[FORMATTING]
authorEric Kohl <eric.kohl@reactos.org>
Sat, 29 May 2010 20:40:28 +0000 (20:40 +0000)
committerEric Kohl <eric.kohl@reactos.org>
Sat, 29 May 2010 20:40:28 +0000 (20:40 +0000)
No code changes.

svn path=/trunk/; revision=47428

reactos/lib/rtl/process.c
reactos/ntoskrnl/se/sd.c
reactos/ntoskrnl/se/token.c

index 5d6c689..50e36eb 100644 (file)
@@ -43,7 +43,7 @@ RtlpMapFile(PUNICODE_STRING ImageFileName,
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Failed to read image file from disk\n");
-        return(Status);
+        return Status;
     }
 
     /* Now create a section for this image */
@@ -94,7 +94,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("Failed to reserve 1MB of space \n");
-            return(Status);
+            return Status;
         }
     }
 
@@ -118,7 +118,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
         if (!NT_SUCCESS(Status))
         {
             DPRINT1("Failed to allocate Environment Block\n");
-            return(Status);
+            return Status;
         }
 
         /* Write the Environment Block */
@@ -144,7 +144,7 @@ RtlpInitEnvironment(HANDLE ProcessHandle,
     if (!NT_SUCCESS(Status))
     {
         DPRINT1("Failed to allocate Parameter Block\n");
-        return(Status);
+        return Status;
     }
 
     /* Write the Parameter Block */
@@ -245,7 +245,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
     {
         DPRINT1("Could not create Kernel Process Object\n");
         ZwClose(hSection);
-        return(Status);
+        return Status;
     }
 
     /* Get some information on the image */
@@ -259,7 +259,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
         DPRINT1("Could not query Section Info\n");
         ZwClose(ProcessInfo->ProcessHandle);
         ZwClose(hSection);
-        return(Status);
+        return Status;
     }
 
     /* Get some information about the process */
@@ -273,7 +273,7 @@ RtlCreateUserProcess(IN PUNICODE_STRING ImageFileName,
         DPRINT1("Could not query Process Info\n");
         ZwClose(ProcessInfo->ProcessHandle);
         ZwClose(hSection);
-        return(Status);
+        return Status;
     }
 
     /* Create Process Environment */
@@ -312,22 +312,21 @@ PVOID
 NTAPI
 RtlEncodePointer(IN PVOID Pointer)
 {
-  ULONG Cookie;
-  NTSTATUS Status;
-
-  Status = ZwQueryInformationProcess(NtCurrentProcess(),
-                                     ProcessCookie,
-                                     &Cookie,
-                                     sizeof(Cookie),
-                                     NULL);
-
-  if(!NT_SUCCESS(Status))
-  {
-    DPRINT1("Failed to receive the process cookie! Status: 0x%lx\n", Status);
-    return Pointer;
-  }
-
-  return (PVOID)((ULONG_PTR)Pointer ^ Cookie);
+    ULONG Cookie;
+    NTSTATUS Status;
+
+    Status = ZwQueryInformationProcess(NtCurrentProcess(),
+                                       ProcessCookie,
+                                       &Cookie,
+                                       sizeof(Cookie),
+                                       NULL);
+    if(!NT_SUCCESS(Status))
+    {
+        DPRINT1("Failed to receive the process cookie! Status: 0x%lx\n", Status);
+        return Pointer;
+    }
+
+    return (PVOID)((ULONG_PTR)Pointer ^ Cookie);
 }
 
 /*
@@ -337,7 +336,7 @@ PVOID
 NTAPI
 RtlDecodePointer(IN PVOID Pointer)
 {
-  return RtlEncodePointer(Pointer);
+    return RtlEncodePointer(Pointer);
 }
 
 /*
index a0cb2cc..0e0eadc 100644 (file)
@@ -249,9 +249,11 @@ SepCaptureSecurityQualityOfService(IN POBJECT_ATTRIBUTES ObjectAttributes  OPTIO
                         if (((PSECURITY_QUALITY_OF_SERVICE)ObjectAttributes->SecurityQualityOfService)->Length ==
                             sizeof(SECURITY_QUALITY_OF_SERVICE))
                         {
-                            /* don't allocate memory here because ExAllocate should bugcheck
-                             the system if it's buggy, SEH would catch that! So make a local
-                             copy of the qos structure.*/
+                            /*
+                             * Don't allocate memory here because ExAllocate should bugcheck
+                             * the system if it's buggy, SEH would catch that! So make a local
+                             * copy of the qos structure.
+                             */
                             RtlCopyMemory(&SafeQos,
                                           ObjectAttributes->SecurityQualityOfService,
                                           sizeof(SECURITY_QUALITY_OF_SERVICE));
@@ -407,8 +409,10 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
 
