The structure layout of self-relative security descriptors may be different from...
authorThomas Bluemel <thomas@reactsoft.com>
Sat, 12 Feb 2005 11:47:03 +0000 (11:47 +0000)
committerThomas Bluemel <thomas@reactsoft.com>
Sat, 12 Feb 2005 11:47:03 +0000 (11:47 +0000)
svn path=/trunk/; revision=13502

reactos/include/ntos/rtl.h
reactos/include/ntos/security.h
reactos/lib/advapi32/sec/sec.c
reactos/lib/rtl/sd.c
reactos/ntoskrnl/se/sd.c
reactos/w32api/include/ddk/ntifs.h
reactos/w32api/include/ddk/winddk.h
reactos/w32api/include/winnt.h

index 183e127..8a6d465 100755 (executable)
@@ -521,7 +521,7 @@ PushEntryList (
 
 NTSTATUS STDCALL
 RtlAbsoluteToSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD,
-                            PSECURITY_DESCRIPTOR RelSD,
+                            PSECURITY_DESCRIPTOR_RELATIVE RelSD,
                             PULONG BufferLength);
 
 NTSTATUS STDCALL
@@ -852,6 +852,10 @@ NTSTATUS STDCALL
 RtlCreateSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor,
                             ULONG Revision);
 
+NTSTATUS STDCALL
+RtlCreateSecurityDescriptorRelative (PSECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
+                                    ULONG Revision);
+
 NTSTATUS
 STDCALL
 RtlCreateSystemVolumeInformationFolder(
@@ -1999,7 +2003,7 @@ RtlLookupElementGenericTableFullAvl (
 
 NTSTATUS STDCALL
 RtlMakeSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD,
-                      PSECURITY_DESCRIPTOR RelSD,
+                      PSECURITY_DESCRIPTOR_RELATIVE RelSD,
                       PULONG BufferLength);
 
 VOID STDCALL
@@ -2261,7 +2265,7 @@ RtlSecondsSince1980ToTime (ULONG SecondsSince1980,
                           PLARGE_INTEGER Time);
 
 NTSTATUS STDCALL
-RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR RelSD,
+RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR_RELATIVE RelSD,
                             PSECURITY_DESCRIPTOR AbsSD,
                             PULONG AbsSDSize,
                             PACL Dacl,
@@ -2276,7 +2280,7 @@ RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR RelSD,
 NTSTATUS
 STDCALL
 RtlSelfRelativeToAbsoluteSD2(
-       PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
+       PSECURITY_DESCRIPTOR_RELATIVE SelfRelativeSecurityDescriptor,
        PULONG BufferSize
        );
 
@@ -2659,7 +2663,7 @@ RtlValidateHeap (
 BOOLEAN
 STDCALL
 RtlValidRelativeSecurityDescriptor (
-       IN PSECURITY_DESCRIPTOR SecurityDescriptorInput,
+       IN PSECURITY_DESCRIPTOR_RELATIVE SecurityDescriptorInput,
        IN ULONG SecurityDescriptorLength,
        IN SECURITY_INFORMATION RequiredInformation
        );
index 2454563..e4b76e9 100644 (file)
@@ -283,6 +283,17 @@ typedef struct _SECURITY_DESCRIPTOR
   PACL Dacl;
 } SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR;
 
+typedef struct _SECURITY_DESCRIPTOR_RELATIVE
+{
+  UCHAR  Revision;
+  UCHAR  Sbz1;
+  SECURITY_DESCRIPTOR_CONTROL Control;
+  ULONG Owner;
+  ULONG Group;
+  ULONG Sacl;
+  ULONG Dacl;
+} SECURITY_DESCRIPTOR_RELATIVE, *PSECURITY_DESCRIPTOR_RELATIVE;
+
 typedef struct _LUID_AND_ATTRIBUTES
 {
   LUID  Luid;
index ea7b36c..790a33d 100644 (file)
@@ -258,7 +258,7 @@ MakeAbsoluteSD (
 {
        NTSTATUS Status;
 
-       Status = RtlSelfRelativeToAbsoluteSD (pSelfRelativeSecurityDescriptor,
+       Status = RtlSelfRelativeToAbsoluteSD ((PSECURITY_DESCRIPTOR_RELATIVE)pSelfRelativeSecurityDescriptor,
                                              pAbsoluteSecurityDescriptor,
                                              lpdwAbsoluteSecurityDescriptorSize,
                                              pDacl,
@@ -293,7 +293,7 @@ MakeSelfRelativeSD (
        NTSTATUS Status;
 
        Status = RtlAbsoluteToSelfRelativeSD (pAbsoluteSecurityDescriptor,
-                                             pSelfRelativeSecurityDescriptor,
+                                             (PSECURITY_DESCRIPTOR_RELATIVE)pSelfRelativeSecurityDescriptor,
                                              (PULONG)lpdwBufferLength);
        if (!NT_SUCCESS(Status))
        {
index 7430a16..a27f2e5 100644 (file)
 
