++++++++++++++++++++++++++++++++++++
server/handle.c | 1 +
2 files changed, 39 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 3250544..c31dfbe 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6414,6 +6414,43 @@ static void test_pseudo_tokens(void)
"Expected ERROR_NO_TOKEN, got %u\n", GetLastError());
}
+static void test_maximum_allowed(void)
+{
+ HANDLE (WINAPI *pCreateEventExA)(SECURITY_ATTRIBUTES *, LPCSTR, DWORD, DWORD);
+ char buffer_sd[SECURITY_DESCRIPTOR_MIN_LENGTH], buffer_acl[256];
+ SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)&buffer_sd;
+ SECURITY_ATTRIBUTES sa;
+ ACL *acl = (ACL *)&buffer_acl;
+ HMODULE hkernel32 = GetModuleHandleA("kernel32.dll");
+ ACCESS_MASK mask;
+ HANDLE handle;
+ BOOL ret;
+
+ pCreateEventExA = (void *)GetProcAddress(hkernel32, "CreateEventExA");
+ if (!pCreateEventExA)
+ {
+ win_skip("CreateEventExA is not available\n");
+ return;
+ }
+
+ ret = InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION);
+ ok(ret, "InitializeSecurityDescriptor failed with %u\n", GetLastError());
+ ret = InitializeAcl(acl, 256, ACL_REVISION);
+ ok(ret, "InitializeAcl failed with %u\n", GetLastError());
+ ret = SetSecurityDescriptorDacl(sd, TRUE, acl, FALSE);
+ ok(ret, "SetSecurityDescriptorDacl failed with %u\n", GetLastError());
+
+ sa.nLength = sizeof(SECURITY_ATTRIBUTES);
+ sa.lpSecurityDescriptor = sd;
+ sa.bInheritHandle = FALSE;
+
+ handle = pCreateEventExA(&sa, NULL, 0, MAXIMUM_ALLOWED | 0x4);
+ ok(handle != NULL, "CreateEventExA failed with error %u\n", GetLastError());
+ mask = get_obj_access(handle);
+ ok(mask == EVENT_ALL_ACCESS, "Expected %x, got %x\n", EVENT_ALL_ACCESS, mask);
+ CloseHandle(handle);
+}
+
START_TEST(security)
{
init();
@@ -6461,4 +6498,5 @@ START_TEST(security)
test_system_security_access();
test_GetSidIdentifierAuthority();
test_pseudo_tokens();
+ test_maximum_allowed();
}
diff --git a/server/handle.c b/server/handle.c
index 37fba69..3f42352 100644
--- a/server/handle.c
+++ b/server/handle.c
@@ -272,6 +272,7 @@ static obj_handle_t alloc_handle_entry( struct process *process, void *ptr,
obj_handle_t alloc_handle_no_access_check( struct process *process, void *ptr, unsigned int access, unsigned int attr )
{
struct object *obj = ptr;
+ if (access & MAXIMUM_ALLOWED) access = GENERIC_ALL;
access = obj->ops->map_access( obj, access ) & ~RESERVED_ALL;
return alloc_handle_entry( process, ptr, access, attr );
}
More information about the wine-cvs
mailing list