             _SEH2_TRY
             {
-                /* first only probe and copy until the control field of the descriptor
-                 to determine whether it's a self-relative descriptor */
+                /*
+                 * First only probe and copy until the control field of the descriptor
+                 * to determine whether it's a self-relative descriptor
+                 */
                 DescriptorSize = FIELD_OFFSET(SECURITY_DESCRIPTOR,
                                               Owner);
                 ProbeForRead(OriginalSecurityDescriptor,
@@ -420,22 +424,24 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
                     _SEH2_YIELD(return STATUS_UNKNOWN_REVISION);
                 }
 
-                /* make a copy on the stack */
+                /* Make a copy on the stack */
                 DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
                 DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
                 DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
                 DescriptorSize = ((DescriptorCopy.Control & SE_SELF_RELATIVE) ?
                                   sizeof(SECURITY_DESCRIPTOR_RELATIVE) : sizeof(SECURITY_DESCRIPTOR));
 
-                /* probe and copy the entire security descriptor structure. The SIDs
-                 and ACLs will be probed and copied later though */
+                /*
+                 * Probe and copy the entire security descriptor structure. The SIDs
+                 * and ACLs will be probed and copied later though
+                 */
                 ProbeForRead(OriginalSecurityDescriptor,
                              DescriptorSize,
                              sizeof(ULONG));
                 if (DescriptorCopy.Control & SE_SELF_RELATIVE)
                 {
                     PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
-                    
+
                     DescriptorCopy.Owner = (PSID)RelSD->Owner;
                     DescriptorCopy.Group = (PSID)RelSD->Group;
                     DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
@@ -468,12 +474,12 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
         }
         else
         {
-            if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
+            if (OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
             {
                 return STATUS_UNKNOWN_REVISION;
             }
 
-            /* make a copy on the stack */
+            /* Make a copy on the stack */
             DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
             DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
             DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
@@ -482,7 +488,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
             if (DescriptorCopy.Control & SE_SELF_RELATIVE)
             {
                 PISECURITY_DESCRIPTOR_RELATIVE RelSD = (PISECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
-                
+
                 DescriptorCopy.Owner = (PSID)RelSD->Owner;
                 DescriptorCopy.Group = (PSID)RelSD->Group;
                 DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
@@ -499,9 +505,11 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
 
         if (DescriptorCopy.Control & SE_SELF_RELATIVE)
         {
-            /* in case we're dealing with a self-relative descriptor, do a basic convert
-             to an absolute descriptor. We do this so we can simply access the data
-             using the pointers without calculating them again. */
+            /*
+             * In case we're dealing with a self-relative descriptor, do a basic convert
+             * to an absolute descriptor. We do this so we can simply access the data
+             * using the pointers without calculating them again.
+             */
             DescriptorCopy.Control &= ~SE_SELF_RELATIVE;
             if (DescriptorCopy.Owner != NULL)
             {
@@ -521,7 +529,7 @@ SeCaptureSecurityDescriptor(IN PSECURITY_DESCRIPTOR _OriginalSecurityDescriptor,
             }
         }
 
-        /* determine the size of the SIDs */
+        /* Determine the size of the SIDs */
 #define DetermineSIDSize(SidType)                                              \
 do {                                                                       \
 if(DescriptorCopy.SidType != NULL)                                         \
@@ -530,7 +538,7 @@ SID *SidType = (SID*)DescriptorCopy.SidType;                             \
 \
 if(CurrentMode != KernelMode)                                            \
 {                                                                        \
-/* securely access the buffers! */                                     \
+/* Securely access the buffers! */                                     \
 _SEH2_TRY                                                               \
 {                                                                      \
 SidType##SAC = ProbeForReadUchar(&SidType->SubAuthorityCount);       \
@@ -561,7 +569,7 @@ DescriptorSize += ROUND_UP(SidType##Size, sizeof(ULONG));              \
 
 #undef DetermineSIDSize
 
-        /* determine the size of the ACLs */
+        /* Determine the size of the ACLs */
 #define DetermineACLSize(AclType, AclFlag)                                     \
 do {                                                                       \
 if((DescriptorCopy.Control & SE_##AclFlag##_PRESENT) &&                    \
@@ -571,7 +579,7 @@ PACL AclType = (PACL)DescriptorCopy.AclType;                             \
 \
 if(CurrentMode != KernelMode)                                            \
 {                                                                        \
-/* securely access the buffers! */                                     \
+/* Securely access the buffers! */                                     \
 _SEH2_TRY                                                               \
 {                                                                      \
 AclType##Size = ProbeForReadUshort(&AclType->AclSize);               \
@@ -604,27 +612,31 @@ DescriptorCopy.AclType = NULL;                                           \
 