 /* FUNCTIONS ***************************************************************/
 
+
+static VOID
+RtlpQuerySecurityDescriptorPointers(IN PSECURITY_DESCRIPTOR SecurityDescriptor,
+                                    OUT PSID *Owner  OPTIONAL,
+                                    OUT PSID *Group  OPTIONAL,
+                                    OUT PACL *Sacl  OPTIONAL,
+                                    OUT PACL *Dacl  OPTIONAL)
+{
+  if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
+  {
+    PSECURITY_DESCRIPTOR_RELATIVE RelSD = (PSECURITY_DESCRIPTOR_RELATIVE)SecurityDescriptor;
+    if(Owner != NULL)
+    {
+      *Owner = ((RelSD->Owner != 0) ? (PSID)((ULONG_PTR)RelSD + RelSD->Owner) : NULL);
+    }
+    if(Group != NULL)
+    {
+      *Group = ((RelSD->Group != 0) ? (PSID)((ULONG_PTR)RelSD + RelSD->Group) : NULL);
+    }
+    if(Sacl != NULL)
+    {
+      *Sacl = (((RelSD->Control & SE_SACL_PRESENT) && (RelSD->Sacl != 0)) ?
+              (PSID)((ULONG_PTR)RelSD + RelSD->Sacl) : NULL);
+    }
+    if(Dacl != NULL)
+    {
+      *Dacl = (((RelSD->Control & SE_DACL_PRESENT) && (RelSD->Dacl != 0)) ?
+              (PSID)((ULONG_PTR)RelSD + RelSD->Dacl) : NULL);
+    }
+  }
+  else
+  {
+    if(Owner != NULL)
+    {
+      *Owner = SecurityDescriptor->Owner;
+    }
+    if(Group != NULL)
+    {
+      *Group = SecurityDescriptor->Group;
+    }
+    if(Sacl != NULL)
+    {
+      *Sacl = ((SecurityDescriptor->Control & SE_SACL_PRESENT) ? SecurityDescriptor->Sacl : NULL);
+    }
+    if(Dacl != NULL)
+    {
+      *Dacl = ((SecurityDescriptor->Control & SE_DACL_PRESENT) ? SecurityDescriptor->Dacl : NULL);
+    }
+  }
+}
+
+static VOID
+RtlpQuerySecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
+                            PSID* Owner,
+                            PULONG OwnerLength,
+                            PSID* Group,
+                            PULONG GroupLength,
+                            PACL* Dacl,
+                            PULONG DaclLength,
+                            PACL* Sacl,
+                            PULONG SaclLength)
+{
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       Owner,
+                                       Group,
+                                       Sacl,
+                                       Dacl);
+
+   if (Owner != NULL)
+   {
+      *OwnerLength = ((*Owner != NULL) ? ROUND_UP(RtlLengthSid(*Owner), 4) : 0);
+   }
+   
+   if (Group != NULL)
+   {
+      *GroupLength = ((*Group != NULL) ? ROUND_UP(RtlLengthSid(*Group), 4) : 0);
+   }
+   
+   if (Dacl != NULL)
+   {
+      *DaclLength = ((*Dacl != NULL) ? ROUND_UP((*Dacl)->AclSize, 4) : 0);
+   }
+   
+   if (Sacl != NULL)
+   {
+      *SaclLength = ((*Sacl != NULL) ? ROUND_UP((*Sacl)->AclSize, 4) : 0);
+   }
+}
+
 /*
 * @implemented
 */
@@ -41,54 +130,61 @@ RtlCreateSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
 }
 
 
+NTSTATUS STDCALL
+RtlCreateSecurityDescriptorRelative (PSECURITY_DESCRIPTOR_RELATIVE SecurityDescriptor,
+                                    ULONG Revision)
+{
+   if (Revision != SECURITY_DESCRIPTOR_REVISION1)
+   {
+      return STATUS_UNKNOWN_REVISION;
+   }
+
+   SecurityDescriptor->Revision = Revision;
+   SecurityDescriptor->Sbz1 = 0;
+   SecurityDescriptor->Control = SE_SELF_RELATIVE;
+   SecurityDescriptor->Owner = 0;
+   SecurityDescriptor->Group = 0;
+   SecurityDescriptor->Sacl = 0;
+   SecurityDescriptor->Dacl = 0;
+
+   return STATUS_SUCCESS;
+}
+
+
 /*
  * @implemented
  */
 ULONG STDCALL
 RtlLengthSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
 {
+   PSID Owner, Group;
+   PACL Sacl, Dacl;
    ULONG Length = sizeof(SECURITY_DESCRIPTOR);
+   
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       &Owner,
+                                       &Group,
+                                       &Sacl,
+                                       &Dacl);
 
-   if (SecurityDescriptor->Owner != NULL)
+   if (Owner != NULL)
    {
-      PSID Owner = SecurityDescriptor->Owner;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Owner = (PSID)((ULONG_PTR)Owner + (ULONG_PTR)SecurityDescriptor);
-      }
-      Length = Length + ROUND_UP(RtlLengthSid(Owner), 4);
+      Length += ROUND_UP(RtlLengthSid(Owner), 4);
    }
 
-   if (SecurityDescriptor->Group != NULL)
+   if (Group != NULL)
    {
-      PSID Group = SecurityDescriptor->Group;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor);
-      }
-      Length = Length + ROUND_UP(RtlLengthSid(Group), 4);
+      Length += ROUND_UP(RtlLengthSid(Group), 4);
    }
 
