archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/tsutil/aclnt.c

446 lines
9.7 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*
  2. * AclNt.c
  3. *
  4. * Author: BreenH
  5. *
  6. * Acl utilities in the NT flavor.
  7. */
  9. /*
  10. * Includes
  11. */
  13. #include "precomp.h"
  14. #include "tsutilnt.h"
  16. /*
  17. * Function Implementations
  18. */
  20. NTSTATUS NTAPI
  21. NtConvertAbsoluteToSelfRelative(
  22. PSECURITY_DESCRIPTOR *ppSelfRelativeSd,
  23. PSECURITY_DESCRIPTOR pAbsoluteSd,
  24. PULONG pcbSelfRelativeSd
  25. )
  26. {
  27. #if DBG
  28. BOOLEAN fAbsoluteSd;
  29. #endif
  30. NTSTATUS Status;
  31. PSECURITY_DESCRIPTOR pSd;
  32. ULONG cbSd;
  34. ASSERT(ppSelfRelativeSd != NULL);
  35. ASSERT(pAbsoluteSd != NULL);
  36. ASSERT(NT_SUCCESS(NtIsSecurityDescriptorAbsolute(pAbsoluteSd,
  37. &fAbsoluteSd)));
  38. ASSERT(fAbsoluteSd);
  40. //
  41. // Determine the buffer size needed to convert the security descriptor.
  42. // Catch any exceptions due to an invalid descriptor.
  43. //
  45. cbSd = 0;
  47. __try
  48. {
  49. Status = RtlAbsoluteToSelfRelativeSD(
  50. pAbsoluteSd,
  51. NULL,
  52. &cbSd
  53. );
  54. }
  55. __except(EXCEPTION_EXECUTE_HANDLER)
  56. {
  57. return(STATUS_INVALID_SECURITY_DESCR);
  58. }
  60. //
  61. // Allocate memory for the self-relative security descriptor.
  62. //
  64. pSd = (PSECURITY_DESCRIPTOR)LocalAlloc(LMEM_FIXED, cbSd);
  66. if (pSd != NULL)
  67. {
  69. //
  70. // Now convert the security descriptor using the allocated buffer.
  71. // Catch any exceptions due to an invalid descriptor.
  72. //
  74. __try
  75. {
  76. Status = RtlAbsoluteToSelfRelativeSD(
  77. pAbsoluteSd,
  78. pSd,
  79. &cbSd
  80. );
  81. }
  82. __except(EXCEPTION_EXECUTE_HANDLER)
  83. {
  84. Status = STATUS_INVALID_SECURITY_DESCR;
  85. }
  87. }
  88. else
  89. {
  90. return(STATUS_NO_MEMORY);
  91. }
  93. if (NT_SUCCESS(Status))
  94. {
  96. //
  97. // If the conversion succeeded, save the pointer to the security
  98. // descriptor and return the size.
  99. //
  101. *ppSelfRelativeSd = pSd;
  103. if (pcbSelfRelativeSd != NULL)
  104. {
  105. *pcbSelfRelativeSd = cbSd;
  106. }
  107. }
  108. else
  109. {
  111. //
  112. // If the conversion failed, free the memory and leave the input
  113. // parameters alone.
  114. //
  116. LocalFree(pSd);
  117. }
  119. return(Status);
  120. }
  122. NTSTATUS NTAPI
  123. NtConvertSelfRelativeToAbsolute(
  124. PSECURITY_DESCRIPTOR *ppAbsoluteSd,
  125. PSECURITY_DESCRIPTOR pSelfRelativeSd
  126. )
  127. {
  128. #if DBG
  129. BOOLEAN fAbsoluteSd;
  130. #endif
  131. NTSTATUS Status;
  132. PACL pDacl;
  133. PACL pSacl;
  134. PSID pGroup;
  135. PSID pOwner;
  136. PSECURITY_DESCRIPTOR pSd;
  137. ULONG cbDacl;
  138. ULONG cbGroup;
  139. ULONG cbOwner;
  140. ULONG cbSacl;
  141. ULONG cbSd;
  143. ASSERT(ppAbsoluteSd != NULL);
  144. ASSERT(pSelfRelativeSd != NULL);
  145. ASSERT(NT_SUCCESS(NtIsSecurityDescriptorAbsolute(pSelfRelativeSd,
  146. &fAbsoluteSd)));
  147. ASSERT(!fAbsoluteSd);
  149. //
  150. // Determine the size of each buffer needed to convert the security
  151. // descriptor. Catch any exceptions due to an invalid descriptor.