 #undef DetermineACLSize
 
-        /* allocate enough memory to store a complete copy of a self-relative
-         security descriptor */
+        /*
+         * Allocate enough memory to store a complete copy of a self-relative
+         * security descriptor
+         */
         NewDescriptor = ExAllocatePoolWithTag(PoolType,
                                               DescriptorSize,
                                               TAG_SD);
-        if(NewDescriptor != NULL)
+        if (NewDescriptor != NULL)
         {
             ULONG_PTR Offset = sizeof(SECURITY_DESCRIPTOR);
-            
+
             RtlZeroMemory(NewDescriptor, DescriptorSize);
             NewDescriptor->Revision = DescriptorCopy.Revision;
             NewDescriptor->Sbz1 = DescriptorCopy.Sbz1;
             NewDescriptor->Control = DescriptorCopy.Control | SE_SELF_RELATIVE;
-            
+
             _SEH2_TRY
             {
-                /* setup the offsets and copy the SIDs and ACLs to the new
-                 self-relative security descriptor. Probing the pointers is not
-                 neccessary anymore as we did that when collecting the sizes!
-                 Make sure to validate the SIDs and ACLs *again* as they could have
-                 been modified in the meanwhile! */
+                /*
+                 * Setup the offsets and copy the SIDs and ACLs to the new
+                 * self-relative security descriptor. Probing the pointers is not
+                 * neccessary anymore as we did that when collecting the sizes!
+                 * Make sure to validate the SIDs and ACLs *again* as they could have
+                 * been modified in the meanwhile!
+                 */
 #define CopySID(Type)                                                          \
 do {                                                                   \
 if(DescriptorCopy.Type != NULL)                                        \
@@ -673,14 +685,16 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG));                       \
             }
             _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
             {
-                /* we failed to copy the data to the new descriptor */
+                /* We failed to copy the data to the new descriptor */
                 ExFreePool(NewDescriptor);
                 _SEH2_YIELD(return _SEH2_GetExceptionCode());
             }
             _SEH2_END;
 
-            /* we're finally done! copy the pointer to the captured descriptor to
-             to the caller */
+            /*
+             * We're finally done!
+             * Copy the pointer to the captured descriptor to to the caller.
+             */
             *CapturedSecurityDescriptor = NewDescriptor;
             return STATUS_SUCCESS;
         }
@@ -691,7 +705,7 @@ Offset += ROUND_UP(Type##Size, sizeof(ULONG));                       \
     }
     else
     {
-        /* nothing to do... */
+        /* Nothing to do... */
         *CapturedSecurityDescriptor = NULL;
     }
 
@@ -765,6 +779,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
             Dacl = (PACL)((ULONG_PTR)ObjectSd->Dacl + (ULONG_PTR)ObjectSd);
             DaclLength = ROUND_UP((ULONG)Dacl->AclSize, 4);
         }
+
         Control |= (ObjectSd->Control & (SE_DACL_DEFAULTED | SE_DACL_PRESENT));
     }
 
@@ -776,6 +791,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
             Sacl = (PACL)((ULONG_PTR)ObjectSd->Sacl + (ULONG_PTR)ObjectSd);
             SaclLength = ROUND_UP(Sacl->AclSize, 4);
         }
+
         Control |= (ObjectSd->Control & (SE_SACL_DEFAULTED | SE_SACL_PRESENT));
     }
 
@@ -846,14 +862,16 @@ SeReleaseSecurityDescriptor(IN PSECURITY_DESCRIPTOR CapturedSecurityDescriptor,
 {
     PAGED_CODE();
 
-    /* WARNING! You need to call this function with the same value for CurrentMode
-     and CaptureIfKernelMode that you previously passed to
-     SeCaptureSecurityDescriptor() in order to avoid memory leaks! */
-    if(CapturedSecurityDescriptor != NULL &&
-       (CurrentMode != KernelMode ||
-        (CurrentMode == KernelMode && CaptureIfKernelMode)))
+    /*
+     * WARNING! You need to call this function with the same value for CurrentMode
+     * and CaptureIfKernelMode that you previously passed to
+     * SeCaptureSecurityDescriptor() in order to avoid memory leaks!
+     */
+    if (CapturedSecurityDescriptor != NULL &&
+        (CurrentMode != KernelMode ||
+         (CurrentMode == KernelMode && CaptureIfKernelMode)))
     {
-        /* only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */
+        /* Only delete the descriptor when SeCaptureSecurityDescriptor() allocated one! */
         ExFreePoolWithTag(CapturedSecurityDescriptor, TAG_SD);
     }
 
