Nikolay Sivov : advapi32: Fix CheckTokenMemberShip for primary tokens. - wine-commits

2 Aug 2011

Module: wine
Branch: master
Commit: 5290766ae0826e506b944b42944a5468bb79fa5c
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=5290766ae0826e506b944b4294...
Author: Nikolay Sivov nsivov@codeweavers.com
Date:   Tue Aug  2 02:12:51 2011 +0400
advapi32: Fix CheckTokenMemberShip for primary tokens.
---
dlls/advapi32/security.c       |   13 +++++++++++++
 dlls/advapi32/tests/security.c |    6 ++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index c3454a8..e4953d0 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -607,6 +607,19 @@ CheckTokenMembership( HANDLE token, PSID sid_to_check,
         }
         token = thread_token;
     }
+    else
+    {
+        TOKEN_TYPE type;
+
+        ret = GetTokenInformation(token, TokenType, &type, sizeof(TOKEN_TYPE), &size);
+        if (!ret) goto exit;
+
+        if (type == TokenPrimary)
+        {
+            SetLastError(ERROR_NO_IMPERSONATION_TOKEN);
+            return FALSE;
+        }
+    }
ret = GetTokenInformation(token, TokenGroups, NULL, 0, &size);
     if (!ret && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 6a9a1d2..931f912 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3637,21 +3637,23 @@ static void test_CheckTokenMembership(void)
         return;
     }
+    is_member = FALSE;
     ret = pCheckTokenMembership(token, token_groups->Groups[i].Sid, &is_member);
     ok(ret, "CheckTokenMembership failed with error %d\n", GetLastError());
     ok(is_member, "CheckTokenMembership should have detected sid as member\n");
+    is_member = FALSE;
     ret = pCheckTokenMembership(NULL, token_groups->Groups[i].Sid, &is_member);
     ok(ret, "CheckTokenMembership failed with error %d\n", GetLastError());
     ok(is_member, "CheckTokenMembership should have detected sid as member\n");
+    is_member = TRUE;
+    SetLastError(0xdeadbeef);
     ret = pCheckTokenMembership(process_token, token_groups->Groups[i].Sid, &is_member);
-todo_wine {
     ok(!ret && GetLastError() == ERROR_NO_IMPERSONATION_TOKEN,
         "CheckTokenMembership with process token %s with error %d\n",
         ret ? "succeeded" : "failed", GetLastError());
     ok(!is_member, "CheckTokenMembership should have cleared is_member\n");
-}
HeapFree(GetProcessHeap(), 0, token_groups);
     CloseHandle(token);

    