[PATCH] server: Disallow duplicating file handle to elevate access.
Alexandre Julliard
julliard at winehq.org
Tue Feb 26 04:41:55 CST 2019
Daniel Lehman <dlehman25 at gmail.com> writes:
> @@ -555,6 +556,13 @@ obj_handle_t duplicate_handle( struct process *src, obj_handle_t src_handle, str
> /* asking for the more access rights than src_access? */
> if (access & ~src_access)
> {
> + if (is_file_object( obj ))
> + {
> + set_error( STATUS_ACCESS_DENIED );
> + release_object( obj );
> + return 0;
> + }
You can't special-case it like that. This should be handled as part of
the standard access checks.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list