archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/multimedia/dshow/mfvideo/mswebdvd/objectwithsiteimplsec.h

95 lines
2.9 KiB
Raw Normal View History

Add source files
4 years ago
  1. ///////////////////////////////////////////////////////////
  2. // ObjectWithSiteImplSec.h : Secure implementation of IObjectWithSite
  3. // Copyright (c) Microsoft Corporation 2002.
  5. #pragma once
  7. #ifndef OBJECTWITHSITEIMPLSEC_H
  8. #define OBJECTWITHSITEIMPLSEC_H
  9. #include <guiddef.h>
  10. #include <ocidl.h>
  11. #include <urlmon.h>
  13. #if defined(DEBUG) || defined(W32_OBJECT_STREAMING)
  14. #include <atlconv.h>
  15. #endif
  16. using namespace ::ATL;
  17. #include <strsafe.h>
  19. inline HRESULT IsSafeZone(DWORD dwZone) {
  20. switch (dwZone) {
  21. case URLZONE_LOCAL_MACHINE:
  22. case URLZONE_INTRANET:
  23. case URLZONE_TRUSTED:
  24. // the fixed list of zones we trust
  25. return NOERROR;
  26. default:
  27. // everything else is untrusted
  28. return E_FAIL;
  29. }
  30. }
  31. inline HRESULT IsSafeSite(IUnknown* pSite) {
  32. CComQIPtr<IServiceProvider> psp(pSite);
  33. if (!psp) {
  34. // no service provider interface on the site implies that we're not running in IE
  35. // so by defn running local and trusted thus we return OK
  36. return NOERROR;
  37. }
  38. CComQIPtr<IInternetHostSecurityManager> pManager;
  39. HRESULT hr = psp->QueryService(SID_SInternetHostSecurityManager, IID_IInternetHostSecurityManager, (LPVOID *)&pManager);
  40. if (FAILED(hr)) {
  41. // no security manager interface on the site's service provider implies that we're not
  42. // running in IE, so by defn running local and trusted thus we return OK
  43. return NOERROR;
  44. }
  45. const int MAXZONE = MAX_SIZE_SECURITY_ID+6/*scheme*/+4/*zone(dword)*/+1/*wildcard*/+1/*trailing null*/;
  46. char pbSecurityId[MAXZONE];
  47. DWORD pcbSecurityId = sizeof(pbSecurityId);
  48. ZeroMemory(pbSecurityId, sizeof(pbSecurityId));
  49. hr = pManager->GetSecurityId(reinterpret_cast<BYTE*>(pbSecurityId), &pcbSecurityId, NULL);
  50. if(FAILED(hr)){
  51. // security manager not working(unexpected). but, the site tried to provide one. thus we
  52. // must assume untrusted content and fail
  53. return E_FAIL;
  54. }
  55. char *pbEnd = pbSecurityId + pcbSecurityId - 1;
  56. if (*pbEnd == '*') { //ignore the optional wildcard flag
  57. pbEnd--;
  58. }
  59. pbEnd -= 3; // point to beginning of little endian zone dword
  60. DWORD dwZone = *(reinterpret_cast<long *>(pbEnd));
  61. return IsSafeZone(dwZone);
  62. }
  65. template<class T>
  66. class ATL_NO_VTABLE IObjectWithSiteImplSec : public IObjectWithSite {
  68. public:
  70. CComPtr<IUnknown> m_pSite;
  72. // IObjectWithSite
  73. STDMETHOD(GetSite)(REFIID iid, void** ppvSite) {
  74. if (!ppvSite) {
  75. return E_POINTER;
  76. }
  77. T* pT = static_cast<T*>(this);
  79. if (!pT->m_pSite) {
  80. return E_NOINTERFACE;
  81. }
  82. return pT->m_pSite->QueryInterface(iid, ppvSite);
  83. }
  84. STDMETHOD(SetSite)(IUnknown* pSite) {
  85. HRESULT hr = IsSafeSite(pSite);
  86. if (SUCCEEDED(hr)) {
  87. T* pT = static_cast<T*>(this);
  88. pT->m_pSite = pSite;
  89. }
  90. return hr;
  91. }
  93. };
  95. #endif // OBJECTWITHSITEIMPLSEC_H
  96. // end of file objectwithsiteimplsec.h