-   if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
-         SecurityDescriptor->Dacl != NULL)
+   if (Dacl != NULL)
    {
-      PACL Dacl = SecurityDescriptor->Dacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor);
-      }
-      Length = Length + ROUND_UP(Dacl->AclSize, 4);
+      Length += ROUND_UP(Dacl->AclSize, 4);
    }
 
-   if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
-         SecurityDescriptor->Sacl != NULL)
+   if (Sacl != NULL)
    {
-      PACL Sacl = SecurityDescriptor->Sacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor);
-      }
-      Length = Length + ROUND_UP(Sacl->AclSize, 4);
+      Length += ROUND_UP(Sacl->AclSize, 4);
    }
 
    return Length;
@@ -116,27 +212,13 @@ RtlGetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
    }
    *DaclPresent = TRUE;
 
-   if (SecurityDescriptor->Dacl == NULL)
-   {
-      *Dacl = NULL;
-   }
-   else
-   {
-      *Dacl = SecurityDescriptor->Dacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Dacl = (PACL)((ULONG_PTR)*Dacl + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       NULL,
+                                       NULL,
+                                       NULL,
+                                       Dacl);
 
-   if (SecurityDescriptor->Control & SE_DACL_DEFAULTED)
-   {
-      *DaclDefaulted = TRUE;
-   }
-   else
-   {
-      *DaclDefaulted = FALSE;
-   }
+   *DaclDefaulted = ((SecurityDescriptor->Control & SE_DACL_DEFAULTED) ? TRUE : FALSE);
 
    return STATUS_SUCCESS;
 }
@@ -186,67 +268,26 @@ RtlSetDaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
 BOOLEAN STDCALL
 RtlValidSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor)
 {
+   PSID Owner, Group;
+   PACL Sacl, Dacl;
+
    if (SecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
    {
       return FALSE;
    }
+   
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       &Owner,
+                                       &Group,
+                                       &Sacl,
+                                       &Dacl);
 
-   if (SecurityDescriptor->Owner != NULL)
-   {
-      PSID Owner = SecurityDescriptor->Owner;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Owner = (PSID)((ULONG_PTR)Owner + (ULONG_PTR)SecurityDescriptor);
-      }
-
-      if (!RtlValidSid(Owner))
-      {
-         return FALSE;
-      }
-   }
-
-   if (SecurityDescriptor->Group != NULL)
-   {
-      PSID Group = SecurityDescriptor->Group;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Group = (PSID)((ULONG_PTR)Group + (ULONG_PTR)SecurityDescriptor);
-      }
-
-      if (!RtlValidSid(Group))
-      {
-         return FALSE;
-      }
-   }
-
-   if (SecurityDescriptor->Control & SE_DACL_PRESENT &&
-       SecurityDescriptor->Dacl != NULL)
-   {
-      PACL Dacl = SecurityDescriptor->Dacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Dacl = (PACL)((ULONG_PTR)Dacl + (ULONG_PTR)SecurityDescriptor);
-      }
-
-      if (!RtlValidAcl(Dacl))
-      {
-         return FALSE;
-      }
-   }
-
-   if (SecurityDescriptor->Control & SE_SACL_PRESENT &&
-       SecurityDescriptor->Sacl != NULL)
+   if ((Owner != NULL && !RtlValidSid(Owner)) ||
+       (Group != NULL && !RtlValidSid(Group)) ||
+       (Sacl != NULL && !RtlValidAcl(Sacl)) ||
+       (Dacl != NULL && !RtlValidAcl(Dacl)))
    {
-      PACL Sacl = SecurityDescriptor->Sacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         Sacl = (PACL)((ULONG_PTR)Sacl + (ULONG_PTR)SecurityDescriptor);
-      }
-
-      if (!RtlValidAcl(Sacl))
-      {
-         return FALSE;
-      }
+      return FALSE;
    }
 
    return TRUE;
@@ -296,27 +337,13 @@ RtlGetOwnerSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
       return STATUS_UNKNOWN_REVISION;
    }
 
-   if (SecurityDescriptor->Owner != NULL)
-   {
-      *Owner = SecurityDescriptor->Owner;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Owner = (PSID)((ULONG_PTR)*Owner + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Owner = NULL;
-   }
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       Owner,
+                                       NULL,
+                                       NULL,
+                                       NULL);
 
-   if (SecurityDescriptor->Control & SE_OWNER_DEFAULTED)
-   {
-      *OwnerDefaulted = TRUE;
-   }
-   else
-   {
-      *OwnerDefaulted = FALSE;
-   }
+   *OwnerDefaulted = ((SecurityDescriptor->Control & SE_OWNER_DEFAULTED) ? TRUE : FALSE);
 
    return STATUS_SUCCESS;
 }
@@ -364,142 +391,25 @@ RtlGetGroupSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
       return STATUS_UNKNOWN_REVISION;
    }
 
-   if (SecurityDescriptor->Group != NULL)
-   {
-      *Group = SecurityDescriptor->Group;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Group = (PSID)((ULONG_PTR)*Group + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Group = NULL;
-   }
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       NULL,
+                                       Group,
+                                       NULL,
+                                       NULL);
 
