windows-server-2003/windows/appcompat/shims/general/handleemptyaccesscheck.cpp

/*++

 Copyright (c) 2002 Microsoft Corporation

 Module Name:

    HandleEmptyAccessCheck.cpp   

 Abstract:

    AccessCheck used to accept a 0 value for DesiredAccess and return access_allowed,
    this changed in .NET server to return access_denied.

 Notes:

    This is a general purpose shim.

 History:

   05/29/2002   robkenny    Created

--*/

#include "precomp.h"

IMPLEMENT_SHIM_BEGIN(HandleEmptyAccessCheck)
#include "ShimHookMacro.h"

APIHOOK_ENUM_BEGIN
    APIHOOK_ENUM_ENTRY(AccessCheck) 
APIHOOK_ENUM_END

typedef BOOL        (WINAPI *_pfn_AccessCheck)(
    PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
    HANDLE ClientToken,                       // handle to client access token
    DWORD DesiredAccess,                      // requested access rights 
    PGENERIC_MAPPING GenericMapping,          // mapping
    PPRIVILEGE_SET PrivilegeSet,              // privileges
    LPDWORD PrivilegeSetLength,               // size of privileges buffer
    LPDWORD GrantedAccess,                    // granted access rights
    LPBOOL AccessStatus                       // result of access check
);

BOOL 
APIHOOK(AccessCheck)(
    PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
    HANDLE ClientToken,                       // handle to client access token
    DWORD DesiredAccess,                      // requested access rights 
    PGENERIC_MAPPING GenericMapping,          // mapping
    PPRIVILEGE_SET PrivilegeSet,              // privileges
    LPDWORD PrivilegeSetLength,               // size of privileges buffer
    LPDWORD GrantedAccess,                    // granted access rights
    LPBOOL AccessStatus                       // result of access check
    )
{
    if (DesiredAccess == 0)
    {
        DesiredAccess = MAXIMUM_ALLOWED;
    }

    return ORIGINAL_API(AccessCheck)(
        pSecurityDescriptor, // SD
        ClientToken,                       // handle to client access token
        DesiredAccess,                      // requested access rights 
        GenericMapping,          // mapping
        PrivilegeSet,              // privileges
        PrivilegeSetLength,               // size of privileges buffer
        GrantedAccess,                    // granted access rights
        AccessStatus                       // result of access check
        );
}
 
/*++

 Register hooked functions

--*/

HOOK_BEGIN

    APIHOOK_ENTRY(ADVAPI32.DLL, AccessCheck)

HOOK_END

IMPLEMENT_SHIM_END