[PATCH v2 1/2] advapi32/tests: Add some tests for querying the security of pseudo-handles.
Signed-off-by: Zebediah Figura <z.figura12(a)gmail.com> --- v2: Add tests for NtQuerySecurityObject(); also fix a warning. dlls/advapi32/tests/security.c | 39 ++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c index 020e69277e0..40fd1316624 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -7878,6 +7878,44 @@ static void test_create_process_token_child(void) } } +static void test_pseudo_handle_security(void) +{ + char buffer[200]; + PSECURITY_DESCRIPTOR sd = buffer, sd_ptr; + NTSTATUS status; + DWORD size; + BOOL ret; + + ret = GetKernelObjectSecurity(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(ret, "got error %u\n", GetLastError()); + + status = NtQuerySecurityObject(GetCurrentProcess(), OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(!status, "got %#x\n", status); + + ret = GetKernelObjectSecurity(GetCurrentThread(), OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(ret, "got error %u\n", GetLastError()); + + status = NtQuerySecurityObject(GetCurrentThread(), OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(!status, "got %#x\n", status); + + SetLastError(0xdeadbeef); + ret = GetKernelObjectSecurity(HKEY_CLASSES_ROOT, OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(!ret, "expected failure\n"); + ok(GetLastError() == ERROR_INVALID_HANDLE, "got error %u\n", GetLastError()); + + status = NtQuerySecurityObject(HKEY_CLASSES_ROOT, OWNER_SECURITY_INFORMATION, &sd, sizeof(buffer), &size); + ok(status == STATUS_INVALID_HANDLE, "got %#x\n", status); + + ret = GetSecurityInfo(HKEY_CLASSES_ROOT, SE_REGISTRY_KEY, + DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &sd_ptr); + todo_wine ok(!ret, "got error %u\n", ret); + LocalFree(sd_ptr); + + ret = GetSecurityInfo(HKEY_CLASSES_ROOT, SE_KERNEL_OBJECT, + DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &sd_ptr); + ok(ret == ERROR_INVALID_HANDLE, "got error %u\n", ret); +} + START_TEST(security) { init(); @@ -7940,6 +7978,7 @@ START_TEST(security) test_BuildSecurityDescriptorW(); test_duplicate_handle_access(); test_create_process_token(); + test_pseudo_handle_security(); /* Must be the last test, modifies process token */ test_token_security_descriptor(); -- 2.30.0
This fixes a message box with the ASCOM Platform installer. Signed-off-by: Zebediah Figura <z.figura12(a)gmail.com> --- dlls/advapi32/security.c | 31 ++++++++++++++++++++++++++++++- dlls/advapi32/tests/security.c | 2 +- 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c index a01791bbf0b..d6b69483f68 100644 --- a/dlls/advapi32/security.c +++ b/dlls/advapi32/security.c @@ -1467,6 +1467,9 @@ BOOL WINAPI PrivilegedServiceAuditAlarmA( LPCSTR SubsystemName, LPCSTR ServiceNa return TRUE; } +#define HKEY_SPECIAL_ROOT_FIRST HKEY_CLASSES_ROOT +#define HKEY_SPECIAL_ROOT_LAST HKEY_DYN_DATA + /****************************************************************************** * GetSecurityInfo [ADVAPI32.@] * @@ -1522,17 +1525,43 @@ DWORD WINAPI GetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE type, SECURITY_INFOR } else { + HKEY key = NULL; + + if (type == SE_REGISTRY_KEY && (HandleToUlong(handle) >= HandleToUlong(HKEY_SPECIAL_ROOT_FIRST)) + && (HandleToUlong(handle) <= HandleToUlong(HKEY_SPECIAL_ROOT_LAST))) + { + REGSAM access = READ_CONTROL; + DWORD ret; + + if (SecurityInfo & SACL_SECURITY_INFORMATION) + access |= ACCESS_SYSTEM_SECURITY; + + if ((ret = RegOpenKeyExW( handle, L"\\", 0, access, &key ))) + return ret; + + handle = key; + } + status = NtQuerySecurityObject( handle, SecurityInfo, NULL, 0, &size ); if (status != STATUS_SUCCESS && status != STATUS_BUFFER_TOO_SMALL) + { + RegCloseKey( key ); return RtlNtStatusToDosError( status ); + } - if (!(sd = LocalAlloc( 0, size ))) return ERROR_NOT_ENOUGH_MEMORY; + if (!(sd = LocalAlloc( 0, size ))) + { + RegCloseKey( key ); + return ERROR_NOT_ENOUGH_MEMORY; + } if ((status = NtQuerySecurityObject( handle, SecurityInfo, sd, size, &size ))) { + RegCloseKey( key ); LocalFree(sd); return RtlNtStatusToDosError( status ); } + RegCloseKey( key ); } if (ppsidOwner) diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c index 40fd1316624..a9bc30db342 100644 --- a/dlls/advapi32/tests/security.c +++ b/dlls/advapi32/tests/security.c @@ -7908,7 +7908,7 @@ static void test_pseudo_handle_security(void) ret = GetSecurityInfo(HKEY_CLASSES_ROOT, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL, &sd_ptr); - todo_wine ok(!ret, "got error %u\n", ret); + ok(!ret, "got error %u\n", ret); LocalFree(sd_ptr); ret = GetSecurityInfo(HKEY_CLASSES_ROOT, SE_KERNEL_OBJECT, -- 2.30.0
participants (1)
-
Zebediah Figura