=?UTF-8?Q?Michael=20M=C3=BCller=20?=: server: Do not set SE_{D, S}ACL_PRESENT if no {D, S}ACL was set.
Alexandre Julliard
julliard at winehq.org
Thu Jun 15 15:34:18 CDT 2017
Module: wine
Branch: master
Commit: 187b53e5a5b13b85356a3b564565c45a101690ff
URL: http://source.winehq.org/git/wine.git/?a=commit;h=187b53e5a5b13b85356a3b564565c45a101690ff
Author: Michael Müller <michael at fds-team.de>
Date: Wed Jun 14 20:20:42 2017 +0200
server: Do not set SE_{D, S}ACL_PRESENT if no {D, S}ACL was set.
Signed-off-by: Matteo Bruni <mbruni at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/advapi32/tests/security.c | 4 ++--
server/handle.c | 2 --
server/object.c | 16 ++++++++++++++--
3 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index dfc0a23..7842d0e 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6207,8 +6207,8 @@ static void test_AddMandatoryAce(void)
present = TRUE;
ret = GetSecurityDescriptorSacl(sd2, &present, &sacl, &defaulted);
ok(ret, "GetSecurityDescriptorSacl failed with error %u\n", GetLastError());
- todo_wine ok(!present, "SACL is present\n");
- todo_wine ok(sacl == (void *)0xdeadbeef, "SACL is set\n");
+ ok(!present, "SACL is present\n");
+ ok(sacl == (void *)0xdeadbeef, "SACL is set\n");
HeapFree(GetProcessHeap(), 0, sd2);
CloseHandle(handle);
diff --git a/server/handle.c b/server/handle.c
index faa3a9f..35ab860 100644
--- a/server/handle.c
+++ b/server/handle.c
@@ -734,7 +734,6 @@ DECL_HANDLER(get_security_object)
else
req_sd.group_len = 0;
- req_sd.control |= SE_SACL_PRESENT;
sacl = sd_get_sacl( sd, &present );
if (req->security_info & SACL_SECURITY_INFORMATION && present)
req_sd.sacl_len = sd->sacl_len;
@@ -747,7 +746,6 @@ DECL_HANDLER(get_security_object)
else
req_sd.sacl_len = 0;
- req_sd.control |= SE_DACL_PRESENT;
dacl = sd_get_dacl( sd, &present );
if (req->security_info & DACL_SECURITY_INFORMATION && present)
req_sd.dacl_len = sd->dacl_len;
diff --git a/server/object.c b/server/object.c
index 70872e8..4455718 100644
--- a/server/object.c
+++ b/server/object.c
@@ -583,15 +583,18 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
}
else new_sd.group_len = 0;
- new_sd.control |= SE_SACL_PRESENT;
sacl = sd_get_sacl( sd, &present );
if (set_info & SACL_SECURITY_INFORMATION && present)
+ {
+ new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = sd->sacl_len;
+ }
else if (set_info & LABEL_SECURITY_INFORMATION && present)
{
const ACL *old_sacl = NULL;
if (obj->sd && obj->sd->control & SE_SACL_PRESENT) old_sacl = sd_get_sacl( obj->sd, &present );
if (!(replaced_sacl = replace_security_labels( old_sacl, sacl ))) return 0;
+ new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = replaced_sacl->AclSize;
sacl = replaced_sacl;
}
@@ -600,24 +603,33 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
if (obj->sd) sacl = sd_get_sacl( obj->sd, &present );
if (obj->sd && present)
+ {
+ new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = obj->sd->sacl_len;
+ }
else
new_sd.sacl_len = 0;
}
- new_sd.control |= SE_DACL_PRESENT;
dacl = sd_get_dacl( sd, &present );
if (set_info & DACL_SECURITY_INFORMATION && present)
+ {
+ new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = sd->dacl_len;
+ }
else
{
if (obj->sd) dacl = sd_get_dacl( obj->sd, &present );
if (obj->sd && present)
+ {
+ new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = obj->sd->dacl_len;
+ }
else if (token)
{
dacl = token_get_default_dacl( token );
+ new_sd.control |= SE_DACL_PRESENT;
new_sd.dacl_len = dacl->AclSize;
}
else new_sd.dacl_len = 0;
More information about the wine-cvs
mailing list