-   if (SecurityDescriptor->Control & SE_GROUP_DEFAULTED)
-   {
-      *GroupDefaulted = TRUE;
-   }
-   else
-   {
-      *GroupDefaulted = FALSE;
-   }
+   *GroupDefaulted = ((SecurityDescriptor->Control & SE_GROUP_DEFAULTED) ? TRUE : FALSE);
 
    return STATUS_SUCCESS;
 }
 
 
-static VOID
-RtlpQuerySecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
-                            PSID* Owner,
-                            PULONG OwnerLength,
-                            PSID* Group,
-                            PULONG GroupLength,
-                            PACL* Dacl,
-                            PULONG DaclLength,
-                            PACL* Sacl,
-                            PULONG SaclLength)
-{
-   if (SecurityDescriptor->Owner != NULL)
-   {
-      *Owner = SecurityDescriptor->Owner;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Owner = (PSID)((ULONG_PTR)*Owner + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Owner = NULL;
-   }
-
-   if (*Owner != NULL)
-   {
-      *OwnerLength = ROUND_UP(RtlLengthSid(*Owner), 4);
-   }
-   else
-   {
-      *OwnerLength = 0;
-   }
-
-   if ((SecurityDescriptor->Control & SE_DACL_PRESENT) &&
-         SecurityDescriptor->Dacl != NULL)
-   {
-      *Dacl = SecurityDescriptor->Dacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Dacl = (PACL)((ULONG_PTR)*Dacl + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Dacl = NULL;
-   }
-
-   if (*Dacl != NULL)
-   {
-      *DaclLength = ROUND_UP((*Dacl)->AclSize, 4);
-   }
-   else
-   {
-      *DaclLength = 0;
-   }
-
-   if (SecurityDescriptor->Group != NULL)
-   {
-      *Group = SecurityDescriptor->Group;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Group = (PSID)((ULONG_PTR)*Group + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Group = NULL;
-   }
-
-   if (*Group != NULL)
-   {
-      *GroupLength = ROUND_UP(RtlLengthSid(*Group), 4);
-   }
-   else
-   {
-      *GroupLength = 0;
-   }
-
-   if ((SecurityDescriptor->Control & SE_SACL_PRESENT) &&
-         SecurityDescriptor->Sacl != NULL)
-   {
-      *Sacl = SecurityDescriptor->Sacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Sacl = (PACL)((ULONG_PTR)*Sacl + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
-   else
-   {
-      *Sacl = NULL;
-   }
-
-   if (*Sacl != NULL)
-   {
-      *SaclLength = ROUND_UP((*Sacl)->AclSize, 4);
-   }
-   else
-   {
-      *SaclLength = 0;
-   }
-}
-
-
 /*
  * @implemented
  */
 NTSTATUS STDCALL
 RtlMakeSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
-                      PSECURITY_DESCRIPTOR RelSD,
-                      PULONG BufferLength)
+                     PSECURITY_DESCRIPTOR_RELATIVE RelSD,
+                     PULONG BufferLength)
 {
    PSID Owner;
    PSID Group;
@@ -522,7 +432,7 @@ RtlMakeSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
                                &Sacl,
                                &SaclLength);
 
-   TotalLength = OwnerLength + GroupLength + SaclLength + DaclLength + sizeof(SECURITY_DESCRIPTOR);
+   TotalLength = sizeof(SECURITY_DESCRIPTOR_RELATIVE) + OwnerLength + GroupLength + SaclLength + DaclLength;
    if (*BufferLength < TotalLength)
    {
       return STATUS_BUFFER_TOO_SMALL;
@@ -530,48 +440,48 @@ RtlMakeSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
 
    RtlZeroMemory(RelSD,
                  TotalLength);
-   memmove(RelSD,
-           AbsSD,
-           sizeof(SECURITY_DESCRIPTOR));
-   Current = (ULONG_PTR)RelSD + sizeof(SECURITY_DESCRIPTOR);
+
+   RelSD->Revision = AbsSD->Revision;
+   RelSD->Sbz1 = AbsSD->Sbz1;
+   RelSD->Control = AbsSD->Control | SE_SELF_RELATIVE;
+   
+   Current = (ULONG_PTR)(RelSD + 1);
 
    if (SaclLength != 0)
    {
-      memmove((PVOID)Current,
-              Sacl,
-              SaclLength);
-      RelSD->Sacl = (PACL)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
+      RtlCopyMemory((PVOID)Current,
+                    Sacl,
+                    SaclLength);
+      RelSD->Sacl = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
       Current += SaclLength;
    }
 
    if (DaclLength != 0)
    {
-      memmove((PVOID)Current,
-              Dacl,
-              DaclLength);
-      RelSD->Dacl = (PACL)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
+      RtlCopyMemory((PVOID)Current,
+                    Dacl,
+                    DaclLength);
+      RelSD->Dacl = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
       Current += DaclLength;
    }
 
    if (OwnerLength != 0)
    {
-      memmove((PVOID)Current,
-              Owner,
-              OwnerLength);
-      RelSD->Owner = (PSID)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
+      RtlCopyMemory((PVOID)Current,
+                    Owner,
+                    OwnerLength);
+      RelSD->Owner = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
       Current += OwnerLength;
    }
 
    if (GroupLength != 0)
    {
-      memmove((PVOID)Current,
-              Group,
-              GroupLength);
-      RelSD->Group = (PSID)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
+      RtlCopyMemory((PVOID)Current,
+                    Group,
+                    GroupLength);
+      RelSD->Group = (ULONG)((ULONG_PTR)Current - (ULONG_PTR)RelSD);
    }
 