  152. //
  154. cbDacl = 0;
  155. cbGroup = 0;
  156. cbOwner = 0;
  157. cbSacl = 0;
  158. cbSd = 0;
  160. __try
  161. {
  162. Status = RtlSelfRelativeToAbsoluteSD(
  163. pSelfRelativeSd,
  164. NULL, &cbSd,
  165. NULL, &cbDacl,
  166. NULL, &cbSacl,
  167. NULL, &cbOwner,
  168. NULL, &cbGroup
  169. );
  170. }
  171. __except(EXCEPTION_EXECUTE_HANDLER)
  172. {
  173. return(STATUS_INVALID_SECURITY_DESCR);
  174. }
  176. //
  177. // Allocate memory for the security descriptor and its components.
  178. //
  180. pDacl = NULL;
  181. pGroup = NULL;
  182. pOwner = NULL;
  183. pSacl = NULL;
  185. if (cbDacl > 0)
  186. {
  187. pDacl = (PACL)LocalAlloc(LMEM_FIXED, cbDacl);
  189. if (pDacl == NULL)
  190. {
  191. Status = STATUS_NO_MEMORY;
  192. goto allocerror;
  193. }
  194. }
  196. if (cbGroup > 0)
  197. {
  198. pGroup = (PSID)LocalAlloc(LMEM_FIXED, cbGroup);
  200. if (pGroup == NULL)
  201. {
  202. Status = STATUS_NO_MEMORY;
  203. goto allocerror;
  204. }
  205. }
  207. if (cbOwner > 0)
  208. {
  209. pOwner = (PSID)LocalAlloc(LMEM_FIXED, cbOwner);
  211. if (pOwner == NULL)
  212. {
  213. Status = STATUS_NO_MEMORY;
  214. goto allocerror;
  215. }
  216. }
  218. if (cbSacl > 0)
  219. {
  220. pSacl = (PACL)LocalAlloc(LMEM_FIXED, cbSacl);
  222. if (pSacl == NULL)
  223. {
  224. Status = STATUS_NO_MEMORY;
  225. goto allocerror;
  226. }
  227. }
  229. ASSERT(cbSd > 0);
  231. pSd = (PSECURITY_DESCRIPTOR)LocalAlloc(LMEM_FIXED, cbSd);
  233. if (pSd == NULL)
  234. {
  235. Status = STATUS_NO_MEMORY;
  236. goto allocerror;
  237. }
  239. //
  240. // Now convert the security descriptor using the allocated buffer.
  241. // Catch any exceptions due to an invalid descriptor.
  242. //
  244. __try
  245. {
  246. Status = RtlSelfRelativeToAbsoluteSD(
  247. pSelfRelativeSd,
  248. pSd, &cbSd,
  249. pDacl, &cbDacl,
  250. pSacl, &cbSacl,
  251. pOwner, &cbOwner,
  252. pGroup, &cbGroup
  253. );
  254. }
  255. __except(EXCEPTION_EXECUTE_HANDLER)
  256. {
  257. Status = STATUS_INVALID_SECURITY_DESCR;
  258. }
  260. if (NT_SUCCESS(Status))
  261. {
  262. *ppAbsoluteSd = pSd;
  263. return(Status);
  264. }
  266. LocalFree(pSd);
  268. allocerror:
  269. if (pSacl != NULL)
  270. {
  271. LocalFree(pSacl);
  272. }
  274. if (pOwner != NULL)
  275. {
  276. LocalFree(pOwner);
  277. }
  279. if (pGroup != NULL)
  280. {
  281. LocalFree(pGroup);
  282. }
  284. if (pDacl != NULL)
  285. {
  286. LocalFree(pDacl);
  287. }
  289. return(Status);
  290. }
  292. NTSTATUS NTAPI
  293. NtDestroySecurityDescriptor(
  294. PSECURITY_DESCRIPTOR *ppSd
  295. )
  296. {
  297. BOOLEAN fAbsolute;
  298. NTSTATUS Status;
  300. ASSERT(ppSd != NULL);
  301. ASSERT(*ppSd != NULL);
  303. Status = NtIsSecurityDescriptorAbsolute(*ppSd, &fAbsolute);
  305. if (NT_SUCCESS(Status))
  306. {
  307. if (fAbsolute)
  308. {
  309. PISECURITY_DESCRIPTOR pSd;
  310. PULONG_PTR pBeginning;
  311. PULONG_PTR pDacl;
  312. PULONG_PTR pEnd;
  313. PULONG_PTR pGroup;
  314. PULONG_PTR pOwner;
  315. PULONG_PTR pSacl;
  317. //
  318. // An absolute security descriptor is much more complicated. The
  319. // descriptor contains pointers to the other items (instead of
  320. // offsets). This does not mean, however, that it is made up of
  321. // more than one allocation. In fact, almost all absolute
  322. // descriptors from the NT RTL are made of one allocation, with
  323. // the internal pointers set to areas of memory inside the one
  324. // allocation. This makes completely freeing a security
  325. // descriptor a heinous effort. (As an aside, whats the point of
  326. // creating an absolute security descriptor out of one chunk of
  327. // memory? Just make it relative!)
