/* FUNCTIONS ******************************************************************/
+VOID
+NTAPI
+FreeInitializedSids(VOID)
+{
+ if (SeNullSid) ExFreePool(SeNullSid);
+ if (SeWorldSid) ExFreePool(SeWorldSid);
+ if (SeLocalSid) ExFreePool(SeLocalSid);
+ if (SeCreatorOwnerSid) ExFreePool(SeCreatorOwnerSid);
+ if (SeCreatorGroupSid) ExFreePool(SeCreatorGroupSid);
+ if (SeCreatorOwnerServerSid) ExFreePool(SeCreatorOwnerServerSid);
+ if (SeCreatorGroupServerSid) ExFreePool(SeCreatorGroupServerSid);
+ if (SeNtAuthoritySid) ExFreePool(SeNtAuthoritySid);
+ if (SeDialupSid) ExFreePool(SeDialupSid);
+ if (SeNetworkSid) ExFreePool(SeNetworkSid);
+ if (SeBatchSid) ExFreePool(SeBatchSid);
+ if (SeInteractiveSid) ExFreePool(SeInteractiveSid);
+ if (SeServiceSid) ExFreePool(SeServiceSid);
+ if (SePrincipalSelfSid) ExFreePool(SePrincipalSelfSid);
+ if (SeLocalSystemSid) ExFreePool(SeLocalSystemSid);
+ if (SeAuthenticatedUserSid) ExFreePool(SeAuthenticatedUserSid);
+ if (SeRestrictedCodeSid) ExFreePool(SeRestrictedCodeSid);
+ if (SeAliasAdminsSid) ExFreePool(SeAliasAdminsSid);
+ if (SeAliasUsersSid) ExFreePool(SeAliasUsersSid);
+ if (SeAliasGuestsSid) ExFreePool(SeAliasGuestsSid);
+ if (SeAliasPowerUsersSid) ExFreePool(SeAliasPowerUsersSid);
+ if (SeAliasAccountOpsSid) ExFreePool(SeAliasAccountOpsSid);
+ if (SeAliasSystemOpsSid) ExFreePool(SeAliasSystemOpsSid);
+ if (SeAliasPrintOpsSid) ExFreePool(SeAliasPrintOpsSid);
+ if (SeAliasBackupOpsSid) ExFreePool(SeAliasBackupOpsSid);
+ if (SeAuthenticatedUsersSid) ExFreePool(SeAuthenticatedUsersSid);
+ if (SeRestrictedSid) ExFreePool(SeRestrictedSid);
+ if (SeAnonymousLogonSid) ExFreePool(SeAnonymousLogonSid);
+}
+
BOOLEAN
INIT_FUNCTION
NTAPI
ULONG SidLength1;
ULONG SidLength2;
PULONG SubAuthority;
-
+
SidLength0 = RtlLengthRequiredSid(0);
SidLength1 = RtlLengthRequiredSid(1);
SidLength2 = RtlLengthRequiredSid(2);
-
+
/* create NullSid */
SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
-
+
if (SeNullSid == NULL || SeWorldSid == NULL ||
SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
SeAnonymousLogonSid == NULL)
{
- /* FIXME: We're leaking memory here. */
- return(FALSE);
+ FreeInitializedSids();
+ return FALSE;
}
-
+
RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
-
+
SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
*SubAuthority = SECURITY_NULL_RID;
SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
*SubAuthority = SECURITY_RESTRICTED_CODE_RID;
SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
*SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
-
- return(TRUE);
+
+ return TRUE;
}
NTSTATUS
{
ULONG SidSize = 0;
PISID NewSid, Sid = (PISID)InputSid;
- NTSTATUS Status = STATUS_SUCCESS;
-
+ NTSTATUS Status;
+
PAGED_CODE();
-
- if(AccessMode != KernelMode)
+
+ if (AccessMode != KernelMode)
{
- _SEH_TRY
+ _SEH2_TRY
{
ProbeForRead(Sid,
FIELD_OFFSET(SID,
SidSize,
sizeof(UCHAR));
}
- _SEH_HANDLE
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
- Status = _SEH_GetExceptionCode();
+ /* Return the exception code */
+ _SEH2_YIELD(return _SEH2_GetExceptionCode());
}
- _SEH_END;
-
- if(NT_SUCCESS(Status))
+ _SEH2_END;
+
+ /* allocate a SID and copy it */
+ NewSid = ExAllocatePool(PoolType,
+ SidSize);
+ if (NewSid != NULL)
{
- /* allocate a SID and copy it */
- NewSid = ExAllocatePool(PoolType,
- SidSize);
- if(NewSid != NULL)
+ _SEH2_TRY
{
- _SEH_TRY
- {
- RtlCopyMemory(NewSid,
- Sid,
- SidSize);
-
- *CapturedSid = NewSid;
- }
- _SEH_HANDLE
- {
- ExFreePool(NewSid);
- Status = _SEH_GetExceptionCode();
- }
- _SEH_END;
+ RtlCopyMemory(NewSid,
+ Sid,
+ SidSize);
+
+ *CapturedSid = NewSid;
}
- else
+ _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
- Status = STATUS_INSUFFICIENT_RESOURCES;
+ /* Free the SID and return the exception code */
+ ExFreePool(NewSid);
+ _SEH2_YIELD(return _SEH2_GetExceptionCode());
}
+ _SEH2_END;
+ }
+ else
+ {
+ Status = STATUS_INSUFFICIENT_RESOURCES;
}
}
- else if(!CaptureIfKernel)
+ else if (!CaptureIfKernel)
{
*CapturedSid = InputSid;
return STATUS_SUCCESS;
else
{
SidSize = RtlLengthRequiredSid(Sid->SubAuthorityCount);
-
+
/* allocate a SID and copy it */
NewSid = ExAllocatePool(PoolType,
SidSize);
- if(NewSid != NULL)
+ if (NewSid != NULL)
{
RtlCopyMemory(NewSid,
Sid,
SidSize);
-
+
*CapturedSid = NewSid;
}
else
Status = STATUS_INSUFFICIENT_RESOURCES;
}
}
-
+
return Status;
}
IN BOOLEAN CaptureIfKernel)
{
PAGED_CODE();
-
- if(CapturedSid != NULL &&
- (AccessMode != KernelMode ||
- (AccessMode == KernelMode && CaptureIfKernel)))
+
+ if (CapturedSid != NULL &&
+ (AccessMode != KernelMode ||
+ (AccessMode == KernelMode && CaptureIfKernel)))
{
ExFreePool(CapturedSid);
}