-   RelSD->Control |= SE_SELF_RELATIVE;
-
    return STATUS_SUCCESS;
 }
 
@@ -581,7 +491,7 @@ RtlMakeSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
  */
 NTSTATUS STDCALL
 RtlAbsoluteToSelfRelativeSD(PSECURITY_DESCRIPTOR AbsSD,
-                            PSECURITY_DESCRIPTOR RelSD,
+                            PSECURITY_DESCRIPTOR_RELATIVE RelSD,
                             PULONG BufferLength)
 {
    if (AbsSD->Control & SE_SELF_RELATIVE)
@@ -658,27 +568,13 @@ RtlGetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
    }
    *SaclPresent = TRUE;
 
-   if (SecurityDescriptor->Sacl == NULL)
-   {
-      *Sacl = NULL;
-   }
-   else
-   {
-      *Sacl = SecurityDescriptor->Sacl;
-      if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
-      {
-         *Sacl = (PACL)((ULONG_PTR)*Sacl + (ULONG_PTR)SecurityDescriptor);
-      }
-   }
+   RtlpQuerySecurityDescriptorPointers(SecurityDescriptor,
+                                       NULL,
+                                       NULL,
+                                       Sacl,
+                                       NULL);
 
-   if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
-   {
-      *SaclDefaulted = TRUE;
-   }
-   else
-   {
-      *SaclDefaulted = FALSE;
-   }
+   *SaclDefaulted = ((SecurityDescriptor->Control & SE_SACL_DEFAULTED) ? TRUE : FALSE);
 
    return STATUS_SUCCESS;
 }
@@ -726,7 +622,7 @@ RtlSetSaclSecurityDescriptor(PSECURITY_DESCRIPTOR SecurityDescriptor,
  * @implemented
  */
 NTSTATUS STDCALL
-RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR RelSD,
+RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR_RELATIVE RelSD,
                             PSECURITY_DESCRIPTOR AbsSD,
                             PDWORD AbsSDSize,
                             PACL Dacl,
@@ -747,10 +643,17 @@ RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR RelSD,
    PACL pDacl;
    PACL pSacl;
 
+   if (RelSD->Revision != SECURITY_DESCRIPTOR_REVISION1)
+   {
+      return STATUS_UNKNOWN_REVISION;
+   }
+
    if (!(RelSD->Control & SE_SELF_RELATIVE))
+   {
       return STATUS_BAD_DESCRIPTOR_FORMAT;
+   }
 
-   RtlpQuerySecurityDescriptor (RelSD,
+   RtlpQuerySecurityDescriptor ((PSECURITY_DESCRIPTOR)RelSD,
                                 &pOwner,
                                 &OwnerLength,
                                 &pGroup,
@@ -764,16 +667,18 @@ RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR RelSD,
        GroupLength > *GroupSize ||
        DaclLength > *DaclSize ||
        SaclLength > *SaclSize)
+   {
       return STATUS_BUFFER_TOO_SMALL;
+   }
 
-   memmove (Owner, pOwner, OwnerLength);
-   memmove (Group, pGroup, GroupLength);
-   memmove (Dacl, pDacl, DaclLength);
-   memmove (Sacl, pSacl, SaclLength);
-
-   memmove (AbsSD, RelSD, sizeof (SECURITY_DESCRIPTOR));
+   RtlCopyMemory (Owner, pOwner, OwnerLength);
+   RtlCopyMemory (Group, pGroup, GroupLength);
+   RtlCopyMemory (Dacl, pDacl, DaclLength);
+   RtlCopyMemory (Sacl, pSacl, SaclLength);
 
-   AbsSD->Control &= ~SE_SELF_RELATIVE;
+   AbsSD->Revision = RelSD->Revision;
+   AbsSD->Sbz1 = RelSD->Sbz1;
+   AbsSD->Control = RelSD->Control & ~SE_SELF_RELATIVE;
    AbsSD->Owner = Owner;
    AbsSD->Group = Group;
    AbsSD->Dacl = Dacl;
@@ -792,7 +697,7 @@ RtlSelfRelativeToAbsoluteSD(PSECURITY_DESCRIPTOR RelSD,
  * @unimplemented
  */
 NTSTATUS STDCALL
-RtlSelfRelativeToAbsoluteSD2(PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
+RtlSelfRelativeToAbsoluteSD2(PSECURITY_DESCRIPTOR_RELATIVE SelfRelativeSecurityDescriptor,
                              PULONG BufferSize)
 {
    UNIMPLEMENTED;
@@ -804,18 +709,18 @@ RtlSelfRelativeToAbsoluteSD2(PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor
  * @implemented
  */
 BOOLEAN STDCALL
-RtlValidRelativeSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptorInput,
+RtlValidRelativeSecurityDescriptor(IN PSECURITY_DESCRIPTOR_RELATIVE SecurityDescriptorInput,
                                    IN ULONG SecurityDescriptorLength,
                                    IN SECURITY_INFORMATION RequiredInformation)
 {
-   if (SecurityDescriptorLength < sizeof(SECURITY_DESCRIPTOR) ||
+   if (SecurityDescriptorLength < sizeof(SECURITY_DESCRIPTOR_RELATIVE) ||
        SecurityDescriptorInput->Revision != SECURITY_DESCRIPTOR_REVISION1 ||
        !(SecurityDescriptorInput->Control & SE_SELF_RELATIVE))
    {
       return FALSE;
    }
 
