Dmitry Timoshkov : advapi32: Properly skip not supported parts of the object ACE.
Alexandre Julliard
julliard at winehq.org
Wed Apr 8 15:48:32 CDT 2020
Module: wine
Branch: master
Commit: 4ccb06435514a3d52fbe5d59209594c910d0f97d
URL: https://source.winehq.org/git/wine.git/?a=commit;h=4ccb06435514a3d52fbe5d59209594c910d0f97d
Author: Dmitry Timoshkov <dmitry at baikal.ru>
Date: Wed Apr 8 11:55:50 2020 +0800
advapi32: Properly skip not supported parts of the object ACE.
Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/advapi32/security.c | 37 ++++++++++++++++++++++++++++++++++---
1 file changed, 34 insertions(+), 3 deletions(-)
diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 700ee7d8ea..4bea26d155 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -3518,20 +3518,40 @@ static void DumpRights(DWORD mask, WCHAR **pwptr, ULONG *plen)
DumpString(AceRightBitNames[i], -1, pwptr, plen);
}
+static inline BOOL is_object_ace(BYTE AceType)
+{
+ switch (AceType)
+ {
+ case ACCESS_ALLOWED_OBJECT_ACE_TYPE:
+ case ACCESS_DENIED_OBJECT_ACE_TYPE:
+ case ACCESS_AUDIT_OBJECT_ACE_TYPE:
+ case ACCESS_ALARM_OBJECT_ACE_TYPE:
+ case ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE:
+ case ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE:
+ case SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE:
+ case SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE:
+ return TRUE;
+
+ default: return FALSE;
+ }
+}
+
static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
{
ACCESS_ALLOWED_ACE *piace; /* all the supported ACEs have the same memory layout */
static const WCHAR openbr = '(';
static const WCHAR closebr = ')';
static const WCHAR semicolon = ';';
+ DWORD *SidStart;
- if (((PACE_HEADER)pace)->AceType > SYSTEM_ALARM_ACE_TYPE || ((PACE_HEADER)pace)->AceSize < sizeof(ACCESS_ALLOWED_ACE))
+ piace = pace;
+
+ if (piace->Header.AceType > ACCESS_MAX_MS_V5_ACE_TYPE || piace->Header.AceSize < sizeof(ACCESS_ALLOWED_ACE))
{
SetLastError(ERROR_INVALID_ACL);
return FALSE;
}
- piace = pace;
DumpString(&openbr, 1, pwptr, plen);
switch (piace->Header.AceType)
{
@@ -3567,11 +3587,22 @@ static BOOL DumpAce(LPVOID pace, WCHAR **pwptr, ULONG *plen)
DumpString(&semicolon, 1, pwptr, plen);
DumpRights(piace->Mask, pwptr, plen);
DumpString(&semicolon, 1, pwptr, plen);
+ SidStart = &piace->SidStart;
+ if (is_object_ace(piace->Header.AceType))
+ {
+ ACCESS_ALLOWED_OBJECT_ACE *objace = pace;
+
+ SidStart++; /* Flags */
+ if (objace->Flags & ACE_OBJECT_TYPE_PRESENT)
+ SidStart += sizeof(GUID) / sizeof(*SidStart); /* ObjectType */
+ if (objace->Flags & ACE_INHERITED_OBJECT_TYPE_PRESENT)
+ SidStart += sizeof(GUID) / sizeof(*SidStart); /* InheritedObjectType */
+ }
/* objects not supported */
DumpString(&semicolon, 1, pwptr, plen);
/* objects not supported */
DumpString(&semicolon, 1, pwptr, plen);
- if (!DumpSid(&piace->SidStart, pwptr, plen))
+ if (!DumpSid(SidStart, pwptr, plen))
return FALSE;
DumpString(&closebr, 1, pwptr, plen);
return TRUE;
More information about the wine-cvs
mailing list