@@ -888,8 +906,9 @@ SeSetSecurityDescriptorInfo(IN PVOID Object OPTIONAL,
 
     ObjectSd = *ObjectsSecurityDescriptor;
 
+    /* The object does not have a security descriptor. */
     if (!ObjectSd)
-        return STATUS_NO_SECURITY_ON_OBJECT; // The object does not have a security descriptor.
+        return STATUS_NO_SECURITY_ON_OBJECT;
 
     SecurityInformation = *_SecurityInformation;
 
@@ -1074,8 +1093,9 @@ SeSetSecurityDescriptorInfoEx(IN PVOID Object OPTIONAL,
 {
     PISECURITY_DESCRIPTOR ObjectSd = *ObjectsSecurityDescriptor;
 
+    /* The object does not have a security descriptor. */
     if (!ObjectSd)
-        return STATUS_NO_SECURITY_ON_OBJECT; // The object does not have a security descriptor.
+        return STATUS_NO_SECURITY_ON_OBJECT;
 
     UNIMPLEMENTED;
     return STATUS_NOT_IMPLEMENTED;
index 7bb2d95..30f7fc8 100644 (file)
@@ -790,10 +790,10 @@ SepCreateSystemProcessToken(VOID)
     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeTakeOwnershipPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeCreatePagefilePrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeLockMemoryPrivilege;
 
     Privileges[i].Attributes = 0;
@@ -802,16 +802,16 @@ SepCreateSystemProcessToken(VOID)
     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeIncreaseQuotaPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeIncreaseBasePriorityPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeCreatePermanentPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeDebugPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeAuditPrivilege;
 
     Privileges[i].Attributes = 0;
@@ -820,7 +820,7 @@ SepCreateSystemProcessToken(VOID)
     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeSystemEnvironmentPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeChangeNotifyPrivilege;
 
     Privileges[i].Attributes = 0;
@@ -835,7 +835,7 @@ SepCreateSystemProcessToken(VOID)
     Privileges[i].Attributes = 0;
     Privileges[i++].Luid = SeLoadDriverPrivilege;
 
-    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT|SE_PRIVILEGE_ENABLED;
+    Privileges[i].Attributes = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED;
     Privileges[i++].Luid = SeProfileSingleProcessPrivilege;
 
     Privileges[i].Attributes = 0;
@@ -1709,7 +1709,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                     {
                         PACL CapturedAcl;
 
-                        /* capture and copy the dacl */
+                        /* Capture and copy the dacl */
                         Status = SepCaptureAcl(InputAcl,
                                                PreviousMode,
                                                PagedPool,
@@ -1717,19 +1717,19 @@ NtSetInformationToken(IN HANDLE TokenHandle,
                                                &CapturedAcl);
                         if (NT_SUCCESS(Status))
                         {
-                            /* free the previous dacl if present */
+                            /* Free the previous dacl if present */
                             if(Token->DefaultDacl != NULL)
                             {
                                 ExFreePool(Token->DefaultDacl);
                             }
 
-                            /* set the new dacl */
+                            /* Set the new dacl */
                             Token->DefaultDacl = CapturedAcl;
                         }
                     }
                     else
                     {
-                        /* clear and free the default dacl if present */
+                        /* Clear and free the default dacl if present */
                         if (Token->DefaultDacl != NULL)
                         {
                             ExFreePool(Token->DefaultDacl);
@@ -1750,7 +1750,7 @@ NtSetInformationToken(IN HANDLE TokenHandle,
 
                 _SEH2_TRY
                 {
-                    /* buffer size was already verified, no need to check here again */
+                    /* Buffer size was already verified, no need to check here again */
                     SessionId = *(PULONG)TokenInformation;
                 }
                 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
@@ -1880,7 +1880,7 @@ NtDuplicateToken(IN HANDLE ExistingTokenHandle,
         }
     }
 
-    /* free the captured structure */
+    /* Free the captured structure */
     SepReleaseSecurityQualityOfService(CapturedSecurityQualityOfService,
                                        PreviousMode,
                                        FALSE);
@@ -1997,7 +1997,8 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
                     }
                     else
                     {
-                        /* FIXME: Should revert all the changes, calculate how
+                        /*
+                         * FIXME: Should revert all the changes, calculate how
                          * much space would be needed, set ResultLength
                          * accordingly and fail.
                          */
@@ -2044,7 +2045,8 @@ NtAdjustPrivilegesToken(IN HANDLE TokenHandle,
                             }
                             else
                             {
-                                /* FIXME: Should revert all the changes, calculate how
+                                /*
+                                 * FIXME: Should revert all the changes, calculate how
                                  * much space would be needed, set ResultLength
                                  * accordingly and fail.
                                  */