-   if (SecurityDescriptorInput->Owner != NULL)
+   if (SecurityDescriptorInput->Owner != 0)
    {
       PSID Owner = (PSID)((ULONG_PTR)SecurityDescriptorInput->Owner + (ULONG_PTR)SecurityDescriptorInput);
       if (!RtlValidSid(Owner))
@@ -828,7 +733,7 @@ RtlValidRelativeSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptorInp
       return FALSE;
    }
 
-   if (SecurityDescriptorInput->Group != NULL)
+   if (SecurityDescriptorInput->Group != 0)
    {
       PSID Group = (PSID)((ULONG_PTR)SecurityDescriptorInput->Group + (ULONG_PTR)SecurityDescriptorInput);
       if (!RtlValidSid(Group))
@@ -843,7 +748,7 @@ RtlValidRelativeSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptorInp
 
    if (SecurityDescriptorInput->Control & SE_DACL_PRESENT)
    {
-      if (SecurityDescriptorInput->Dacl != NULL &&
+      if (SecurityDescriptorInput->Dacl != 0 &&
           !RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Dacl + (ULONG_PTR)SecurityDescriptorInput)))
       {
          return FALSE;
@@ -856,7 +761,7 @@ RtlValidRelativeSecurityDescriptor(IN PSECURITY_DESCRIPTOR SecurityDescriptorInp
 
    if (SecurityDescriptorInput->Control & SE_SACL_PRESENT)
    {
-      if (SecurityDescriptorInput->Sacl != NULL &&
+      if (SecurityDescriptorInput->Sacl != 0 &&
           !RtlValidAcl((PACL)((ULONG_PTR)SecurityDescriptorInput->Sacl + (ULONG_PTR)SecurityDescriptorInput)))
       {
          return FALSE;
index ac62afe..47ec5ba 100644 (file)
@@ -126,7 +126,7 @@ SeCaptureSecurityDescriptor(
   ULONG OwnerSAC = 0, GroupSAC = 0;
   ULONG OwnerSize = 0, GroupSize = 0;
   ULONG SaclSize = 0, DaclSize = 0;
-  ULONG DescriptorSize = sizeof(SECURITY_DESCRIPTOR);
+  ULONG DescriptorSize = 0;
   NTSTATUS Status = STATUS_SUCCESS;
   
   if(OriginalSecurityDescriptor != NULL)
@@ -135,12 +135,49 @@ SeCaptureSecurityDescriptor(
     {
       _SEH_TRY
       {
+        /* first only probe and copy until the control field of the descriptor
+           to determine whether it's a self-relative descriptor */
+        DescriptorSize = (ULONG)((ULONG_PTR)&OriginalSecurityDescriptor->Control -
+                                 (ULONG_PTR)OriginalSecurityDescriptor) +
+                         sizeof(OriginalSecurityDescriptor->Control);
         ProbeForRead(OriginalSecurityDescriptor,
-                     sizeof(SECURITY_DESCRIPTOR),
+                     DescriptorSize,
                      sizeof(ULONG));
 