  328. //
  329. // Each component of the security descriptor may be NULL. For the
  330. // Dacl and the Sacl, the f[D,S]aclPresent variable may be TRUE
  331. // with a NULL [D,S]acl. Therefore, compare all pointers to NULL
  332. // and against the security descriptor allocation before freeing.
  333. //
  334. // The check to NtIsSecurityDescriptorAbsolute verifies that this
  335. // is a valid security descriptor. Therefore it is safe to type
  336. // cast here instead of making several RtlGetXSecurityDescriptor
  337. // calls.
  338. //
  340. pSd = (PISECURITY_DESCRIPTOR)(*ppSd);
  342. pBeginning = (PULONG_PTR)(pSd);
  343. pEnd = (PULONG_PTR)((PBYTE)pBeginning + LocalSize(pSd));
  345. pDacl = (PULONG_PTR)(pSd->Dacl);
  346. pGroup = (PULONG_PTR)(pSd->Group);
  347. pOwner = (PULONG_PTR)(pSd->Owner);
  348. pSacl = (PULONG_PTR)(pSd->Sacl);
  350. //
  351. // Handle the Dacl.
  352. //
  354. if (pDacl != NULL)
  355. {
  356. if ((pDacl > pEnd) || (pDacl < pBeginning))
  357. {
  358. LocalFree(pDacl);
  359. }
  360. }
  362. //
  363. // Handle the Group.
  364. //
  366. if (pGroup != NULL)
  367. {
  368. if ((pGroup > pEnd) || (pGroup < pBeginning))
  369. {
  370. LocalFree(pGroup);
  371. }
  372. }
  374. //
  375. // Handle the Owner.
  376. //
  378. if (pOwner != NULL)
  379. {
  380. if ((pOwner > pEnd) || (pOwner < pBeginning))
  381. {
  382. LocalFree(pOwner);
  383. }
  384. }
  386. //
  387. // Handle the Sacl.
  388. //
  390. if (pSacl != NULL)
  391. {
  392. if ((pSacl > pEnd) || (pSacl < pBeginning))
  393. {
  394. LocalFree(pSacl);
  395. }
  396. }
  398. }
  399. }
  400. else
  401. {
  402. return(Status);
  403. }
  405. //
  406. // If the security descriptor was absolute, the individual components
  407. // have been freed, and now the security descriptor itself can be freed.
  408. // If the security descriptor was self-relative, all the components are
  409. // stored in the same block of memory, so free it all at once.
  410. //
  412. LocalFree(*ppSd);
  413. *ppSd = NULL;
  415. return(STATUS_SUCCESS);
  416. }
  418. NTSTATUS NTAPI
  419. NtIsSecurityDescriptorAbsolute(
  420. PSECURITY_DESCRIPTOR pSd,
  421. PBOOLEAN pfAbsolute
  422. )
  423. {
  424. NTSTATUS Status;
  425. ULONG ulRevision;
  426. SECURITY_DESCRIPTOR_CONTROL wSdControl;
  428. ASSERT(pSd != NULL);
  429. ASSERT(pfAbsolute != NULL);
  431. Status = RtlGetControlSecurityDescriptor(pSd, &wSdControl, &ulRevision);
  433. if (NT_SUCCESS(Status))
  434. {
  436. //
  437. // Don't cast away the TRUE into a FALSE when dropping from a DWORD
  438. // to a UCHAR.
  439. //
  441. *pfAbsolute = (BOOLEAN)((wSdControl & SE_SELF_RELATIVE) ? TRUE : FALSE);
  442. }
  444. return(Status);
  445. }