+ /* Null PrivSet with null PrivSetLen pointer */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ NULL, NULL, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_NOACCESS, "AccessCheck should have "
+ "failed with ERROR_NOACCESS, instead of %d\n", err);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Null PrivSet with zero PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = 0;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ 0, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+ "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Null PrivSet with insufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = 1;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ 0, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_NOACCESS, "AccessCheck should have "
+ "failed with ERROR_NOACCESS, instead of %d\n", err);
+ ok(PrivSetLen == 1, "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Null PrivSet with insufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = sizeof(PRIVILEGE_SET) - 1;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ 0, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_NOACCESS, "AccessCheck should have "
+ "failed with ERROR_NOACCESS, instead of %d\n", err);
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET) - 1, "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Null PrivSet with minimal sufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = sizeof(PRIVILEGE_SET);
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ 0, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_NOACCESS, "AccessCheck should have "
+ "failed with ERROR_NOACCESS, instead of %d\n", err);
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Valid PrivSet with zero PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = 0;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+ "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Valid PrivSet with insufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = 1;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+todo_wine
+ ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+ "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+todo_wine
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Valid PrivSet with insufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = sizeof(PRIVILEGE_SET) - 1;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+todo_wine
+ ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+ "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+todo_wine
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+todo_wine
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+
+ /* Valid PrivSet with minimal sufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = sizeof(PRIVILEGE_SET);
+ memset(PrivSet, 0xcc, PrivSetLen);
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+todo_wine
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+ ok(AccessStatus && (Access == KEY_READ),
+ "AccessCheck failed to grant access with error %d\n", GetLastError());
+ ok(PrivSet->PrivilegeCount == 0, "PrivilegeCount returns %d, expects 0\n",
+ PrivSet->PrivilegeCount);
+
+ /* Valid PrivSet with sufficient PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ PrivSetLen = sizeof(PRIVILEGE_SET) + 1;
+ memset(PrivSet, 0xcc, PrivSetLen);
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ PrivSet, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(ret, "AccessCheck failed with error %d\n", GetLastError());
+todo_wine
+ ok(PrivSetLen == sizeof(PRIVILEGE_SET) + 1, "PrivSetLen returns %d\n", PrivSetLen);
+ ok(AccessStatus && (Access == KEY_READ),
+ "AccessCheck failed to grant access with error %d\n", GetLastError());
+ ok(PrivSet->PrivilegeCount == 0, "PrivilegeCount returns %d, expects 0\n",
+ PrivSet->PrivilegeCount);
+
+ PrivSetLen = FIELD_OFFSET(PRIVILEGE_SET, Privilege[16]);
+
+ /* Null PrivSet with valid PrivSetLen */
+ SetLastError(0xdeadbeef);
+ Access = AccessStatus = 0x1abe11ed;
+ ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+ 0, &PrivSetLen, &Access, &AccessStatus);
+ err = GetLastError();
+ ok(!ret && err == ERROR_NOACCESS, "AccessCheck should have "
+ "failed with ERROR_NOACCESS, instead of %d\n", err);
+ ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+ "Access and/or AccessStatus were changed!\n");
+