+        if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
+        {
+          Status = STATUS_UNKNOWN_REVISION;
+          _SEH_LEAVE;
+        }
+        
         /* make a copy on the stack */
-        DescriptorCopy = *OriginalSecurityDescriptor;
+        DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
+        DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
+        DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
+        DescriptorSize = ((DescriptorCopy.Control & SE_SELF_RELATIVE) ?
+                          sizeof(SECURITY_DESCRIPTOR_RELATIVE) : sizeof(SECURITY_DESCRIPTOR));
+
+        /* probe and copy the entire security descriptor structure. The SIDs
+           and ACLs will be probed and copied later though */
+        ProbeForRead(OriginalSecurityDescriptor,
+                     DescriptorSize,
+                     sizeof(ULONG));
+        if(DescriptorCopy.Control & SE_SELF_RELATIVE)
+        {
+          PSECURITY_DESCRIPTOR_RELATIVE RelSD = (PSECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
+          
+          DescriptorCopy.Owner = (PSID)RelSD->Owner;
+          DescriptorCopy.Group = (PSID)RelSD->Group;
+          DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
+          DescriptorCopy.Dacl = (PACL)RelSD->Dacl;
+        }
+        else
+        {
+          DescriptorCopy.Owner = OriginalSecurityDescriptor->Owner;
+          DescriptorCopy.Group = OriginalSecurityDescriptor->Group;
+          DescriptorCopy.Sacl = OriginalSecurityDescriptor->Sacl;
+          DescriptorCopy.Dacl = OriginalSecurityDescriptor->Dacl;
+        }
       }
       _SEH_HANDLE
       {
@@ -165,13 +202,33 @@ SeCaptureSecurityDescriptor(
     }
     else
     {
+      if(OriginalSecurityDescriptor->Revision != SECURITY_DESCRIPTOR_REVISION1)
+      {
+        return STATUS_UNKNOWN_REVISION;
+      }
+      
       /* make a copy on the stack */
-      DescriptorCopy = *OriginalSecurityDescriptor;
-    }
-    
-    if(DescriptorCopy.Revision != SECURITY_DESCRIPTOR_REVISION1)
-    {
-      return STATUS_UNKNOWN_REVISION;
+      DescriptorCopy.Revision = OriginalSecurityDescriptor->Revision;
+      DescriptorCopy.Sbz1 = OriginalSecurityDescriptor->Sbz1;
+      DescriptorCopy.Control = OriginalSecurityDescriptor->Control;
+      DescriptorSize = ((DescriptorCopy.Control & SE_SELF_RELATIVE) ?
+                        sizeof(SECURITY_DESCRIPTOR_RELATIVE) : sizeof(SECURITY_DESCRIPTOR));
+      if(DescriptorCopy.Control & SE_SELF_RELATIVE)
+      {
+        PSECURITY_DESCRIPTOR_RELATIVE RelSD = (PSECURITY_DESCRIPTOR_RELATIVE)OriginalSecurityDescriptor;
+
+        DescriptorCopy.Owner = (PSID)RelSD->Owner;
+        DescriptorCopy.Group = (PSID)RelSD->Group;
+        DescriptorCopy.Sacl = (PACL)RelSD->Sacl;
+        DescriptorCopy.Dacl = (PACL)RelSD->Dacl;
+      }
+      else
+      {
+        DescriptorCopy.Owner = OriginalSecurityDescriptor->Owner;
+        DescriptorCopy.Group = OriginalSecurityDescriptor->Group;
+        DescriptorCopy.Sacl = OriginalSecurityDescriptor->Sacl;
+        DescriptorCopy.Dacl = OriginalSecurityDescriptor->Dacl;
+      }
     }
     
     if(DescriptorCopy.Control & SE_SELF_RELATIVE)
@@ -377,10 +434,11 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
                              IN PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor OPTIONAL)
 {
   PSECURITY_DESCRIPTOR ObjectSd;
-  PSID Owner = 0;
-  PSID Group = 0;
-  PACL Dacl = 0;
-  PACL Sacl = 0;
+  PSECURITY_DESCRIPTOR_RELATIVE RelSD;
+  PSID Owner = NULL;
+  PSID Group = NULL;
+  PACL Dacl = NULL;
+  PACL Sacl = NULL;
   ULONG OwnerLength = 0;
   ULONG GroupLength = 0;
   ULONG DaclLength = 0;
@@ -388,19 +446,20 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
   ULONG Control = 0;
   ULONG_PTR Current;
   ULONG SdLength;
+  
+  RelSD = (PSECURITY_DESCRIPTOR_RELATIVE)SecurityDescriptor;
 
   if (*ObjectsSecurityDescriptor == NULL)
     {
-      if (*Length < sizeof(SECURITY_DESCRIPTOR))
+      if (*Length < sizeof(SECURITY_DESCRIPTOR_RELATIVE))
        {
-         *Length = sizeof(SECURITY_DESCRIPTOR);
+         *Length = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
          return STATUS_BUFFER_TOO_SMALL;
        }
 
-      *Length = sizeof(SECURITY_DESCRIPTOR);
-      RtlCreateSecurityDescriptor(SecurityDescriptor,
-                                 SECURITY_DESCRIPTOR_REVISION);
-      SecurityDescriptor->Control |= SE_SELF_RELATIVE;
+      *Length = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
+      RtlCreateSecurityDescriptorRelative(RelSD,
+                                         SECURITY_DESCRIPTOR_REVISION);
       return STATUS_SUCCESS;
     }
 
@@ -447,26 +506,26 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
     }
 
   SdLength = OwnerLength + GroupLength + DaclLength +
-            SaclLength + sizeof(SECURITY_DESCRIPTOR);
-  if (*Length < sizeof(SECURITY_DESCRIPTOR))
+            SaclLength + sizeof(SECURITY_DESCRIPTOR_RELATIVE);
+  if (*Length < SdLength)
     {
       *Length = SdLength;
       return STATUS_BUFFER_TOO_SMALL;
     }
 
   /* Build the new security descrtiptor */
-  RtlCreateSecurityDescriptor(SecurityDescriptor,
-                             SECURITY_DESCRIPTOR_REVISION);
-  SecurityDescriptor->Control = Control;
+  RtlCreateSecurityDescriptorRelative(RelSD,
+                                     SECURITY_DESCRIPTOR_REVISION);
+  RelSD->Control = Control;
 
