Conformance tests for SetSecurityDescriptorControl()
Paul Bryan Roberts
pbronline-wine at yahoo.co.uk
Wed Sep 24 18:25:29 CDT 2008
---
dlls/advapi32/tests/security.c | 117 ++++++++++++++++++++++++++++++++++++++++
1 files changed, 117 insertions(+), 0 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 7acfa69..b3ae860 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2385,6 +2385,101 @@ static void test_ConvertSecurityDescriptorToString()
}
}
+static void test_SetSecurityDescriptorControl (PSECURITY_DESCRIPTOR sec)
+{
+ SECURITY_DESCRIPTOR_CONTROL ref;
+ SECURITY_DESCRIPTOR_CONTROL test;
+
+ SECURITY_DESCRIPTOR_CONTROL const mutable = SE_DACL_AUTO_INHERIT_REQ
+ | SE_SACL_AUTO_INHERIT_REQ
+ | SE_DACL_AUTO_INHERITED
+ | SE_SACL_AUTO_INHERITED
+ | SE_DACL_PROTECTED
+ | SE_SACL_PROTECTED
+ | 0x00000040 /* not defined in winnt.h */
+ | 0x00000080 /* not defined in winnt.h */
+ ;
+ SECURITY_DESCRIPTOR_CONTROL const immutable = SE_OWNER_DEFAULTED
+ | SE_GROUP_DEFAULTED
+ | SE_DACL_PRESENT
+ | SE_DACL_DEFAULTED
+ | SE_SACL_PRESENT
+ | SE_SACL_DEFAULTED
+ | SE_RM_CONTROL_VALID
+ | SE_SELF_RELATIVE
+ ;
+
+ int bit;
+ DWORD dwRevision;
+ LPCSTR fmt = "Expected error %s, got %u\n";
+
+ GetSecurityDescriptorControl (sec, &ref, &dwRevision);
+
+ /* The mutable bits are mutable regardless of the truth of
+ SE_DACL_PRESENT and/or SE_SACL_PRESENT */
+
+ /* Check call barfs if any bit-of-interest is immutable */
+ for (bit = 0; bit < 16; ++bit)
+ {
+ SECURITY_DESCRIPTOR_CONTROL const bitOfInterest = 1 << bit;
+ SECURITY_DESCRIPTOR_CONTROL setOrClear = ref & bitOfInterest;
+
+ SECURITY_DESCRIPTOR_CONTROL ctrl;
+
+ DWORD dwExpect = (bitOfInterest & immutable)
+ ? ERROR_INVALID_PARAMETER : 0xbebecaca;
+ LPCSTR strExpect = (bitOfInterest & immutable)
+ ? "ERROR_INVALID_PARAMETER" : "0xbebecaca";
+
+ ctrl = (bitOfInterest & mutable) ? ref + bitOfInterest : ref;
+ setOrClear ^= bitOfInterest;
+ SetLastError (0xbebecaca);
+ pSetSecurityDescriptorControl (sec, bitOfInterest, setOrClear);
+ ok (GetLastError () == dwExpect, fmt, strExpect, GetLastError ());
+ GetSecurityDescriptorControl(sec, &test, &dwRevision);
+ expect_eq(test, ctrl, int, "%x");
+
+ ctrl = ref;
+ setOrClear ^= bitOfInterest;
+ SetLastError (0xbebecaca);
+ pSetSecurityDescriptorControl (sec, bitOfInterest, setOrClear);
+ ok (GetLastError () == dwExpect, fmt, strExpect, GetLastError ());
+ GetSecurityDescriptorControl (sec, &test, &dwRevision);
+ expect_eq(test, ref, int, "%x");
+ }
+
+ /* Check call barfs if any bit-to-set is immutable
+ even when not a bit-of-interest */
+ for (bit = 0; bit < 16; ++bit)
+ {
+ SECURITY_DESCRIPTOR_CONTROL const bitsOfInterest = mutable;
+ SECURITY_DESCRIPTOR_CONTROL setOrClear = ref & bitsOfInterest;
+
+ SECURITY_DESCRIPTOR_CONTROL ctrl;
+
+ DWORD dwExpect = ((1 << bit) & immutable)
+ ? ERROR_INVALID_PARAMETER : 0xbebecaca;
+ LPCSTR strExpect = ((1 << bit) & immutable)
+ ? "ERROR_INVALID_PARAMETER" : "0xbebecaca";
+
+ ctrl = ((1 << bit) & immutable) ? test : ref | mutable;
+ setOrClear ^= bitsOfInterest;
+ SetLastError (0xbebecaca);
+ pSetSecurityDescriptorControl (sec, bitsOfInterest, setOrClear | (1 << bit));
+ ok (GetLastError () == dwExpect, fmt, strExpect, GetLastError ());
+ GetSecurityDescriptorControl(sec, &test, &dwRevision);
+ expect_eq(test, ctrl, int, "%x");
+
+ ctrl = ((1 << bit) & immutable) ? test : ref | (1 << bit);
+ setOrClear ^= bitsOfInterest;
+ SetLastError (0xbebecaca);
+ pSetSecurityDescriptorControl (sec, bitsOfInterest, setOrClear | (1 << bit));
+ ok (GetLastError () == dwExpect, fmt, strExpect, GetLastError ());
+ GetSecurityDescriptorControl(sec, &test, &dwRevision);
+ expect_eq(test, ctrl, int, "%x");
+ }
+}
+
static void test_PrivateObjectSecurity(void)
{
SECURITY_INFORMATION sec_info = OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION;
@@ -2403,6 +2498,28 @@ static void test_PrivateObjectSecurity(void)
return;
}
+ todo_wine
+ {
+ ok(pConvertStringSecurityDescriptorToSecurityDescriptorA(
+ "O:SY"
+ "G:S-1-5-21-93476-23408-4576"
+ "D:(A;NP;GAGXGWGR;;;SU)(A;IOID;CCDC;;;SU)(D;OICI;0xffffffff;;;S-1-5-21-93476-23408-4576)"
+ "S:(AU;OICINPIOIDSAFA;CCDCLCSWRPRC;;;SU)(AU;NPSA;0x12019f;;;SU)", SDDL_REVISION_1, &sec, &dwDescSize), "Creating descriptor failed\n");
+
+ test_SetSecurityDescriptorControl(sec);
+
+ LocalFree(sec);
+
+ ok(pConvertStringSecurityDescriptorToSecurityDescriptorA(
+ "O:SY"
+ "G:S-1-5-21-93476-23408-4576",
+ SDDL_REVISION_1, &sec, &dwDescSize), "Creating descriptor failed\n");
+
+ test_SetSecurityDescriptorControl(sec);
+
+ LocalFree(sec);
+ }
+
ok(pConvertStringSecurityDescriptorToSecurityDescriptorA(
"O:SY"
"G:S-1-5-21-93476-23408-4576"
--
1.5.4.3
--------------050203010407080009080207--
More information about the wine-patches
mailing list