-  Current = (ULONG_PTR)SecurityDescriptor + sizeof(SECURITY_DESCRIPTOR);
+  Current = (ULONG_PTR)(RelSD + 1);
 
   if (OwnerLength != 0)
     {
       RtlCopyMemory((PVOID)Current,
                    Owner,
                    OwnerLength);
-      SecurityDescriptor->Owner = (PSID)(Current - (ULONG_PTR)SecurityDescriptor);
+      RelSD->Owner = (ULONG)(Current - (ULONG_PTR)SecurityDescriptor);
       Current += OwnerLength;
     }
 
@@ -475,7 +534,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
       RtlCopyMemory((PVOID)Current,
                    Group,
                    GroupLength);
-      SecurityDescriptor->Group = (PSID)(Current - (ULONG_PTR)SecurityDescriptor);
+      RelSD->Group = (ULONG)(Current - (ULONG_PTR)SecurityDescriptor);
       Current += GroupLength;
     }
 
@@ -484,7 +543,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
       RtlCopyMemory((PVOID)Current,
                    Dacl,
                    DaclLength);
-      SecurityDescriptor->Dacl = (PACL)(Current - (ULONG_PTR)SecurityDescriptor);
+      RelSD->Dacl = (ULONG)(Current - (ULONG_PTR)SecurityDescriptor);
       Current += DaclLength;
     }
 
@@ -493,7 +552,7 @@ SeQuerySecurityDescriptorInfo(IN PSECURITY_INFORMATION SecurityInformation,
       RtlCopyMemory((PVOID)Current,
                    Sacl,
                    SaclLength);
-      SecurityDescriptor->Sacl = (PACL)(Current - (ULONG_PTR)SecurityDescriptor);
+      RelSD->Sacl = (ULONG)(Current - (ULONG_PTR)SecurityDescriptor);
       Current += SaclLength;
     }
 
index fe7bb99..3d8b2ec 100644 (file)
@@ -3347,9 +3347,9 @@ NTSYSAPI
 NTSTATUS
 NTAPI
 RtlAbsoluteToSelfRelativeSD (
-    IN PSECURITY_DESCRIPTOR     AbsoluteSecurityDescriptor,
-    IN OUT PSECURITY_DESCRIPTOR SelfRelativeSecurityDescriptor,
-    IN PULONG                   BufferLength
+    IN PSECURITY_DESCRIPTOR              AbsoluteSecurityDescriptor,
+    IN OUT PSECURITY_DESCRIPTOR_RELATIVE SelfRelativeSecurityDescriptor,
+    IN PULONG                            BufferLength
 );
 
 NTSYSAPI
@@ -3593,17 +3593,17 @@ NTSYSAPI
 NTSTATUS
 NTAPI
 RtlSelfRelativeToAbsoluteSD (
-    IN PSECURITY_DESCRIPTOR     SelfRelativeSD,
-    OUT PSECURITY_DESCRIPTOR    AbsoluteSD,
-    IN PULONG                   AbsoluteSDSize,
-    IN PACL                     Dacl,
-    IN PULONG                   DaclSize,
-    IN PACL                     Sacl,
-    IN PULONG                   SaclSize,
-    IN PSID                     Owner,
-    IN PULONG                   OwnerSize,
-    IN PSID                     PrimaryGroup,
-    IN PULONG                   PrimaryGroupSize
+    IN PSECURITY_DESCRIPTOR_RELATIVE SelfRelativeSD,
+    OUT PSECURITY_DESCRIPTOR         AbsoluteSD,
+    IN PULONG                        AbsoluteSDSize,
+    IN PACL                          Dacl,
+    IN PULONG                        DaclSize,
+    IN PACL                          Sacl,
+    IN PULONG                        SaclSize,
+    IN PSID                          Owner,
+    IN PULONG                        OwnerSize,
+    IN PSID                          PrimaryGroup,
+    IN PULONG                        PrimaryGroupSize
 );
 
 #endif /* (VER_PRODUCTBUILD >= 2195) */
index 2d3dd81..65b707d 100644 (file)
@@ -5223,7 +5223,7 @@ NTOSAPI
 BOOLEAN
 DDKAPI
 RtlValidRelativeSecurityDescriptor(
-  IN PSECURITY_DESCRIPTOR  SecurityDescriptorInput,
+  IN PSECURITY_DESCRIPTOR_RELATIVE  SecurityDescriptorInput,
   IN ULONG  SecurityDescriptorLength,
   IN SECURITY_INFORMATION  RequiredInformation);
 
index 56f3ef0..3ad766c 100644 (file)
@@ -2118,6 +2118,15 @@ typedef struct _SECURITY_DESCRIPTOR {
        PACL Sacl;
        PACL Dacl;
 } SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
+typedef struct _SECURITY_DESCRIPTOR_RELATIVE {
+       UCHAR  Revision;
+       UCHAR  Sbz1;
+       SECURITY_DESCRIPTOR_CONTROL Control;
+       ULONG Owner;
+       ULONG Group;
+       ULONG Sacl;
+       ULONG Dacl;
+} SECURITY_DESCRIPTOR_RELATIVE, *PSECURITY_DESCRIPTOR_RELATIVE, *PISECURITY_DESCRIPTOR_RELATIVE;
 typedef enum _TOKEN_INFORMATION_CLASS {
        TokenUser=1,TokenGroups,TokenPrivileges,TokenOwner,
        TokenPrimaryGroup,TokenDefaultDacl,TokenSource,TokenType,